W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

Slides:



Advertisements
Similar presentations
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Advertisements

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
Security+ Guide to Network Security Fundamentals, Third Edition
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
Wired Equivalent Privacy (WEP)
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Temporal Key Integrity Protocol (TKIP) Presented By: Laxmi Nissanka Rao Kim Sang Soo.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE Wireless Local Area Networks (WLAN’s).
Review of Wireless LAN Security Chapter-9
15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Solutions for WEP Bracha Hod June 1, i Task Group  Addresses WEP issues –No forgery protection –No protection against replays –Attack through.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
IWD2243 Wireless & Mobile Security Chapter 3 : Wireless LAN Security Prepared by : Zuraidy Adnan, FITM UNISEL1.
WLAN What is WLAN? Physical vs. Wireless LAN
Mobile and Wireless Communication Security By Jason Gratto.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized.
Wireless Networking.
Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Wireless Insecurity By: No’eau Kamakani Robert Whitmire.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
WEP Protocol Weaknesses and Vulnerabilities
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
WEP, WPA, and EAP Drew Kalina. Overview  Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA)  Extensible Authentication Protocol (EAP)
WEP Case Study Information Assurance Fall or Wi-Fi IEEE standard for wireless communication –Operates at the physical/data link layer –Operates.
Wired Equivalent Privacy (WEP): The first ‘confidentiality’ algorithm for the wireless IEEE standard. PRESENTED BY: Samuel Grush and Barry Preston.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.
IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.
Wireless security Wi–Fi (802.11) Security
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.
IEEE Security Specifically WEP, WPA, and WPA2 Brett Boge, Presenter CS 450/650 University of Nevada, Reno.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
WLAN Security1 Security of WLAN Máté Szalay
Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id:
1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.
Wireless Protocols WEP, WPA & WPA2.
WEP & WPA Mandy Kershishnik.
Wireless Security Ian Bodley.
ANALYSIS OF WIRED EQUIVALENT PRIVACY
IEEE i Dohwan Kim.
Wireless Network Security
IT4833/6833 WiFi Security Building Blocks (I).
Presentation transcript:

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID

Agenda Brief background on Wireless LAN Basic security mechanisms in WEP Vulnerabilities Enhancing wireless security with WPA Comparing WEP and WPA Conclusion

Brief Background A local area network (LAN) with no wires Several Wireless LAN (WLAN) standards  Mbps speed, 2.4Ghz band  b (Wi-Fi) – 11 Mbps speed, 2.4Ghz band  a (Wi-Fi) - 54 Mbps speed, 5Ghz band  g (Wi-Fi) – 54 Mbps speed, 2.4Ghz band

Wireless network components

Security Challenges and Solutions Challenges  Beyond any physical boundaries  Encryption, Authentication and Integrity Basic Security Mechanisms in  Service Set ID (SSID) – Acts like a shared secret, but sent in clear.  MAC Address Lists – Modifiable and also sent in clear.  The WEP Algorithm

More on WEP Stands for Wired Equivalent Privacy Designed to encrypt data over radio waves Provides 3 critical pieces of security  Confidentiality (Encryption)  Authentication  Integrity Uses RC4 encryption algorithm  Symmetric key stream cipher  64-bit shared RC4 keys, 40-bit WEP key, 24-bit plaintext Initialization Vector (IV)

WEP Encryption and Integrity IV Secret Key SeedPRNG XOR IV Ciphertext Plaintext CRC-32 Algorithm Integrity Check value Plaintext Key Sequence Message PRNG – RC4 Pseudorandom number generation algorithm Data payload

WEP Authentication 2 levels of authentication  “Open” : No authentication  “Shared secret” : Station A Station B Nonce N E(N, K A-B ) Request for shared key auth. Authentication response

WEP – The “flawed” Solution Weakness in key management  Single key for all access points and client radios  Static unless manually changed  Authentication and encryption keys are the same Shared key authentication failure  No knowledge of secret to gain network access  WEP PR =C  P (where C, P are passively recorded) Attacker AP Authentication request Challenge R WEP PR  R Success

WEP – The “flawed” Solution (contd.) Weakness in Encryption  Short 24-bit IV, reuse mandatory  Weak per-packet key derivation - exposes RC4 protocol to weak key attacks. Given c 1 and c 2 with same IV, c 1  c 2 = p 1  p 2 [p 1  S  p 2  S], leading to statistical attacks to recover plaintexts  Short 40-bit encryption scheme No forgery protection  Using CRC-32 checksum possible to recompute matching ICV for changed data bits  Given C= RC4(IV, key) , can find C’ that decrypts to M’=M+Δ such that C’= RC4(IV, key) 

WEP – The “flawed” Solution (contd.) No protection against replays Optional, mostly not turned on by users

Design Constraints WEP patches will rely entirely on software upgrade Access points have little spare CPU capacity for new functions Encryption functions are hard-wired in the access points

Enhancing WLAN Security with WPA WPA - Wireless Protected Access Strong, standards based, interoperable security for Wi-Fi Addresses all known weaknesses of WEP Subset of forthcoming IEEE i standard Designed to run as a software upgrade on most Wi-Fi certified products.

Security Mechanisms in WPA - TKIP Uses TKIP (Temporal Key Integrity Protocol) Encryption. Suite of algorithms wrapping WEP Adds 4 new algorithms to WEP: 1. New cryptographic message integrity code (MIC) called Michael - to defeat forgeries 2. New IV sequencing discipline - to remove replay attacks 3. A re-keying mechanism – to provide fresh encryption and integrity keys

More on TKIP 4. A per-packet key mixing function Phase 1 (Eliminates same key use by all links) - Combines MAC address and temporal key. Input to S- box to produce intermediate key Phase 2 (De-correlates IVs and per-packet keys) - Packet sequence number encrypted under the intermediate key using a fiestel cipher to produce 128- bit per packet key. TKIP leverages 802.1X/EAP framework for key management

802.1X/EAP Architecture Supplicant (wireless client) Authenticator (AP) Authentication Server (RADIUS) EAP-start EAP-identity request EAP-identity response EAP success/reject

WPA Modes of Operation - Pre-shared key vs. Enterprise Pre-shared Key Mode for home/SOHO users  Does not require authentication server  “Shared Secret” or password entered manually in the AP and wireless client.  WPA takes over automatically.  Only the clients with matching passwords are allowed to join the network.  The password automatically kicks off the TKIP encryption process. Enterprise Mode for corporate users  Requires an authentication server like RADIUS  Centralized management of user credentials

WPA modes of operation – Enterprise Mode Wired Network Services Internet Authentication server Access Point

WEP vs. WPA WEPWPA EncryptionFlawedFixes all WEP flaws 40-bit keys128-bit keys Static-same keys used by everyone on network Dynamic session keys. Per-user, per-session, per-packet keys Manual distributionAutomatic Distribution AuthenticationFlawed, uses WEP key itself Strong user authentication using 802.1X and EAP

Comparing WPA and i i 802.1X Key management Cipher & Authentication negotiation TKIP AES WPA

Conclusion WPA is not an ideal security protocol design… However, it is a dramatic improvement in Wi- Fi security. Has not been broken (yet). Protects the original hardware investment. If hardware constraint removed, a more robust security solution possible. Such a solution is being developed based on a even stronger cryptographic cipher - Advanced Encryption Standard (AES).

References [1] Bruce Potter & Bob Fleck, “ Security”, O-Reilly, December 2002 [2]James larocca & Ruth larocca, “ Demystified”, McGraw-Hill Telecom, 2002 [3]Whitepaper on Wireless LAN Security on [4] x.html