Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Slides:



Advertisements
Similar presentations
WLAN SECURITY TEAM NAME : Crypto_5 TEAM MEMBERS: Rajini Ananthoj Srimani Reddy Gatla Ishleen Kour Pallavi Murudkar Deepagandhi Vadivelu.
Advertisements

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
1 MD5 Cracking One way hash. Used in online passwords and file verification.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.
Implementing Wireless LAN Security
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
WEP and i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
Wireless Network Security: WEP And Beyond Heidi Parsaye Jason DeVries Roxanne Ilse Heidi Parsaye - Jason DeVries - Roxanne Ilse.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE Wireless Local Area Networks (WLAN’s).
15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
WLAN What is WLAN? Physical vs. Wireless LAN
A Methodology for Evaluating Wireless Network Security Protocols David Rager Kandaraj Piamrat.
Mobile and Wireless Communication Security By Jason Gratto.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Wireless Networking.
A History of WEP The Ups and Downs of Wireless Security.
Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Securing your wireless LAN Paul DeBeasi VP Marketing
WEP Protocol Weaknesses and Vulnerabilities
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
WEP, WPA, and EAP Drew Kalina. Overview  Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA)  Extensible Authentication Protocol (EAP)
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
 Houses  In businesses  Local institutions  WEP – Wired Equivalent Privacy -Use of Initialization Vectors (IVs) -RC4 Traffic Key (creates keystreams)
WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.
Wireless security Wi–Fi (802.11) Security
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.
By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id:
Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.
Authentication and handoff protocols for wireless mesh networks
Wireless Protocols WEP, WPA & WPA2.
WEP & WPA Mandy Kershishnik.
Wireless LAN Security 4.3 Wireless LAN Security.
IEEE i Dohwan Kim.
Wireless Network Security
Presentation transcript:

Wireless Security Beyond WEP

Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

WEP RC4 stream cipher WEP key (40 or 60 bit) combined with 24-bit Initialization Vector (IV) Sender XORs stream cipher with data to encrypt IV and ciphertext sent, decoded using IV and stored WEP key

WEP Vulnerabilities Use of same WEP key among clients Limited keyspace for IV (16,777,215) With enough traffic, IVs are re-used Possible to collect packets with same IV and crack WEP key - then open to data capture and MITM attacks No key management - WEP key must be changed manually on each NIC

Attempts to secure WEP Larger WEP key length (Lucent 104/128-bit, Agere 152-bit, USR’s 256-bit) Just takes longer to retrieve WEP key VPN Can be difficult to achieve seamless routing when APs are crossed

Wi-Fi Alliance introduces WPA 802.1X EAP mutual authentication or PSK (Pre-Shared Key) TKIP for encryption MMIC (Michael Message Integrity Check) for data integrity

802.1X EAP Mutual Authentication Port-based access control Mutual authentication via authentication server

802.1X EAP has three elements Supplicant - client device Authentication Server - RADIUS server or similar Authenticator - intermediary between Supplicant and Authentication server (usually an AP)

Different types of EAP LEAP - Cisco proprietary, uses username/password to authenticate against RADIUS TLS - RFC 2716, uses X.509 certificates for authentication on both Supplicant and Authenticator TTLS - Developed by Funk Software, Authenticator uses a certificate to identify itself, Supplicant can use username/password PEAP - Authenticator uses certificate, Supplicant can use username/password

TKIP - Temporal Key Integrity Protocol Fixes the flaw of key reuse in WEP Comprised of three parts, guarantees clients us different keys bit temporal key, shared by clients and APs - MAC of client - 48-bit IV describes packet sequence number

TKIP continued Uses RC4 like WEP, so only software or firmware upgrade required Changes temporal keys every 10,000 packets

Michael Message Integrity Check (MMIC) Message Integrity Code (MIC) - 64-bit message calculated using “Michael” algortithm inserted in TKIP packet to detect content alteration Protects both data and header Implements a frame counter, which discourages replay attacks

Two modes of WPA WPA Enterprise WPA PSK (Pre-Shared Key)

WPA Enterprise Requires RADIUS server Uses RADIUS for both authentication and key distribution Central management

WPA PSK No RADIUS server required Uses shared secret Management is handled on the AP - Vulnerable to dictionary attacks - Still uses partial shared key

WPA Summary Requires authentication using 802.1X Keys change using TKIP Header as well as payload protected by adding MIC to ICV Frame counter to lower risk of replay attacks Still a temporary stopgap to i and/or WPA2 since it still uses RC4 and PSK uses shared key