Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.

Slides:



Advertisements
Similar presentations
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Advertisements

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
Implementing Wireless LAN Security
Security+ Guide to Network Security Fundamentals, Third Edition
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE Wireless Local Area Networks (WLAN’s).
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Solutions for WEP Bracha Hod June 1, i Task Group  Addresses WEP issues –No forgery protection –No protection against replays –Attack through.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
IWD2243 Wireless & Mobile Security Chapter 3 : Wireless LAN Security Prepared by : Zuraidy Adnan, FITM UNISEL1.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
WLAN What is WLAN? Physical vs. Wireless LAN
A Methodology for Evaluating Wireless Network Security Protocols David Rager Kandaraj Piamrat.
Michal Rapco 05, 2005 Security issues in Wireless LANs.
Mobile and Wireless Communication Security By Jason Gratto.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized.
Wireless Networking.
Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.
WEP Protocol Weaknesses and Vulnerabilities
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
Security in Wireless Networks IEEE i Presented by Sean Goggin March 1, 2005.
WEP, WPA, and EAP Drew Kalina. Overview  Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA)  Extensible Authentication Protocol (EAP)
Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.
IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004
Lecture 24 Wireless Network Security
Security Standards. IEEE IEEE 802 committee for LAN standards IEEE formed in 1990’s – charter to develop a protocol & transmission specifications.
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 24 “Wireless Network Security”.
WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.
Wireless security Wi–Fi (802.11) Security
Wireless Networks Standards and Protocols & x Standards and x refers to a family of specifications developed by the IEEE for.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.
Wireless Network Security CSIS 5857: Encoding and Encryption.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.
By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Wireless Security.
Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id:
Module 48 (Wireless Hacking)
Authentication and handoff protocols for wireless mesh networks
Wireless Protocols WEP, WPA & WPA2.
WEP & WPA Mandy Kershishnik.
Wireless LAN Security 4.3 Wireless LAN Security.
Wireless Network Security
Presentation transcript:

Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka

Overview Risks of Wireless Insecurity Security Standards i WPA, WPA2, and TKIP

Risk of Wireless Insecurity Wireless LAN’s can be sniffed or cracked. Networks can be maliciously manipulated through an insecure wireless access point. Theft of data, lower productivity, and financial losses are possible.

WEP Does not prevent forgery of packets. Does not prevent replay attacks. Keys are weak, and can be brute forced on standard computer. Reuses initialization vectors. Allows an attacker to undetectably modify a message without knowing the encryption key

Understanding Wi-Fi Protected Access (WPA) Based on early draft of IEEE i to address flaws in WEP.

TKIP (Temporal Key Integrity Protocol) An added layer of security over the WEP. Key length for TKIP is 128-bit. Expands the initialization vector (IV) to 48 bits (Reducing risk of replay attackers) 48-bit means that any particular value of the IV cannot be duplicated with a particular key. Guaranteeing that a key-IV pair is never reused also denies an attacker the ability to capture multiple packets that are identically encrypted, which would lead to the ability to extract plain text message.

WPA TKIP continued To create a base key, TKIP uses a master key (or passphrase) derived from authentication process, combined with the users MAC address. The base key is then used with the IV to create per-packet keys. Every packet sent over WPA is encrypted by a separate and unique key.

WPA TKIP continued Each clients base key is different. The client provides a shared secret for authentication and also a few other pieces of information.

WPA Problems The initial passphrase on the clients and access points is often weak because it is usually man made. The passphrase is usually limited to 20 characters or less because of issues with remembering or entering the long string of seemingly random text.

WPAPSK Robust authentication methods are not used with WPA, it must rely upon Pre-Shared Keys (PSK). The same phrase must be entered on all clients and all access points. Difficult to distribute the key without it being compromised. A single malicious client can use the date to compromise other client sessions. WPAPSK is common due to the lack of a need for a separate authentication system.

802.1X User Authentication & Network Access 802.1x was designed for a wired network and only facilitates authentication. Problem 1: Attacker has access to authentication packets sent and received by clients. May be possible to discover authentication credentials Problem 2: Attacker can execute man-in-the-middle attack if he is within broadcast range. Problem 3: Attacker can execute denial-of-service attack by sending packets the access point telling it to drop the client connection. Problem 4: The attacker could execute a denial-of-service attack against a client system and then take the clients place before the wireless access point notices.

WPA Cracking Tools Tools used to determine the initial shared secret when WPA-PSK is used. Once the secret is known the base key and session key can be recreated. The attacker must be able to monitor the entire initial key exchange.

WPA Summary WPA is generally accepted as an interim step to provide incrementally improved security. WEP that was upgraded to WPA are hardware-constrained, with minimal processing power and RC4 as the only onboard encryption option.

Wi-Fi Protected Access 2 (WPA2) and i WPA2 and i are virtually identical. Not only are they the future of wireless access authentication but they are the future of wireless access.

4-way Handshake

Increased Density of Access Points The future will feature increased density of access points. The more access points will result in more bandwidth. Increased Access Points result in more reliability, if one fails, there is another one to take its place.

Roaming Wireless Clients Critical to i is the addition of fast secure roaming support for clients. VoIP and other mobile applications that require continuous access. Its important to have smooth and seamless access while clients are roaming.

Failover Requirements Majority of wireless networks have no failover or redundancy capabilities other than manual connection to a new access point when the one in use fails. With roaming support the failover can be avoided by seamlessly shifting between points.

