A. Steffen, 30.09.2013, 03-DataLinkLayer.pptx 1 Information Security 2 (InfSi2) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.

Slides:



Advertisements
Similar presentations
Discussion of KaY Key Exchange and Management Interface to SecY
Advertisements

Encrypting Wireless Data with VPN Techniques
Internet Protocol Security (IP Sec)
IEEE MEDIA INDEPENDENT HANDOVER
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
Filtering and Security By Mohammad Shanehsaz June 2004.
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
ITA, , 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.
CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
P Security Survey and Recommendations By: Ryon Coleman October 16, 2003.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE Wireless Local Area Networks (WLAN’s).
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.
Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University
Layer 2 Switch  Layer 2 Switching is hardware based.  Uses the host's Media Access Control (MAC) address.  Uses Application Specific Integrated Circuits.
WLAN What is WLAN? Physical vs. Wireless LAN
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 7 City College.
Michal Rapco 05, 2005 Security issues in Wireless LANs.
ROUTER Routers have the following components: CPU NVRAM RAM ROM (FLASH) IOS Cisco 2800 Series Router.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Wireless and Security CSCI 5857: Encoding and Encryption.
© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel.
Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Steffen/Stettler, , 4-SpanningTree.pptx 1 Computernetze 1 (CN1) 4 Spanning Tree Protokoll 802.1D-2004 Prof. Dr. Andreas Steffen Institute for.
© Aastra – 2012 SIP-DECT 4.0 RFP 43 WLAN June 2012.
Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)
Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)
1 Course Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt.
A. Steffen, , 0-Overview.pptx 1 Information Security 2 (InfSi2) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
Lecture 24 Wireless Network Security
STORE AND FORWARD & CUT THROUGH FORWARD Switches can use different forwarding techniques— two of these are store-and-forward switching and cut-through.
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Chapter 4 Version 1 Virtual LANs. Introduction By default, switches forward broadcasts, this means that all segments connected to a switch are in one.
WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
Wireless Network Security CSIS 5857: Encoding and Encryption.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
Doc.: IEEE /610r0 Submission November 2001 Tim Moore, Microsoft 802.1X and key interactions Tim Moore.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0— © 2003, Cisco Systems, Inc. All rights reserved.
History and Implementation of the IEEE 802 Security Architecture
History and Implementation of the IEEE 802 Security Architecture
Authentication and handoff protocols for wireless mesh networks
Wireless Protocols WEP, WPA & WPA2.
WEP & WPA Mandy Kershishnik.
IEEE Interim May 2004 Allyn Romanow
Wireless Network Security
CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.
Counter With Cipher Block Chaining-MAC
Presentation transcript:

A. Steffen, , 03-DataLinkLayer.pptx 1 Information Security 2 (InfSi2) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 3 Data Link Layer Security

A. Steffen, , 03-DataLinkLayer.pptx 2 Security Protocols for the OSI Stack Application layerPlatform Security, Web Application Security, VoIP Security, SW Security Transport layerTLSNetwork layerIPsecData Link layer[PPTP, L2TP], IEEE 802.1X, IEEE 802.1AE, IEEE i (WPA2) Physical layerQuantum CryptographyCommunication layersSecurity protocols

A. Steffen, , 03-DataLinkLayer.pptx 3 Information Security 2 (InfSi2) 3.1 Port-Based Network Access Control - IEEE 802.1X

A. Steffen, , 03-DataLinkLayer.pptx 4 IEEE 802.1X Access Control using EAP Methods 802.1X Supplicant User Credentials 802.1X Authentication Server User Credentials 802.1X Authenticator (WLAN AP, LAN Switch) EAP RADIUSEAPOL*L2 * EAP over LAN (Ethertype 0x888E) 802.1X Supplicants and Authenticators are both Port Access Entities (PAEs)

