WLAN What is WLAN? Physical vs. Wireless LAN

Slides:



Advertisements
Similar presentations
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Advertisements

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Your Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
1 MD5 Cracking One way hash. Used in online passwords and file verification.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
COMP4690, HKBU1 Security of COMP4690: Advanced Topic.
Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.
& WEP Tzachy Reinman System and Network Security Course
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
The Final Nail in WEP’s Coffin Andrea Bittau, Mark Handley – University College London Joshua Lackey - Microsoft CPS372 Gordon College.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.
Mobile and Wireless Communication Security By Jason Gratto.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.
CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.
Wireless Networking.
Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Wireless Insecurity By: No’eau Kamakani Robert Whitmire.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
Intercepting Mobile Communications: The Insecurity of Nikita Borisov Ian Goldberg David Wagner UC Berkeley Zero-Knowledge Sys UC Berkeley Presented.
Wireless Encryption: WEP and cracking it. Eric Shea.
WEP Protocol Weaknesses and Vulnerabilities
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
WEP, WPA, and EAP Drew Kalina. Overview  Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA)  Extensible Authentication Protocol (EAP)
WEP Case Study Information Assurance Fall or Wi-Fi IEEE standard for wireless communication –Operates at the physical/data link layer –Operates.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.
IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004
Hacking Wireless Networks (Part II – WEP & WPA)
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Wireless security Wi–Fi (802.11) Security
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.
Wireless Network Security CSIS 5857: Encoding and Encryption.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
WLAN Security1 Security of WLAN Máté Szalay
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?
Module 48 (Wireless Hacking)
Wireless Protocols WEP, WPA & WPA2.
CSE 4905 Network Security Overview
Wireless Network Security
Antti Miettinen (modified by JJ)
Presentation transcript:

WLAN What is WLAN? Physical vs. Wireless LAN Wireless Local Area Network Extension of a wired LAN Uses high frequency radio waves (RF) Speed: 2 MB/s to 54 Mb/s Distance:100 feet to 15miles Physical vs. Wireless LAN Physical LAN has defined borders Wireless is difficult to determine where access stops Both are vulnerable to attacks

802.11 Standard 802.11 IEEE family of specifications for WLANs 2.4GHz 2Mb/s Includes WEP 802.11a 5GHz, 54Mb/s 802.11b Often called Wi-Fi, 2.4GHz, 11Mb/s 802.11e QoS & Multimedia support to 802.11b & 802.11a 802.11g 2.4GHz, 54Mb/s 802.11i An alternative of WEP, known as WPA2

Modes of WLANs Ad-Hoc Peer to Peer Communication only to computers within transmission range If communication to the internet is required then one of the members must act as a router Called the Independent Basic Service Set (IBSS)

Modes of WLANs Infrastructure Each client sends its data to an access point The access points acts as a bridge and forwards the packets to other clients or to the wired network. Called the Basic Service Set (BSS)

War Driving & Chalking People drive around looking for access points. When an access point is found, a chalk mark is placed on the sidewalk or building

WEP WEP – Wired Equivalent Privacy Supposed to give the same amount of privacy as a wired LAN Used to prevent eavesdropping Used to prevent unauthorized access to the LAN (not explicitly a goal of WEP)

Secure Protocols For Encryption Application Application SSL SSL Transport (TCP, UDP) Transport (TCP, UDP) Router Network (IP) Network (IP) Network (IP) Network (IP) (VPN) (VPN) 802.11b Link 802.11b Link Ethernet Link Ethernet Link WEP WEP 802.1b Physical 802.1b Physical Ethernet Physical Ethernet Physical

Beacon Frame Each access point broadcasts a beacon frame several times a second It contains: The beacon interval – How often does the frame get broadcast A time stamp Service Set Identifier (SSID) Supported transmission rates Parameter sets – frequency hops, delay, etc Compatibility info – such as: all clients must use WEP Traffic Map – What AP are in power saver mode

Probe Frame A client may broadcast a probe frame to find the AP associated with an SSID. The SSID is required for all communication with an access point.

Association Before a client can communicate with the AP, a relation or association must be established. There are 3 association states 1)Unauthorized and unassociated 2)Authenticated and unassociated 3)Authenticated and associated To move from state1 to state 2 in an open system, a client sends a authentication request, and the AP responds with an authorization success frame. Open systems may also employ MAC access lists to determine if the AP responds with an authorization success frame.

