Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006
Wireless LAN Security - Overview WEP WEP Vulnerability WPA Standards i
Wireless LAN Security – WEP Secret Key 40-bit 104-bit 24-bit Initialization Vector 32-bit Integrity Check Vector Cyclic Redundancy Check RC4 Algorithm
Wireless LAN Security – WEP Wired Equivalent Privacy (WEP) protocol used to control access to wireless LANs and to encrypt information. (International Journal of Computer Science and Network Security (IJCSNS), VOL.6 No.5B, May 2006)
Wireless LAN Security – WEP Vulnerability A Wired Equivalent Privacy (WEP) weakness. The attacker can monitor encrypted transmissions and captures IVs, lookup the corresponding WEP key and easily decrypts the transmitted data. (From IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.5B, May 2006)
Wireless LAN Security – WPA Wi-Fi Protected Access IEEE 802.1x Temporal Key Integrity Protocol (TKIP) WEP 104-bit encryption key Message Integrity Check (MIC) Interim Software Upgrade
Wireless LAN Security - Standards Family of IEEE standards – umbrella b, a, c, d, e, f, g, h, i, (and more) b – Basic, ubiquitous g – More… i – Better security
Wireless LAN Security – i Supplement to MAC layer Port-level access control protocol Includes WPA technologies TKIP Dynamic keys Per-packet & per session ciphering 48-bit IV hashing IV not sent in clear text Advanced Encryption System (AES) Replaces WEP’s RC4 algorithm Need new hardware
Summary WEP WEP Vulnerability WPA Standards i
Wireless LAN Security Questions?