Doc.: IEEE 802.11-00/031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 1 Proposal to use KPS to Enhance WLAN Security Shinicihro Watanabe,

Slides:



Advertisements
Similar presentations
Doc.: IEEE /087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.
Advertisements

An Alternative Approach for Enhancing Security of WMANs using Physical Layer Encryption By Arpan Pal Wireless Group Center of Excellence for Embedded Systems.
CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
P Security Survey and Recommendations By: Ryon Coleman October 16, 2003.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Security+ Guide to Network Security Fundamentals, Third Edition
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
The Dangers of Mitigating Security Design Flaws: A Wireless Case Study Nick Petroni Jr., William Arbaugh University of Maryland Presented by: Abe Murray.
Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE Wireless Local Area Networks (WLAN’s).
Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
04/26/2004CSCI 315 Operating Systems Design1 Computer Networks.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.
Key Distribution CS 470 Introduction to Applied Cryptography
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Network Security Sorina Persa Group 3250 Group 3250.
1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.
WLAN What is WLAN? Physical vs. Wireless LAN
Ch. 5 – Access Points. Overview Access Point Connection.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 50 – The Wireless LAN.
Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized.
CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.
A History of WEP The Ups and Downs of Wireless Security.
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Wireless Insecurity By: No’eau Kamakani Robert Whitmire.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
Chapter 20 Symmetric Encryption and Message Confidentiality.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.
WEP Protocol Weaknesses and Vulnerabilities
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Network Security David Lazăr.
V0.0CPSC415 Biometrics and Cryptography1 Placement of Encryption Function Lecture 3.
Measuring of the time consumption of the WLAN’s security functions Jaroslav Kadlec, Radek Kuchta, Radimír Vrba Dept. of Microelectronics.
Doc.: IEEE /063 Submission May 2000 Y. Kuchiki, M. Ikeda Seiko Epson Corp. Slide 1 Yutaku Kuchiki, Masayuki Ikeda Seiko Epson Corporation May.
Cisco Discovery Home and Small Business Networking Chapter 3 – Connecting to the Network Jeopardy Review Darren Shaver – Kubasaki High School – Okinawa,
無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.
Lecture 2: Introduction to Cryptography
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.
Lecture 24 Wireless Network Security
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
IT Ess I v.4x Chapter 1 Cisco Discovery Semester 1 Chapter 3 JEOPADY Q&A by SMBender, Template by K. Martin.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Connecting Devices CORPORATE INSTITUTE OF SCIENCE & TECHNOLOGY, BHOPAL Department of Electronics and.
Doc.: IEEE /200 Submission September 2000 Ron Brockmann, Intersil Plug-n-Play Security in the Home & Small Business Ron Brockmann Intersil.
Chapter 2 Symmetric Encryption.
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
How are Computers Connected? Chapter 8. How do you connect computers? Run wires between two computers Power Cord Plug into a power outlet Two wires needed.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
Doc.: IEEE /0690r0 Submission Andrew Myers, BT Slide 1 July GPP SA3 Interworking Security Issues II Andrew Myers British Telecommunications.
Doc.: IEEE /376 Submission November 2000 S. Watanabe et al, Seiko Epson Corp. Slide 1 Proposal to use KPS to Enhance Security of MAC Layer Shinichiro.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
WLAN Security1 Security of WLAN Máté Szalay
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless Security Ian Bodley.
Multi-band Discovery Assistance
Presentation transcript:

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 1 Proposal to use KPS to Enhance WLAN Security Shinicihro Watanabe, Yutaku Kuchiki, Kazuaki Naito, Masayuki Ikeda Seiko Epson Corporation March 2000

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 2 Introduction Problems of the current WEP KPS Implementation SEC9H: MAC Chip with KPS Patents Conclusion

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 3 Problems of the Current Standard -Not specified how to control keys -Difficult to exchange shared keys -Secret data is stored in MIB, which is accessible by external users -Difficult to authenticate -Practically impossible to deliver unique keys to every STA pair in a system

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 4 Default Key and Key Mapping Default Key System (MIB-aWEPDefaultKeys) Mapped Key System (MIB-aWEPKeyMappings)

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 5 Problems of the Current Standard -Not specified how to control keys -Difficult to exchange shared keys -Secret data is stored in MIB, which is accessible by external users -Difficult to authenticate -Practically impossible to deliver unique keys to every STA pair in a system Key Distribution Problem

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 6 Basic Flow of the KPS Communications KPS Center System-ID 1. Setting a Private-ID2. KPS Communications Private-ID A Public-ID A (MAC Address A) Public-ID B (MAC Address B) Private-ID B Private-ID n Public-ID n (MAC Address n) (Procedure necessary only once)