WEP Association WEP relies on a shared key The client sends a authentication request indicating the use of a shared key The AP responds with a challenge containing 128 Octets generated with the WEP pseudo-random number generator (PRNG) seeded with the shared key and an initialization vector (IV). The client then encodes the message using the key, a new IV and sends it to the AP. The AP decrypts and compares. This authenticates the client to the AP

WEP Uses an RC4 stream cipher Uses a shared key Creates a repeatable stream of “random” data The data is XORed with the data to get the encrypted data Uses a shared key Can be “64 bit or 128 bit” Uses an initialization Vector (IV) 24 bit Actually used as part of the key so… The 64 bit key is actually a 40 bit shared key The 128 bit key is actually a 104 bit shared key. Increments with each frame (by convention) Sent as clear text in each frame.

IP Data ICV is a 32 bit CRC of the plain IP data Seed RC4 with IV + shared key, XOR output with data 802.11 Hdr IV Encrypted IP Data ICV IV Sent in clear text

Problems Because of the XOR and the static shared key, getting two frames with the same IV one can statistically figure out the message. Becomes even easier if you have multiple frames with the same IV An AP sending out 1500byte packets at 11Mb/s will use every IV in about 5 hours. But most packets are smaller so the rollover will occur even sooner. Most wireless cards reset their IV to 0 on reset. Even worse…The 802.11 standard makes changing the IV optional. The ICV uses CRC32 which is good at detecting transmission problems, but easy to get a valid crc with altered data Subject to replay attacks.

Attacks Passive Active Listen to the air waiting for a duplicate IV and apply statistics. Active With knowledge of the contents (tcp/ip), the attacker can guess where the destination is, and by flipping some bits, the AP will send the packet to another address. Once the attacker has the encrypted text and the decrypted text the XOR is easily gotten Another active attack is to send a packet from the internet to a destination on the WLAN. The AP will encode the message, thus the attacker has both the encrypted and plan text again.

Defense Stop the AP from broadcasting the SSID Change the SSID from the factory default Don’t use any identifying number Enable MAC authentication Use 128 bit WEP Change the default passwords on the AP itself Set /change the shared key!!! Place a firewall between the AP and the intranet Use a higher level encryption such as SSL or VPN Use WPA. This standard addresses these problems.

WPA WPA – Wi-Fi Protected Access Designed to run with existing WEP access points with just a firmware change Changes to WEP TKIP (Temporal Key Integral Protocol) 48 Bit IV (instead of 24 bit) At current 802.11a (54 Mb/s) it will take 645 years before the IV will roll Initialized to 0 when the shared key is initialized Increments with every packet sent out AP rejects any packet with a IV less then the current count Traffic halts if the key gets to it’s max value

WPA Changes to WEP TKIP (Temporal Key Integral Protocol) Shared Key TA Change the per packet key with every association (instead of static) Employ 802.1X EAPOL key message (RADIUS) Use the transmitter’s MAC Address in the key (TA) Shared Key TA IV XOR Shared Key Phase 1 IV RC4 Per Packet Key

WPA Changes to WEP Addition of a MIC (message Integrity Check) Often referred to as Michael A hash used to prevent message alteration Hash the shared key, source address, destination address, and the data

WPA IP Data Seed RC4 with TKIP XOR output with data +IV 802.11 Hdr IV +Source MAC +Dest MAC +Per packet Key Seed RC4 with TKIP XOR output with data +IV 802.11 Hdr IV Encrypted IP Data IV MIC IV Sent in clear text CRC32 802.11 Hdr IV Encrypted IP Data MIC ICV

WPA Problems If you know the type of packet (most likely ARP), the crc32 checksum will allow you to guess the bytes of the packet Once you have a guess, you submit the packet to the AP. If the AP accepts the packet, you guessed the bytes correctly. Continue guessing. WPA counter measure requires a 60 second delay between guesses Using an ARP packet, you can generate your own ARP packets in about 12 minutes. One you have ARP, you can do a man in the middle attack and see both the clear text and the encrypted text, and get the key stream, but… You must use the QoS channel (if enabled) and then you can only send 15 packets before the IV changes the entire key stream.

WPA2 Fixes the WPA problems by only using a block cipher Impossible to get a “key stream” as they don’t exist. Problem: All packets are the increment of the block size! (multiples of 128 bit). Uses AES –symmetric key, block cipher Personal mode Pre-shared key Enterprise mode Requires a pre-shared key Uses 802.1x EAPOL key message (RADIUS) to generate a session key Called a Robust Security Network (RSN) Requires different hardware then WPA equipment RSN is incompatible with WPA