Mobile Networks - Final Exam

Prof. J.-P. Hubaux June 28, 2012 Duration: 2 hours and 30 minutes Closed book with an aide-m emoire of at most 2 pages hand- or typewritten.

Please write your answers on these sheets. Extra sheets will be provided if necessary. (Put your name on them). Please write in a readable way. Unreadable handwriting will not be corrected. Please write your answers in English. The total number of exam points is 50. Your nal mark to this course will be round{min(6, (1 + exam score + average of the best 5 quiz scores))}.

This document contains 16 pages.

Student First name: Last name: 2 Communication Systems 2 Other (please indicate): . . . . . . . . . 2 Computer Science

Division:

Year:

2 Master Year 1 2 PhD Student

2 Master Year 2 Other (please indicate): . . . . . . . . .

(answers to the questions are shown in italic and blue) (grades in red)

WLAN

(6 points)

Consider an array of wireless nodes, running IEEE 802.11, are located on a straight line as shown below. Only the adjacent nodes on the line can hear each other (e.g., Node(1) and Node(3) are the only neighbors of Node (2)). Node(S ) Node(1) Node(2) Node(3) ... Node(n) The rst node (Node(S )) is a sink, i.e., it is considered to be the destination to all data packets generated by any other node. Assume that only one node (say, Node(i)) generates packets to the sink. Nodes run AODV, and hence forward each others packets. Assume that RTS/CTS is enabled. Plot the total throughput (of packets that arrive at sink) with respect to the sender nodes id (i.e., the senders hop-distance from the sink). Please complete the gure hereunder. Note: No justication is required to be given, however, please accurately mark the throughput level proportionally to the already depicted Node(1)s throughput.

Throughput 1

10

Number of hops

1 The throughput is 1 2 for Node(2) and 3 for Node(3), and it stabilizes for other nodes. Intuition: There is no competition between three-hop distance nodes.

Performance of WLAN

(10 points)

Bianchis model can be extended to take transmission errors (due to the channel) into account. Let p be the probability of packet drop. Let pe be the probability of bit error in data packets due to the channel error. Assume that ACK packets are always sent without bit error. Consider L as the length of the packets, N as the number of nodes, and m as the maximum backoff stage number. Question 1: Rewrite Bianchis system of 2 equations (for p and ). p = 1 (1 )N 1 (1 pe )L 2(12p) = (12p)(Wmin +1)+ pWmin (1(2p)m ) (3 pt) Question 2: Calculate the throughput in the saturation regime. In this case, the saturation throughput can be calculated as follows: = E [P ayload inf ormation transmitted in a slot time] E [Duration of slot time] Ps .Ptr .L = Ps .Ptr .Ts + (1 Ps ).Ptr .Tc + (1 Ptr )Tid

where Ts = DIF S + H + L + SIF S + ACK + 2 , Tc = DIF S + H + L + , and Tid is the duration of the idle period (a single slot time). Ptr = 1 (1 )N Ps = N (1 )N 1 (1 pe )L 1 (1 )N

(3 pt) Question 3: Assume that a packet is retransmitted indenitely until it is sent successfully. Compute the expected number of packet retransmissions (as a function of p and the states stationary probabilities bi,k ). It can be computed in two ways:
m1

(1 p)
i=1

i.bi,0 + bm1,0 .
i=0

(i + m).pi+1

(1) (2)

(1 p)
t=0

t.pt

(4 pt)

Antennas and Cellular Networks

(12 points)

Question 1: Line of sight propagation A well-known approximation for the optical line of sight in radio propagation is d = 3.57 h, where d is the distance between an antenna and the horizon in kilometers and h is the antenna height in meters. Using a value for the Earth radius r of 6370 km, derive this equation. Hints: (1) Assume that the antenna is perpendicular to the Earths surface, and note that the line from the top of the antenna to the horizon forms a tangent to the Earths surface at the horizon. Draw a picture showing the antenna, the line of sight and the Earths radius to help visualize the problem. (2) Assume that h2 is negligible with respect to any coefcient of h containing the Earths radius r.

