Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Slides:

Advertisements

Similar presentations

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005

Advertisements

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.

Security+ Guide to Network Security Fundamentals, Third Edition

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless Security Chi-Shu Ho, Raymond Chi CS265 Cryptography and Computer Security SJSU November 18, 2003.

WEP and i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

COMP4690, HKBU1 Security of COMP4690: Advanced Topic.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Temporal Key Integrity Protocol (TKIP) Presented By: Laxmi Nissanka Rao Kim Sang Soo.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE

IEEE Wireless Local Area Networks (WLAN’s).

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

IWD2243 Wireless & Mobile Security Chapter 3 : Wireless LAN Security Prepared by : Zuraidy Adnan, FITM UNISEL1.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

WLAN What is WLAN? Physical vs. Wireless LAN

A Methodology for Evaluating Wireless Network Security Protocols David Rager Kandaraj Piamrat.

Mobile and Wireless Communication Security By Jason Gratto.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized.

Wireless Networking.

A History of WEP The Ups and Downs of Wireless Security.

Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.

Wireless Network Security Dr. John P. Abraham Professor UTPA.

Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

IEEE i WPA2. IEEE i (WPA2) IEEE i, is an amendment to the standard specifying security mechanisms for wireless networks. The.

WEP Protocol Weaknesses and Vulnerabilities

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

WEP Case Study Information Assurance Fall or Wi-Fi IEEE standard for wireless communication –Operates at the physical/data link layer –Operates.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.

Security Technologies built into std. Presented by T.R.Santhosh.

.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.

IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004

Xiuzhen Cheng Xiuzhen Cheng Csci388 Wireless and Mobile Security – Temporal Key Integrity Protocol.

Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

 Houses  In businesses  Local institutions  WEP – Wired Equivalent Privacy -Use of Initialization Vectors (IVs) -RC4 Traffic Key (creates keystreams)

WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.

Wireless security Wi–Fi (802.11) Security

CSE 5/7349 – April 5 th 2006 Wireless Networking.

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.

IEEE Security Specifically WEP, WPA, and WPA2 Brett Boge, Presenter CS 450/650 University of Nevada, Reno.

Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.

By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.

EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Wireless Security.

OSA vs WEP WPA and WPA II Tools for hacking

Wireless Protocols WEP, WPA & WPA2.

We will talking about : What is WAP ? What is WAP2 ? Is there secure ?

WEP & WPA Mandy Kershishnik.

IEEE i Dohwan Kim.

Wireless Network Security

Presentation transcript:

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Outline  Security definitions  Current security  Weak IV problem  Wi-Fi Protected WPA security  i

Security Definitions  Security context between two (network) entities should provide  Authentication - to prove identity  Integrity - to detect altered packets  Privacy - to prevent eavesdropping

Current Security  (as per the 1999 spec)  Authentication  Tied to association (session between station and AP)  Open system - all stations may associate  Shared key - stations must know secret  Integrity  Privacy

Current Security  (as per the 1999 spec)  Authentication  Integrity - Integrity Check (IC) field  32 bit CRC in encrypted payload  Not separately keyed  Vulnerable to bit-flipping attacks  Privacy

Current Security  (as per the 1999 spec)  Authentication  Integrity  Privacy - Wired Equivalent Privacy (WEP)  RC4 cipher (relies on XOR)  Up to 4 keys per station (40 bit or 104 bit)  Initialization Vector (IV)  24 bit extension to key  Provides some randomization to key  Unfortunately, keyspace is small!

Big WEP Attack - Weak IV  Say an AP constantly sends 1500 byte frames at 11 Mbps  Keyspace is exhausted in 5 hours  Will be quicker if packets are smaller  Original IV algorithms made things much worse  Some cards used same IV for multiple packets Some cards reset IV to 0 after initialization  Some cards increment IV by 1 after each packet  WEP+ fixed these “Weak IV” issues

Improving Security  Improve authentication  System wide common login  Improve integrity  Separate integrity key  Stronger integrity algorithm  Improve privacy  Increase keyspace size (make cracker analyze more data in order to recover key)  Per -user keys  Key rollover  Stronger privacy algorithm

802.11i and WPA  IEEE i - IEEE task group “MAC enhancement for wireless security”  Wi-Fi Alliance WPA - subset of i  Compatible with earlier draft  Defined for BSS only  Defined for current hardware  WPA has two major components  Authentication  TKIP encryption

WPA  Authentication  802.1x (not x) - defined for both wired and wireless session establishment  EAP (Extensible Authentication Protocol) - generic wrapper for authentication traffic  EAP impact  Authentication is between laptop and server - AP is pretty clueless  Different auth methods, updating auth methods do not require upgrades on AP  Pre-Shared Key (PSK) - for SOHO networks

WPA  Temporal Key Integrity Protocol (TKIP)  Stronger privacy  Still uses RC-4 encryption  Key rollover (temporal key)  Stronger integrity  Message Integrity Code (MIC) - computed with own integrity algorithm (MICHAEL)  Separate integrity key  Integrity counter measures

802.11i  Additions over WPA  IBSS (ad-hoc mode) authentication - what does a security context mean without a trusted third party? Is PSK enough?  Counter-Mode/CBC-MAC Protocol (CCMP)  Privacy: AES-CCM (128 bit key)  Integrity: CBC-MAC

802.11i criticisms  Does not secure management control and action frames  Disassociate, output power, etc.  Fundamental dilemma: does i secure  1. Traffic carried by the network?  2. Network elements themselves?