Breaking up electronic communications into various pieces could be the key to ensuring greater security on mobile wireless networks, according to a Ryerson University professor.
Along with research colleagues in the U.S. and India, Isaac Woungang, assistant professor in Ryerson’s Department of Computer Science, has begun developing a multi-path routing system that will break up and encrypt wirelessly sent e-mails and data files.
“Most of the work on message security has been focused on developing application-specific cryptographic security schemes,” Woungang said. “This new methodology is embedding security into the message routing.”
Besides breaking up the messages into small pieces and individually encrypting them, the system also sends each message on a variety of paths to reach its destination. Woungang said this acts as a trust mechanism because it makes it difficult for malicious intruders to gain access to a relevant amount of the message.
Each encrypted piece (and message delivery node) is also assigned a trust level, based on specific criteria laid out by the network. As the message passes along this route, security is reexamined at every stage to ensure trustworthiness. Less trusted delivery nodes, Woungang added, are given a smaller number of message pieces to handle.
Woungang said that despite the fact that both the multi-path routing system and the trust mechanism are still in the initial stages, the system has been fairly functional during his tests.
“Through our simulations we found that most of the pieces arrive at the destination, but sometimes we find missing pieces when reconstructing the message,” he said. “The trust mechanism also needs to be a little stronger. Overall, though, the performance has been pretty good.”
Analyst reaction to the project was largely positive, although some analysts questioned the need for yet another encryption scheme.
“We have layers two, three and four encryption – do we need more?” David Senf, director of security and software research at Toronto-based IDC Canada, asked.
This issue aside, Senf said mobility is growing and security is lacking, which makes this kind of research valuable. The most interesting aspect of the project, he said – and a sorely lacking feature of all mobile and non-mobile network traffic – deals with the trustworthiness of senders. “But in the same way that a fraudster can ‘game’ an eBay auction and fake trust levels, so too I’d imagine, can a broad trust initiative at the node level be gamed,” he warned.
Mark Tauschek, senior research analyst at London, Ont.-based Info-Tech Research Group, said that the Ryerson project is very much like what the U.S. Department of Defense – specifically the Defense Advanced Research Projects Agency (DARPA) – has been working on to create delay/disruption tolerant networks (DTNs).
“It is quite brilliant from both a reliability and security perspective, and will likely evolve into the wireless mainstream over time as the technology is refined,” he added. “We are several years away from widespread use of DTNs, multi-path routing, and trust hierarchies in wireless networking, but I do think that this will eventually be the foundation of secure, reliable, wireless networking.”
Woungang said that while most mobile wireless networks are currently being used for communications in the emergency response, crisis management, military and health sectors, the system could been used in other areas. But only after the technology is perfected, he said, will his Ryerson research team look at developing the system with an outside company.