d h r r

The gure above shows the base scenario for this question. By the Pythagorean theorem: d2 + r2 = (r + h)2 . Or, d2 = 2rh + h2 . The h2 term is negligible with respect to 2rh, so we use d2 = 2rh. Then, dkm = 2rkm hkm = 2rkm hkm /1000 = 2 6.37 hm = 3.57 hm . (3 pt) Question 2: Cellular networks frequency bands Two popular frequencies used by the GSM cellular network technology are the 900 MHz and 1800 MHz bands. Suppose a base station transmits 50 W of power. a. Express the transmit power in units of dBm and dBW. b. If the transmitters power is applied to a unity gain antenna with a 900 MHz carrier frequency, what is the received power in dBm at a free space distance of 100 m, assuming a unity gain receiver antenna? What is the received power in dBm with a carrier frequency of 1800 MHz, always at a free space distance of 100 m, with unity gain antennas? c. Repeat (b) for a distance of 10 km.

d. Repeat (b) for a distance of 10 km and the carrier frequency of 900 MHz, but assume a receiver antenna gain of 8 and a transmitter antenna gain of 1. e. Based on (a) and (b), give (in one sentence) a possible reason for which the 900 MHz spectrum is usually much more attractive to obtain by the mobile network operators than the 1800 MHz spectrum, especially in a country such as Switzerland.

a. The transmit power is PW = 50W , or equivalently PmW = 50.000mW . Therefore, PdbW = 10 log(PW ) = 10 log(50) = 17dBW , and PdBm = 10 log(PmW ) = 10 log(50.000) = 47 dBm. b. We have Pr = Pt Gt Gr c2 Pt = (4f d)2 L

where L is the free space path loss. Assuming Gt = Gr = 1, we have: For f = 900 MHz: LdB = 10 log( Pt = 20 log(f ) + 20 log(d) 147.56dB = 120 + 59.08 + 40 147.56 = 71.52dB Pr (3) (4)

Pr = 17 71.52 = 54.52dBW = 24.52dBm For f = 1800 MHz: LdB = 120 + 65.11 + 40 147.56 = 77.55dB Pr = 17 77.55 = 60.55dBW = 30.55dBm

(5) (6)

c. For f = 900M Hz : Pr = 17 (120 + 59.08 + 80 147.56) = 94.52dBW = 64.52dBm. For f = 1800M Hz : Pr = 17 (120+65.11+80 147.56) = 100.55dBW = 70.55dBm. d. Considering Gr = 8 or Gr = 10 log(8) = 9.03dBi, we have Pr = 94.52 + 9.03 = 85.49dBW = 55.49dBm (7)

e. As the path loss L depends on the square of the carrier frequency, by using f = 900M Hz it is possible to achieve the same coverage with a lower number of base stations (compared to f = 1800M Hz ), which reduces the costs for the operators especially in regions where it is expensive to set up base stations in remote mountain locations. (4.5 pt)

Question 3: Cellular network planning A new cellular service provider decided to employ a cluster of 19 cells as the basic module for frequency reuse. Let us dene the reuse distance as D and the cell radius as R. a. Can you identify one such cluster structure? Mark this structure (just the full set of cells, without numbering them) by lling the appropriate cells on Figure 1(a) below. b. Can you get an alternate cluster structure for part a.? If yes, what would change? You can mark the alternate cluster structure on Figure 1(b). c. What is the reuse distance D for the system of part a., as a function of R? d. Can you nd the worst-case co-channel interference in such a system, considering only rst-tier co-channel interferers with equal transmitter power Pt ? Hint: You should consider three different distances from the corner of a cell to the other interfering cells. Write the rst-tier co-channel interference as a function of D (the reuse distance), R (the radius of the cell) and the path-loss exponent .

(a)

(b)

Figure 1: Cellular network clusters.

a. 19-cell cluster i = 3, j = 2 N = 4 + 9 + 6 = 19. The cluster structure is shown in the following gure.

b. An alternative cluster will turn out to be the same, but seen from a different angle, i.e., with the shift parameters (i, j ) interchanged. It will have the same reuse distance as the 19-cell cluster pattern shown above. c. The reuse distance is D = 3N R = 57R = 7.55R. d. Let the reuse distance be D and the cell radius R. We have the following:

D+R D R D-R D D-R D+R

The co-channel interference for this scenario is S R 1 = = I 2(D R) + 2D + 2(D + R) 2(Q 1) + 2Q + 2(Q + 1) where Q = D/R = 57 = 7.55 (for N = 19). (5 pt)

Mobile IP

(4 points)

An alternative to Mobile IP A mobile host travels to foreign networks while retaining its home IP address. To support this, mobile hosts advertise their home IP address to foreign routers, who propagate this information to other routers during routing updates. Name two advantages and disadvantages of this scheme compared to Mobile IP.

