1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.

Slides:

Advertisements

Similar presentations

Wireless Security By Robert Peterson M.S. C.E. Cryptographic Protocols University of Florida College of Information Sciences & Engineering.

Advertisements

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005

Your Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

1 MD5 Cracking One way hash. Used in online passwords and file verification.

無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

COMP4690, HKBU1 Security of COMP4690: Advanced Topic.

How To Not Make a Secure Protocol WEP Dan Petro.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID

Wired Equivalent Privacy (WEP)

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE

IEEE Wireless Local Area Networks (WLAN’s).

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Security – Wired Equivalent Privacy (WEP) By Shruthi B Krishnan.

WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University

Mobile and Wireless Communication Security By Jason Gratto.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Wireless Insecurity By: No’eau Kamakani Robert Whitmire.

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.

NSRI1 Security of Wireless LAN ’ Seongtaek Chee (NSRI)

CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.

WEP Protocol Weaknesses and Vulnerabilities

WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.

Wired Equivalent Privacy (WEP): The first ‘confidentiality’ algorithm for the wireless IEEE standard. PRESENTED BY: Samuel Grush and Barry Preston.

Lecture 24 Wireless Network Security

National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE

Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.

Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.

WLAN Security1 Security of WLAN Máté Szalay

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

Wireless LAN Security Daniel Reichle Seminar Security Protocols and Applications SS2003.

Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id:

Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.

History and Implementation of the IEEE 802 Security Architecture

History and Implementation of the IEEE 802 Security Architecture

Wireless Protocols WEP, WPA & WPA2.

Lecture 29 Security in IEEE Dr. Ghalib A. Shah

WEP & WPA Mandy Kershishnik.

A Wireless LAN Security Protocol

Wireless Security Ian Bodley.

ANALYSIS OF WIRED EQUIVALENT PRIVACY

IEEE i Dohwan Kim.

Wireless Network Security

CSE 4905 WiFi Security I WEP (Wired Equivalent Privacy)

Security Of Wireless Sensor Networks

WLAN Security Antti Miettinen.

Antti Miettinen (modified by JJ)

Security of Wireless Sensor Networks

Security Issues with Wireless Protocols

Inaugural meeting (for Hasheem: that means ‘the first meeting’

Intercepting Mobile Communications: The Insecurity of

The RC4 Algorithm Network Security.

Presentation transcript:

1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace Radius Server and avoid denial of services in Wireless LANs.

2. Overview state machine

2.2 introduction of frame management frame or data frame Security WEP protocol and a Shared key authentication Confidentiality Access control Data integrity

2.3 The WEP protocol The wired equivalent privacy (WEP) protocol is used in networks to protect link-level data during wireless transmission. Under the WEP, communicating parties rely on a shared authentication key (represented by k) to protect the transmission data. The general procedures are involve encryption and decryption.

encryption · Plain text generation The plain text consists of raw message and the checksum of the raw message. Assuming M represents raw message, c(M) is the checksum of the raw message. The plain text P is represented by the following formula: P = (M. (c(M))

· Encryption: Plaintext P is encrypted using RC4. We choose an initialization vector (simplified as IV in the following context) represented by v. The RC4 algorithm generates a keystream which is denoted by RC4(v, k) as a function of the v and the security key k. Then, we get the ciphertext-C. C= P xor RC4(v, k) · Transmission: Finally, we transmit the IV and the ciphertext over the radio link.

The decryption part is defined as follows. The recipient simply reverses the encryption process. The recipient generates the keystream RC4(v, k) and XORs it against the ciphertext to recover the initial plaintext: P ’ = C xor RC4(v,k)=(P xor RC4(v,k)) xor RC4(v,k) = P

2.3 Shared Key Authentication All the clients will share the same authentication key k.

2.4 The problem with WEP and Shared key Authentication Encrypting two messages under the same IV and authentication key can reveal information about both messages. For example, C1 = P1 xor RC4(v,k) C2 = P2 xor RC4(v,k) C1 xor C2 = (P1 xor RC4(v,k)) xor (P2 xor RC4(v,k)) = P1 xor P2

2.5 Other Security issues in · No per-packet authentication · Vulnerability to disassociation attacks · No user identification and authentication · No central authentication, authorization, accounting · RC4 stream cipher vulnerable to known plaintext attack · Some implementations derive WEP keys from passwords · No support for extended authentication · Key management issues · Re-key of global keys · No dynamic per-STA key management

3. The 802.1x solution Port-based access control mechanism defined by IEEE Works on anything, wired and wireless Access point must support 802.1x No special WIC requirements Allows choice of authentication methods using EAP Chosen by peers at authentication time Access Point doesn ’ t care about EAP methods Manages keys automatically No need to preprogram WICs

3.1 Extensible authentication protocol(EAP) Link-layer security framework Simple encapsulation protocol for authentication mechanisms Runs over any link layer No built-in security Doesn ’ t assume physically security link Authentication methods must incorporate their own security EAP allows choice of authentication methods

3.2 EAP architecture

3.3Principal of operation of 802.1x

x over

/802.1x state machine

3.6 Problems with /802.1x Man-in-Middle attack

Session Hijacking

3.7 Denial of services attacks EAPOL Logoff EAP-Start, EAP-Failure Message spoofing MAC disassociation Large number of associate requests

3.8 Our solution Central Server and mobile agent