Preface

We first signed the book contract with Wiley in early 2006. Three years after signing this book contract, we only completed one third of the contents for the whole originally planned book, because of underestimating the challenges on writing such a specialized book. When the first author, Yi Qian, joined the faculty of the Department of Electrical and Computer Engineering at University of Nebraska-Lincoln in August 2009, he created a new course on wireless network security for the department. He has been teaching the wireless network security course in the same department every year in the spring semester since then. When preparing the course materials for wireless network security each year, we feel more and more strongly to have such a comprehensive textbook on wireless network security. In 2015, we signed the revised contract with Wiley and jointly with IEEE Press, and Feng Ye was added as a new co-author when he just received his Ph.D. degree in the Department of Electrical and Computer Engineering at University of Nebraska-Lincoln. We have been improving the contents of the wireless network security course every year, and gradually finished more chapters of the book. Fifteen years after first signing the contract and 12 years after teaching the same course, with over several thousands of hours joint efforts from all the three co-authors, we are very pleased that we have completed the first edition of "Security in Wireless Communication Networks" and published by Wiley/IEEE Press in 2021.

This book intends to be a self-contained and one semester textbook for both undergraduate senior level and graduate level courses. There are five parts with 15 chapters in the book. Part I, Introduction and Mathematics Background, includes the first three chapters on general introduction on computer communication networks and wireless networks, basic concepts on network security, and a brief review of the mathematical background that is needed to understand the rest of the chapters. Part II, Cryptographic Systems, includes the next three chapters on cryptographic techniques for both symmetric and public key crypto systems, as well as message authentication, digital signature, and key management. Part III, Security for Wireless Local Area Networks, includes four chapters on Wi-Fi security, Bluetooth security, Zigbee security, and RFID security. Part IV, Security for Wireless Wide Area Networks, includes three chapters on GSM security, UMTS security, and LTE security. Part V, Security for Next Generation Wireless Networks, includes two chapters on 5G wireless network security, and vehicular communication network security. In the following is a brief introduction for each of the fifteen chapters.

Chapter 1 delivers the general concept of computer networks, highlights the role of wireless communications in the whole picture of networking architecture, and classifies the wireless systems based on coverage, topology, and mobility. This chapter serves as a precursor to the rest of the book by providing the background of different types of wireless networks, including wireless personal area networks (WPAN), wireless local area networks (WLAN), and wireless wide area networks (WWAN). It also explains the security threats in wireless networks and discusses the relationship between network security and wireless security.

Chapter 2 gives an overview on the security concepts used in the rest of this book, including security attacks, security services, and security mechanisms. It first presents the classification of security attacks in terms of passive attacks (e.g. eavesdropping and traffic analysis) and active attacks (e.g. masquerade, replay, modification, and denial of service). It then introduces security services, or the features in system design against possible security attacks, such as confidentiality, integrity, availability, access control, authentication, and non-repudiation. Finally, to provide security service in a system, a list of popular security mechanisms, such as the encipherment, digital signature, etc., is discussed in the remaining part of the chapter.

Chapter 3 goes into the mathematical background related to wireless security, including number theory and modern algebra, modular arithmetic and divisors, finite fields, polynomial arithmetic, Fermat's little theorem, Euler's totient function, Euler's theory, etc. The aforementioned knowledge is critical for the ones to understand cryptography, such as advanced encryption standards and public-key cryptographic systems. In addition, the fundamental principles and exemplary cases are concisely presented from the perspective of mathematics.

After the mathematical background, Chapters 4 and 5 deal with cryptographic techniques. Chapter 4 first introduces several symmetric key cryptographic techniques by illustrating a few classical cryptographic algorithms with substitution and transposition techniques. It then presents the basic concept of modern stream/block cipher as well as Feistel cipher structure. Chapter 5 explains more cryptographic techniques using block ciphers and public key algorithms, including advanced encryption standard, block cipher mode of operations, public key infrastructure, RSA algorithm, etc.

Chapter 6 introduces message authentication and digital signature to protect the integrity of a message and the identity of a sender and a receiver, respectively. First, this chapter discusses MAC and hash functions thoroughly, both widely used to provide message authentication. Then, it goes into the characteristics of digital signature and a series of digital signature standards such as DSA, RSA, and ECDSA. These can protect the sender and receiver against each other. Within the aforementioned mechanisms, key management and distribution play a critical role. The rest of the chapter gives a general idea and some examples of key management schemes. Both symmetric and asymmetric key distributions have been illustrated. The key distribution mechanisms adopt symmetric and public key mechanisms for different purposes. Besides, practical communication systems with massive users need hierarchical key distribution mechanisms. Readers are expected to understand the basic concepts of the cryptographic techniques illustrated in Chapter 5 and Chapter 6. These algorithms will be seen in the wireless systems introduced in the later chapters. The background of the advanced mathematical contents, such as elliptic curve Diffie-Hellman key exchange and elliptic curve digital signature, etc., may be skipped.

The remaining chapters from 7 to 15 focus on the security of specific wireless communication systems, covering different scales of networks and different technologies including WLAN, Bluetooth, ZigBee, RFID, GSM, UMTS, LTE, and 5G. As the emerging vehicle-to-everything (V2X) communications are receiving great attention, the fifteenth chapter especially discusses the security of V2X communications.

Chapter 7 discusses the security of Wireless Local Area Networks (WLAN) or interchangeably Wi-Fi nowadays. It starts with an introduction of WLAN in terms of operating modes and security challenges. WLAN is more vulnerable to attacks than wired connections due to the lack of physical connections. It illustrates a few generations of WLAN security protocols, which evolved from the original Wired Equivalent Privacy defined by the IEEE 802.11, Wi-Fi Protected Access (WPA), WPA2, to the recent WPA3 to improve the security. It also analyzes the implementation details of these security protocols.

Chapter 8 deals with Bluetooth security. Bluetooth is an open standard designed for wireless personal area networks (WPAN). Bluetooth technology enables many wireless devices, such as smartwatches, wireless headphones, wireless keyboards, etc. Bluetooth standard specifies authentication, authorization, and confidentiality for securing data transmission. In this chapter, it analyzes the security mode, trust level, and service level configurations that enable flexibility of Bluetooth security policies and highlight that Bluetooth specifications do not ensure secure connections from all adversary penetrations. If using Bluetooth technology in an organization, it is important to develop security policies to address the use of Bluetooth-enabled devices and the responsibilities of users.

Chapter 9 discusses the security of Zigbee. It first gives an overview of Zigbee standards related to different network layers, and then mainly analyzes the key cryptographic mechanisms. As Zigbee adopts symmetric-key cryptographic mechanisms, it especially emphasizes that the secure storage and distribution of keys is the premise of ensuring the security of Zigbee. In practice, the security provided by Zigbee standards is not enough. For example, if a Zigbee device joins a network, intruders can intercept unprotected keys. Moreover, an attacker may easily get physical access to a Zigbee device and extract privileged information due to the low-cost nature. The security must be carefully considered to provide those applications.

Chapter 10 deals with the security of RFID. It first gives an overview of RFID subsystems, different types of RFID tags, and the frequency bands. It then analyzes the security attacks, risks, and security objectives of RFID systems. RFID systems are vulnerable to some attacks (e.g. counterfeit tag, eavesdropping, and electronic collisions) and privacy risks (e.g. disclosure of location information of users). The security objectives of the RFID system include confidentiality, integrity,...