Wireless Protocols WEP, WPA & WPA2.

Slides:

Advertisements

Similar presentations

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005

Advertisements

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

1 MD5 Cracking One way hash. Used in online passwords and file verification.

Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.

Security+ Guide to Network Security Fundamentals, Third Edition

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

WEP and i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID

Wired Equivalent Privacy (WEP)

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE

IEEE Wireless Local Area Networks (WLAN’s).

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

A Methodology for Evaluating Wireless Network Security Protocols David Rager Kandaraj Piamrat.

Michal Rapco 05, 2005 Security issues in Wireless LANs.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Wireless Networking.

A History of WEP The Ups and Downs of Wireless Security.

Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.

Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

IEEE i WPA2. IEEE i (WPA2) IEEE i, is an amendment to the standard specifying security mechanisms for wireless networks. The.

CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.

WEP Protocol Weaknesses and Vulnerabilities

WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004

National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE

Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.

Wireless security Wi–Fi (802.11) Security

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.

IEEE Security Specifically WEP, WPA, and WPA2 Brett Boge, Presenter CS 450/650 University of Nevada, Reno.

Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.

EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

Wired Equivalent Privacy. INTRODUCTION Wired Equivalent Privacy (WEP) is a security algorithm for IEEE wireless networks. Introduced as part of.

Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id:

Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.

History and Implementation of the IEEE 802 Security Architecture

Understand Wireless Security LESSON Security Fundamentals.

Module 48 (Wireless Hacking)

History and Implementation of the IEEE 802 Security Architecture

Authentication and handoff protocols for wireless mesh networks

TERMINOLOGY Define: WPAN

OSA vs WEP WPA and WPA II Tools for hacking

Wireless Security.

We will talking about : What is WAP ? What is WAP2 ? Is there secure ?

WEP & WPA Mandy Kershishnik.

Wireless LAN Security CSE 6590.

Wireless Networking Chapter 23.

Wireless LAN Security 4.3 Wireless LAN Security.

IEEE i Dohwan Kim.

Wireless Network Security

CSE 4905 WiFi Security I WEP (Wired Equivalent Privacy)

Security Issues with Wireless Protocols

IT4833/6833 WiFi Security Building Blocks (I).

Presentation transcript:

Wireless Protocols WEP, WPA & WPA2

What is WEP? Wired Equivalent Privacy (WEP) was included as the privacy component of the original IEEE 802.11 standard ratified in September 1999. WEP is a weak security algorithm for IEEE 802.11 wireless networks. Its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP has been demonstrated to have numerous flaws and has been deprecated in favor of newer standards such as WPA and WPA2.

How does WEP work? WEP uses RC4 algorithm to encrypt the packets of information. Each byte of data will be encrypted using a different packet key. Standard 64-bit WEP uses a 40-bit key, which is concatenated with a 24-bit Initialization Vector (IV) to form the RC4 key. - (IV): A continuously changing number used in combination with a secret key to encrypt data. It is used to prevent a sequence of text that is identical to a previous sequence from producing the same exact cipher-text when encrypted. 128-bit WEP uses 104-bit key, which is also concatenated to a 24-bit Initialization Vector.

WEP Authentication Two Methods of Authentication: Open System Authentication and Shared Key Authentication. In Open System Authentication, the WLAN client need not provide its credential to the Access Point during Authentication. Any client can authenticate with the Access Point and then attempt to associate. In effect, no Authentication occurs. Subsequently WEP keys can be used for encrypting data frames. At this point, the client must have the correct keys. In Shared Key Authentication, the WEP key is used for authentication in a four step challenge-response handshake.

Open System & Shared Key Authentication

What’s wrong with WEP? The IV is too small and in clear text: It’s a 24-bit field sent in the clear text portion of a message. The 24-bit string used to initialize the key stream generated by the RC4 algorithm, is a relatively small field when used for cryptographic purposes. The IV is static: Reuse of the same IV produces identical key streams for the protection of data, and because the IV is short, it guarantees that those streams will repeat after a short time. The IV is part of the RC4 encryption key: The fact that an eavesdropper knows 24-bits of every packet key, combined with a weakness in the RC4 key schedule, leads to a successful analytic attack that recovers the key after intercepting and analyzing only a relatively small amount of traffic.

How to crack WEP? Step 1: You need some basic computer skills, I mean, COME ON!!! Step 2: Get a packet sniffing program. Step 3: Make sure there is traffic on the network. Step 4: Begin packet sniffing and allow the program to get a good sample of the WEP encrypted packets. Step 5: Decipher the public/private key by matching the packets for similarities. http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy Very Simple: http://www.youtube.com/watch?feature=player_embedd ed&v=jETwvEDaJeQ

What is WPA? Wi-Fi Protected Access(WPA) is a security protocol and security certification program developed to secure wireless computer networks. The WPA protocol implements the majority of the IEEE 802.11i standards WPA was carefully designed so that hardware upgrades would not be needed. WPA retained the use of RC4 but it added features designed to address the deficiencies in the way that WEP uses the cipher.

WPA features A longer key: WPA lengthens the Initialization Vector (IV) to 48 bits and the master key to 128 bits. Temporal Key Integrity Protocol(TKIP): Generates different keys for each client and alters keys for each successive packet. - The TKIP was brought into WPA and it replaced WEP’s 40-bit or 128-bit encryption. - TKIP is a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet and thus prevents collisions. Message Integrity Code(MIC) or Cryptographic checksum: Verifies that messages have not been altered in transit and protects against replay attempts.

WPA Authentication Personal mode (WPA-PSK): This utilizes manually configured keys in the same manner as WEP. All clients use the same initial master key. Its designed for home and small office networks and it does not require an authentication server. Enterprise mode(WPA or WPA-802.1x): As opposed to WPA-PSK, it’s designed for enterprise networks and it requires a RADIUS authentication server. This provides more security. The AP uses Extensible Authentication Protocol (EAP) to negotiate a pair-wise master key with each client individually.

WPA Authentication

What is WPA2 WPA2 is based on the Robust Security Network(RSN) mechanism, which provided support for all of the mechanisms available in WPA as well as: 1. Strong encryption and authentication support for infrastructure and ad-hoc networks (WPA is limited to infrastructure networks). 2. Reduced the overhead in the key derivation during the wireless LAN authentication exchange. 3. Support for opportunistic key caching to reduce overhead in roaming between access points. 4. Support for CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) encryption mechanism based on the Advanced Encryption Standard (AES) cipher as an alternative to the TKIP protocol.

WPA2 vs WPA What is similar? - WPA and WPA2 can use the same authentication method because they are both EAP(Extensible Authentication Protocol) based. Meaning that many other protocols can be built on top of EAP. What is different? - The key difference is the encryption method. WPA uses TKIP/RC4 while WPA2 uses CCMP/AES or Advanced Encryption Standard used by the US Department of Defense.

Infrastructure Mode Infrastructure Mode: Wireless networking bridges a wireless network to a wired ethernet network. - A wireless AP is required to join the WLAN, the AP and all wireless clients must be configured to use the same SSID. The AP is then cabled to the wired network to allow clients access to internet connections or printers. - APs can be added to WLANs to increase the reach of the infrastructure and support any number of clients.

Ad-Hoc Mode Ad-Hoc Mode: It’s a method for wireless devices to directly communicate with each other. - Operating in Ad-Hoc mode allows all wireless devices within range of each other to discover and communicate in peer-to-peer fashion without involving central access points - An ad-hoc network tends to feature a small group of devices all in a very close proximity to each other (Performance suffers if the number increases).