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 7 Basic Flow of the KPS Communications 1. Setting a Private-ID2. KPS Communications K AB = K BA Public-ID B (MAC Address B) KPS Center System-ID Private-ID A Public-ID A (MAC Address A) Public-ID B (MAC Address B) Private-ID B (Procedure necessary only once) KPS Module Private-ID A KPS Module Private-ID B K AB K BA Receiver B (MAC Address B) Public-ID A (MAC Address A) Sender A (MAC Address A) (Generated Key is without connections)

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 8 Principle behind KPS Communications K AB = K BA K AB ≠ K CA for any of C; C ≠ B K BA ≠ K CB for any of C; C ≠ A K AB = K BA K AB ≠ K CA for any of C; C ≠ B K BA ≠ K CB for any of C; C ≠ A

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 9 KPS Security (1) HUB vs Switch HUB (MAC0) NIC4 (MAC4) NIC3 (MAC3) NIC2 (MAC2) NIC1 (MAC1) Ethernet LAN (HUB) NIC:Network Interface Card NIC4 : Network Interface Card (Attacker) : Packet (HUB ⇒ MAC1) NIC3 (MAC3) NIC2 (MAC2) NIC1 (MAC1) Switch (MAC0) NIC4 (MAC4) Ethernet LAN (Switch)

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 10 KPS Security (2) WEP vs WEP + KPS WEP Only802.11WEP + KPS

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 11 Authentication Masquerade

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 12 Implementing KPS to MAC Parameters –Public-ID: Apply the MAC address as it is. 48 bits length. –System-ID:1024 x 1024 x 40 bits. –Conspiracy number 1024 –Private-ID size:5 k bytes –Shared key length:40 bit (based on current standard) MIB privacy group – AKPS Invoked: 0: KPS is off (default)1: KPS is on

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 13 KPS Module KPS Algorithm Private-ID One-Way Schemes RC4 PRNG RC4 PRNG Private-ID KPS Algorithm One-Way Scheme 1 One-Way Scheme 2 40bit × × × × × × × ・ ・ ・ ・ XOR ・・・・・・・・・・・・・ 10 Private-ID (1024 × 40) Input (Effective-ID) Output bit RC4 PRNG Public-ID(48bit) Effective-ID(1024bit) RC4 Key RC4 PRNG KPS Algorithm Output (40bit) Fixed Data(Secret) (40bit) Default Key #0 (40bit) Shared Key(40bit) XOR RC4 Key

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 14 Who should administrate the KPS Center Private system: Each vendor can create System-IDs independently Multi-vendor system: –Idea 1: A public organization creates and strictly controls a System-ID. The public organization duplicates and ciphers the System-ID and delivers it with a KPS Center tool to vendors. – Idea 2: A public organization creates and strictly controls a System-ID. It issues Private-IDs in response to demands from venders. The organization should inspect whether the demands are from the right vendors. We propose that controls the KPS Center

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 15 SEC9H: MAC chip with KPS SEC9H: MAC controller with KPS GBT9: Hi-datarate BB processor Evaluation board

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 16 SEC9H: MAC controller with KPS Target baseband processor –HFA3860B (Intersil) –GBT9 (Seiko Epson Corporation) IEEE802.11b protocol compliant Hi-data rate, –5.5 M/11 Mbps with HFA3860B –3.7 M/5.5 M / 7.3 M / 9.2 M / 11.0 M / 12.8 Mbps with GBT9 KPS: Automatic shared key generation Dual host bus: ISA and PCMCIA Low power consumption

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 17 Inventor –Prof. Tsutomu Matsumoto, Yokohama National University –Prof. Hideki Imai, Tokyo University Patents –Japan: –US: –Patent Number 5,016,276 (May 14, 1991) –Europe: –Patent Number (04 . ) About KPS Cipher Key Sharing Method Patent Number: , October 25, 1995 Owner of the patent: Advance Co., Ltd.

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 18 Conclusion Use KPS to enhance WLAN security. KPS solves the Key Distribution Problem. Seiko Epson can provide evaluation chips and tools. KPS Features: –It distributes unique shared keys to every sender/receiver pairs without exchanging any secret data –It performs authentication inherently, with no additional schemes –It releases the system administrator from controlling encryption keys –It does not require changing current security protocols to implement KPS –It is easy to use and implement

doc.: IEEE /031 Submission March 2000 S. Watanabe Seiko Epson Corp. Slide 19 End Robust cryptography KPS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.