Advantages

Disadvantages

Advantages Disadvantages + This enables more efficient routing than - The new scheme would propagate Mobile IP. Mobile IP suffers the routing updates slowly. inefficiency of triangle routing. - The new scheme requires modifying + Avoid the packet header overhead of routers. Routers would have to be encapsulation. modified to handle the new advertisements from hosts. + This is more fault tolerant than Mobile IP. The home agent in Mobile IP is a - If large numbers of mobile hosts use single point of failure. this scheme, routing tables would become very large. Every mobile host would + The mobile host does not need to create an entry in the routing table. allocate an address in the foreign Currently, this does not happen because network. all the hosts in a subnet can be aggregated into one routing table entry. - The new scheme does not preserve location privacy. Anyone can use traceroute to determine which network the mobile host is connected to, which may give away the mobile hosts geographic location.
(4 pt)

Wireless TCP

(6 points)

Question 1: What are the assumptions behind the standard TCP developed for wired networks? What characteristics of wireless networks contradict these assumptions? In wired networks, it is assumed that the packet loss is due to congestion and it happens rarely. Whereas, in wireless networks, due to the medium of the communication (air), packet loss may occur frequently and bit error rates are high. In addition, mobile hosts disconnect and reconnect to the network frequently as well. These characteristics of wireless networks contradict the aforementioned assumptions. (1 pt)

Question 2: Explain the effect of disconnection of a Mobile Host (running IEEE 802.11 and standard TCP) during one session, from access point AP1 and connection to access Point AP2. The Mobile Host (MH) moves out of range of AP1, at which point packets from MH are not delivered to AP1 and the end node which MH communicates with via TCP. As a result, even if MH were the only node within range of the AP, MH s window is unnecessarily shrunk by TCP. When MH gets in range of AP2 and re-establishes its connection, it will resume transmitting with a small window size, thus achieving lower throughput than it could (again, assuming for example MH being the only node within range of AP2). (1.5 pts)

Question 3: What is the main difference between TCP-Reno and TCP-New Reno? Explain briey. Which one performs better in case of multiple packet losses? Justify your answer. Both enter Fast recovery when triple duplicate ACKs are received. After that, TCP-New Reno remains in fast recovery as long as another duplicate ACK is received. Whenever a partial ACK is received, TCP-Reno enters congestion avoidance. TCP-New Reno enters congestion avoidance only after all the packets sent before fast recovery phase are acknowledged. TCP-New Reno performs better in case of multiple packet losses, because TCP-Reno enters congestion avoidance whenever a partial ACK is received, yet it means that there are still lost packets after the received ACK, and therefore there will be another set of triple ACKs. This causes TCP-Reno to oscillate between congestion avoidance and fast recovery (i.e., it shrinks its congestion window unnecessarily), whereas TCP-New Reno stably increases the congestion window for each duplicate or partial ACK in the fast recovery. (2 pts)

10

Question 4: Consider a correspondent host (CH) (in the wired part of a network), that sends packets to a mobile host (MH) which is connected to an access point AP. Briey explain S-TCP (Snooping TCP) in such a scenario. Does it preserve end-to-end semantics? What happens if FA crashes? In S-TCP, FA buffers the packets received from CH and forwards them to MH. It has a lower transmission timeout w.r.t. CH, thus, whenever a packet is lost on the wireless channel, MH sends triple ACKs and FA retransmits the lost packet to MH. Hence, CH does not decrease its window. S-TCP preserves end-to-end semantics, because FA just monitors the TCP trafc and only retransmits packets to MH in case of packet loss. If FA crashes, CH will time out and simply detect the disconnection. (1.5 pts)

11

Security

(7 points)

Consider a wireless setting, where each host H is provided a digital certicate signed by a trusted authority for his public/private key pair (KH , KH ). Public keys are used to initialize connections and exchange session keys, because encrypted communication based on public-key cryptography is costly. Assume that the certicates are available to anyone upon request. For initializing a communication session to host B , host A follows the protocol below. First, A generates a (symmetric) session key kAB and prepares his rst message m1 . Then, he encrypts m1 using kAB and also encrypts kAB using B s public key KB . After that, he initializes the connection by sending EkAB (m1 ) and EKB (kAB ) to B . Then, B rst decrypts the message EKB (kAB ) with his private key KB and retrieves session key kAB and, using it, he decrypts EkAB (m1 ) and obtains m1 . Afterwards he sends his message m2 , encrypted using kAB and the communication continues with mutual exchanges of EkAB (mi ). A message m1 generate session key kAB B

A Ek

AB

(m1 ) EK (kAB ) B
/

kAB = DK (EKB (kAB )) B m1 = DkAB (EkAB (m1 )) generate m2

o

Ek

AB

(m2 )
. . .