A. Steffen, , 03-DataLinkLayer.pptx 5 Information Security 2 (InfSi2) 3.2 Secure Device Identity IEEE 802.1AR - DevID

A. Steffen, , 03-DataLinkLayer.pptx 6 IEEE 802.1AR Secure Device Identifier DevIDSecure Device Identifier Secure Device Identifier IDevIDInitial Device Identifier Created during manufacturing and cannot be modified Either reaches end of lifetime (certificate) or can be disabled LDevIDLocally Significant Device Identifier One or several may be created by network administrator DevID Module Hardware module which stores the DevID secrets, credentials and the entire credential chain up to the root certificate Contains a strong Random Number Generator (RNG) Implements Asymmetric Algorithms (2048 bit RSA and/or 256 bit ECDSA) Implements SHA-256 Hash Function

A. Steffen, , 03-DataLinkLayer.pptx 7 IEEE 802.1AR DevID Module Storage Random Number Generator Hash Algorithms Asymmetric Cryptography Service Interface Management Interface DevID Secret[s] DevID Credentials[s] Credential Chain Applications & Operating System

A. Steffen, , 03-DataLinkLayer.pptx 8 Use of DevIDs DevID use EAP-TLS Authentication Device authentication can be based on its DevID certificate. DevID use in Consumer Devices Similar but more secure than access control based on a MAC address list which can easily be spoofed, a switch, router or access point can allow access based on a registered commonName (CN), serialNumber (SN) or a subjectAltName contained in the DevID certificate. DevID use in Enterprise Devices Similar to the consumer device use case but the DevID is usually registered with a centralAAA server. DevID Module based on Trusted Platform Module (TPM) Each TPM has a unique non-erasable Endorsement Key (EK) to which DevID secrets and credentials can be bound.

A. Steffen, , 03-DataLinkLayer.pptx 9 Information Security 2 (InfSi2) 3.3 Media Access Layer Security IEEE 802.1AE - MACsec

A. Steffen, , 03-DataLinkLayer.pptx 10 Four Stations Attached to a LAN PAE Port Access Entity PAE

A. Steffen, , 03-DataLinkLayer.pptx 11 Connectivity Association (CA) Station D is not part of the CA SecY MAC Security Entity CAK (CA Key) CAK

A. Steffen, , 03-DataLinkLayer.pptx 12 Secure Channel (SC) and Secure Association (SA) Each SC comprises a succession of SAs each with a different SAK (SA Key)

A. Steffen, , 03-DataLinkLayer.pptx 13 Secure Channel and Secure Association Identifiers System Identifier Port Identifier Association Number SCI Secure Channel Identifier SAI Secure Association Identifier The Association Number (2 bits) allows the overlapping rekeying of the Secure Association during which two different SAKs co-exist.

A. Steffen, , 03-DataLinkLayer.pptx 14 Two Stations in a point-to-point LAN PAE

A. Steffen, , 03-DataLinkLayer.pptx 15 Connectivity Association (CA) CAK SecY CAK SecY

A. Steffen, , 03-DataLinkLayer.pptx 16 Secure Channel (SC) and Secure Association (SA) SA A  SAK A0, SAK A1, … SA B  SAK B0, SAK B1, … CKN (CAK Name) CAK SecY CKN CAK SecY

A. Steffen, , 03-DataLinkLayer.pptx 17 IEEE 802.1AE MACsec Frame Format Secure DataFCSDASASecTag MAC Addresses ICV MPDU Optional Encryption Data Integrity User Data DASA MSDUMAC Addresses User Data VLAN Tag PT MSDU – MAC Service Data Unit MPDU – MACsec Protocol Data Unit ICV – Integrity Check Value 8 or 168 to 16

A. Steffen, , 03-DataLinkLayer.pptx 18 SecTag – Security Tag PN SCI (optional encoding) 0x88E5 MACsec Ethertype – is 0x88E5 TCI – TAG Control Information (6 bits) AN – Association Number (2 bits) SL – Short Length (6 bits) – length of User Data if < 48 octets, 0 otherwise PN – Packet Number – replay protection and IV for encryption SCI – Secure Channel Identifier – identifies Secure Association (SA). In point-to-point links the SCI consists of the Source MAC Address and the Port Identifier and thus the SCI doesn’t have to be encoded. 2 0 or 8 TCIAN 14 SL 1