WPA 2 WPA2 uses the encryption algorithm AES (Advanced Encryption Standard) replacing DES (Data Encryption Standard). WPA 2 has two modes of security: “Home user” and “Corporate”.

WPA2 “Home User’’ A pre-shared secret is used. Clients and access points are pre-configured to use the same secret. The secret code entered can be up to 64 ASCII characters. e.x- “this_is_a_secret_key” An actual 256-bit randomly generated number may also be used, but this is difficult to enter manually into client configurations.

WPA2 “Corporate” Based on 802.1X, the EAP authentication framework. Provides a stronger authentication system and secure key distribution.

WPA2 and 802.1X While 802.1X as a standard preceded i, it is providing to be a key enabler for secure and flexible wireless networks. Allows for client authentication, wireless network authentication, and pre- authentication necessary for roaming.

WPA2 and 802.1x cont. Capabilities negotiation between the client and wireless network provider. Client authentication to the wireless network provider. Authentication of wireless network provider to the client. A key distribution mechanism for encryption of wireless traffic. Pre-authentication for roaming clients.

WPA2 and 802.1x cont. Supplicant (the wireless client) Authenticator (the access point) Authentication Server (usually a RADIUS server)

WPA2 and 802.1x cont. These 3 items negotiate capabilities. These consist of: The pairwise cipher suite, used to encrypt unicast (point-to-point) traffic. The group cipher suite, used to encrypt multicast and broadcast (point-to- multiple-point) traffic. The use of either a pre-shared key (PSK) or 802.1X authentication.

WPA2 and 802.1x cont. The key exchange consists of a Master Key (MK) generated on the authentication server and in the supplicant. The MK is sent to the authenticator. The Pairwise Master Key (PMK) is generated from the MK and the Group Master Key (GMK) is generated by the authenticator. The PMK and GMK keys are then used as needed to generate temporal keys, used to encrypt individual frames sent over the wireless network. These keys are known as Pairwise Transient Keys (PTK) and Groupwise Transient Keys (GTK).

WPA2 and 802.1x cont. The PTK is used to encrypt traffic to and from the supplicant and the authenticator. The GTK is used to encrypt broadcast or multicast traffic sent to all hosts on a particular wireless network.

WPA 2 and TKIP WPA2 supports the use of the TKIP encryption scheme to provide backward compatibility with WPA equipment. As i equipment becomes ubiquitous, networks will drop support for TKIP and WPA, removing a number of potential security vulnerabilities.

WPA2 and TKIP The major weakness in TKIP under WPA is due to a weak encryption algorithm. The problem is addressed with WPA2 by using 802.1X and EAP-TLS to handle key distribution, keys are transferred securely and are less prone to attack. The use of an extremely strong cipher, AES, addresses weaknesses. The use of strong key lengths, 128 bits, significantly reduces the chance of a successful brute force attack against AES-encrypted wireless traffic.

WPA 2 and CCMP i standards call for the use of Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), which specifies use of CCM with the AES block cipher. The CBC-MAC portion provides data integrity and authentication while the counter mode does the actual encryption.

WPA2 and CCMP When a packet is encrypted using CCMP, a number of data fields are added. 1 st – MIC- message integrity code, which includes the MAC address of the source and destination, it is used as a very strong hashing function which prevents man-in-the-middle attacks. 2 nd – data header- which contains the IV and key ID which is needed to ID the encryption key used to encrypt the packet. 3 rd – extended IV – 4 bytes long, this field and the IV with key ID field are not encrypted, as the remote end must ID what key was used to encrypt a packet and the packet’s sequence number. The first IV ensures that data is ordered properly. The rest of the packet contains the encrypted payload of data and MIC.

WPA 2 and Fast Roaming WPA2 neatly solves the problem of roaming (and failover) in two ways: through the use of Pre-Authentication and PMK Caching.

PMK Caching When a client re-associates with an access point, it uses a PMK from an older 802.1X authentication executed on the same access point. No 802.1X exchange happens; the client immediately carries out the i handshake and is ready to send/receive data.

Pre-Authentication When a client is associated with an access point and hears a beacon from another access point with the same SSID and security policy, it carries out an 802.1X authentication with that access point over the wire. The client and access point derive the PMK and keep it cached. If the client then roams over the new access point, it has the PMK and thus the 802.1X authentication phase is skipped.

Opportunistic PMK Caching Roaming is the key technical advantage of WPA2. PMK Caching and Pre-Authorization help reduce latency in the “disruption gap” which impacts quality of service by removing redundancy. In 2004 the Fast Roaming Task Force began work on the r to improve handoff times between access points. The final product will be known as BSS Transition.

Opportunistic PMK Caching The switch has access to all the PMK’s from all connected access points. It is possible for a PMK from one access point to be used for all connected access points. A client may perform PMK caching with any other PMK that is available, bypassing the 4- way CCMP authentication handshake. This speeds up the roaming process.

Summary Wireless area networks are important to enterprises. Both WEP and WPA have provided only minor obstacles to determined hackers and can be deployed with caution. IEEE i laid the foundation for drastic improvements in wireless security. WPA2 offers more formidable encryption, better key management, and robust authentication, as well as access point roaming.

Works Cited Emerging Technologies in Wireless LANs – Benny Bing

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.