Question 1: Does this protocol provide the following properties? Briey explain each. Condentiality: Yes, because the communication is encrypted and neither the session key nor the secret key of hosts can be obtained by an adversary. (0.5 pt) Authentication (if yes, one-way authentication or two-way authentication?): It provides one-way authentication. Since B s certicate is signed by a trusted authority, A knows that only B can decrypt the session key. Therefore, B is authenticated to A; the opposite is not true. (0.5 pt) Message integrity: No, because there is no MAC or hash of message content in the packets. An adversary can easily alter the message and the recipient wont be able to detect it. (0.5 pt)

12

Question 2: Is this protocol vulnerable to the following attacks? Justify your answer. Replay attack: Yes, it is possible. The adversary can initiate a session with B by using old initiation messages of A. B will think that he is talking to A, but the adversary cannot decrypt the messages, because he cannot obtain the session key kAB . (1 pt) Impersonation: Yes. Since this protocol provides only one-way authentication, and the session initiator is not authenticated, an adversary can generate a session key himself and impersonate A while communicating to B . (1 pt) Man-in-the-middle attack (Hint: An active adversary can initiate or end sessions.): Yes. Due to the vulnerability against impersonation, an adversary can initiate two different sessions with A and B , telling them that he is B and A, respectively. He can forward the packets by decrypting and encrypting using the corresponding session keys and read the messages. (1 pt)

Question 3: Explain how we can improve this protocol in order to eliminate the vulnerabilities based on your answer to question 2? Most of the vulnerabilities arise from the fact that only one-way authentication is provided. In order to ensure two-way authentication, A has to sign the session key kAB , so that B can verify it using As certicate: signK (kAB ). It is important to encrypt signK (kAB ), otherwise an adversary can just A A sniff it and apply encryption using As public key KA to obtain kAB . To improve the protocol even further, message integrity should be provided. This can be done using a hash function h on the messages and appending it to the packets. Note that, it is not necessary to encrypt the hash values of messages, as an adversary cannot obtain the message content from it. Yet, the more a hash function is used, the more it is possible to nd collision that would reduce the security of the hash function. Therefore, it may be a good practice to include the hash values in encryption (not represented hereafter). Additionally, to thwart replay attacks, A can add a timestamp/nonce in his messages, such that B will know that its a fresh session. Below is a xed version of the protocol. A B

A Ek (m1 ) h(m1 ) EK (kAB , nonce, signK (kAB )) B AB A

/ o

B Ek

AB

(m2 , nonce) h(m2 )

13

(2.5 pts)

Privacy

(5 points)

Consider the tree-based private authentication for RFID tags. Let the tree be a binary tree with depth d, with the exception that it has 3 branches at the last level (i.e. leaf nodes). Assume that 3 tags are compromised. Question 1: Find the position of the compromised tags on the example tree below, that maximize the average size of the anonymity set and show the partitions. Explain why in 1 sentence.

Solution: The anonymity set size becomes maximum when the compromised tags have maximum number of shared keys as illustrated in the following gure (compromised tags are darker).

(1 pt)

Question 2: Compute the maximum value of the average size of the anonymity set for depth d.

14

Each compromised tag constitutes an anonymity set of size 1. The rest is partitioned based on the shared compromised keys in the tree. Also, 3 2d1 tags are supported by this kind of tree. 1 (12 + 12 + 12 + 32 + 62 + ... + 32 (2d2 )2 ) 3 2d1 1 = (12 + 12 + 12 + 32 (20 )2 + 32 (21 )2 + ... + 32 (2d2 )2 ) 3 2d1 1 (22d 22 )) + 3 32 ( 12 = 3 2d1 1 2 d 22 ) + 1 2 (2 = 2 2d1 2 d 1 (2 1) + 1 = d 2 1 d1 =2

= S

(4 pt)

15

16