A. Steffen, , 03-DataLinkLayer.pptx 19 TCI – TAG Control Information Bits V – Version (currently 0) ES – End Station – if set means that the Source MAC Address is part of the SCI and the SCI shall not be explicitly encoded. SC – shall be set only if an explicitly encoded SCI is present SCB – Single Copy Broadcast capability – if ES and SCB are set then the implicit SCI comprises a reserved Port Identifier of E – Encryption – if set encryption is enabled C – Changed Text – if clear the Secure Data exactly equals User Data V=0 8 ES 76 SC SCB E C 3 AN Bit

A. Steffen, , 03-DataLinkLayer.pptx 20 Authenticated Encryption with Associated Data AEAD is based on special block cipher modes: Block size: 128 bits Key size: 128/256 bits Tag size : 128 bits Nonce size: 128 bits 64 bits 32 bits 32 bits AES-Galois/Counter Mode AES-GMAC (auth. only) SCIPNCounter SCIPN0SCIPN1 SCIPN2 Key K Hash Subkey H 0………………..0 Key K Hash Subkey Derivation ICV

A. Steffen, , 03-DataLinkLayer.pptx 21 Information Security 2 (InfSi2) 3.4 MACsec Key Agreement IEEE 802.1X - MKA

A. Steffen, , 03-DataLinkLayer.pptx 22 MKA distributes random SAK using CAK MKPDU – MACsec Key Agreement Protocol Data Unit – carried via EAPOL CAK – Connectivity Association Key – pairwise or group root key ICK – ICV Key – used for MKPDU Data Integrity KEK – Key Encrypting Key – used for AES Key Wrap in MKPDU SAK – Secure Association Key MKPDU

A. Steffen, , 03-DataLinkLayer.pptx 23 MKA Key Derivation Function - KDF The MKA KDF is a Pseudo Random Function (PRF) based on AES-CMAC with a 128 or 256 bit key. Output  KDF(Key, Label, Context, Length) KEK  KDF(CAK,  IEEE8021 KEK , CKN[0..15], 128/256) ICK  KDF(CAK,  IEEE8021 ICK , CKN[0..15], 128/256) SAK  KDF(CAK,  IEEE8021 SAK , KS-nonce | MI-value list | KN, 128/256) KS – Key Server – either elected or EAP Authenticator MI – Member Identifier – all members of a CA KN – Key Number – assigned by Key Server

A. Steffen, , 03-DataLinkLayer.pptx 24 Connectivity Association Key – CAK CAK as a Pre-Shared-Key (PSK) Can be used either as a pairwise CAK or group CAK Statically configured PSK CKN can be chosen arbitrarily with a size of octets CAK via EAP Can be used as a pairwise CAK. Dynamically derived CAK and CKN between two PAEs via EAP CAK  KDF(MSK[0..15]/MSK[0..31],  IEEE8021 EAP CAK , mac1 | mac2, 128/256) CKN  KDF(MSK[0..15]/MSK[0..31],  IEEE8021 EAP CKN , EAP Session-ID | mac1 | mac2, 128/256) where mac1 < mac2 are the MAC addresses of the PAEs and the Master Session Key (MSK) and Session-ID of the EAP method (EAP-TLS, EAP-PEAP, etc) is included.

A. Steffen, , 03-DataLinkLayer.pptx 25 Use of Pairwise CAKs to Distribute a Group CAK MKPDU

A. Steffen, , 03-DataLinkLayer.pptx 26 IEEE 802.1AE Enabled Products Cisco Catalyst 3750-X / 3560-X LAN Access Switch Supports MACsec and MKA on both user/downlink and network/uplink ports Juniper EX Series Switches 802.1AE available with the controlled version of Junos OS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.