Improving the security of SNMP in wireless networks

Author

Otrok, H. ; Mourad, A. ; Debbabi, M. ; Assi, C.

Author_Institution

Lab. of Comput. Sci., Concordia Univ., Montreal, Que., Canada

Volume

1

fYear

2005

fDate

13-16 June 2005

Firstpage

198

Abstract

Simple network management protocol (SNMP) is widely used for monitoring and managing computers and network devices on wired and wireless network. SNMPv1 and v2 do not provide security when managing agents. Three very important security features (authentication, encryption, access control) are added to SNMPv3 under the user-based security model (USM). Symmetric cryptography is used for encryption and one-way cryptography is used for authentication. The two keys used for encryption and authentication are derived from the shared password between the manager and agent. In this paper, we are addressing (1) the problem of one way authentication that leads to the man-in-the-middle attack and (2) the vulnerability pertaining to the password update method of SNMPv3. We propose to use certification authority for two-way authentication and Diffie-Hellman algorithm for key exchange to mitigate the impacts of these problems.

Keywords

cryptography; protocols; radio networks; telecommunication network management; Diffie-Hellman algorithm; access control; encryption; key exchange; password update method; simple network management protocol; symmetric cryptography; two-way authentication; user-based security model; wireless networks; Access control; Access protocols; Authentication; Computer network management; Computer networks; Computerized monitoring; Cryptographic protocols; Cryptography; Wireless application protocol; Wireless networks; Certification Authority; Diffie-Hellman; SNMPV3;

fLanguage

English

Publisher

ieee

Conference_Titel

Wireless Networks, Communications and Mobile Computing, 2005 International Conference on

Print_ISBN

0-7803-9305-8

Type

conf

DOI

10.1109/WIRLES.2005.1549409

Filename

1549409