WEP & WPA Mandy Kershishnik
Define for me.. . WEP- Wired Equivalent Privacy method to secure IEEE 802.11 wireless networks part of the IEEE 802.11 wireless networking standard IEEE 802.11- set of standards for wireless local area network (WLAN) computer communication, developed by the IEEE LAN/MAN Standards Committee
Define for me.. . WPA- Wi-Fi Protected Access class of systems to secure wireless (Wi-Fi) computer networks created in response to several serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP)
Overview.. . WEP in depth WPA in depth IUP’s summer issue Conclusion
WEP.. . provide confidentiality comparable to wired network Cryptanalysis unveiled several weaknesses WEP -> WPA in 2003 WEP -> WPA2 in 2004 ALL not lost.. . provides a level of security that may deter casual snooping
WEP.. . 128-bit WEP key Confidentiality: RC4 Integrity: CRC-32 checksum 128-bit WEP key 26 Hex characters (0-9 and A-F) 1 char = 4 bits (so… 4 * 26 = 104 bits) 24-bit IV (initialization vector)
Authentication (2 methods) WEP.. . Authentication (2 methods) 1) Open System WLAN client doesn’t have to provide credentials to “access point” during authentication Essentially, any client (regardless of key) can authenticate with the “access point” THEN attempt to associate No authentication actually occurs After authentication & association, WEP used for encryption of data frames (as long as client has correct keys)
WEP.. . 2) Shared Key Four-way challenge-response handshake 1) client station sends authentication request to “access point” 2) “access point” sends back clear-text challenge 3) client encrypts challenge text using the configured WEP key; sends it back in another AUTH request 4) “access point” decrypts material; compares it with clear-text sent; depending on success of comparison, the “access point” sends back a positive or negative response After the authentication and association, WEP can be used for encrypting the data frames
WEP.. . Security Flaws Short IVs & keys Static keys Keystreams that are too similar Decryption of 802.11 frames Static keys doesn't provide function that supports the exchange of keys among stations admins and users generally use the same keys for log periods of time Cyclic Redundancy Check (CRC) insecure is possible to alter the payload and update the message CRC without knowing WEP key
WPA.. . Created by Wi-Fi Alliance designed to work with all wireless NIC cards must be enabled and chosen in preference to WEP WEP is usually presented as the first security choice in most installation instructions “personal mode” passphrase often too short (6-8 chars)
WPA.. . 2 modes 1) designed for use with an IEEE 802.1X authentication server Encrypted RC4 stream cipher 128-bit key 48-bit IV (initialization vector) Temporal Key Integrity Protocol (TKIP) Dynamically changes keys as system used Defeats key recovery attacks on WEP Message Integrity Code (MIC) Algorithm- Michael Frame counter Prevents replay attacks
WPA.. . 2) Pre-shared key (PSK) mode designed for home and small office networks Passphrase 8 - 63 printable ASCII characters OR 64 HEX digits (256 bits) may be stored on user’s computer (avoid re-entry) Stored in Wi-Fi “access point” * strong passwords are crucial * some methods to bypass weak passphrases Software / hardware interface that adds Wi-Fi adapter or appliance to network Short challenge phrases
IUP & WEP / WPA.. . DUAL Broadcasting WPA- IUP network (TKIP) Visible WEP- AuthorizedUseOnly network Invisible
Conclusion.. . WEP in depth WPA in depth Security issues Application
Resources.. . http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9015559 http://www.techworld.com/mobility/wep.cfm http://www.wifinetnews.com/archives/007993.html http://sunsite.uakom.sk/sunworldonline/swol-05-1998/swol-05-connectivity.html