Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Slides:



Advertisements
Similar presentations
Wireless Security By Robert Peterson M.S. C.E. Cryptographic Protocols University of Florida College of Information Sciences & Engineering.
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
1 MD5 Cracking One way hash. Used in online passwords and file verification.
Security+ Guide to Network Security Fundamentals, Third Edition
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Wired Equivalent Privacy (WEP)
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE Wireless Local Area Networks (WLAN’s).
Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
IWD2243 Wireless & Mobile Security Chapter 3 : Wireless LAN Security Prepared by : Zuraidy Adnan, FITM UNISEL1.
Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University
WLAN What is WLAN? Physical vs. Wireless LAN
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Mobile and Wireless Communication Security By Jason Gratto.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Wireless and Security CSCI 5857: Encoding and Encryption.
Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized.
Wireless Networking.
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
NSRI1 Security of Wireless LAN ’ Seongtaek Chee (NSRI)
CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.
WEP Protocol Weaknesses and Vulnerabilities
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Network Security – Special Topic on Skype Security.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.
Wireless Network Security CSIS 5857: Encoding and Encryption.
Network Security. Three tools Hash Function Block Cipher Public Key / Private Key.
Doc.: IEEE /657r0 Submission August 2003 N. Cam-WingetSlide 1 TGi Draft 5.0 Comments Nancy Cam-Winget, Cisco Systems Inc.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id:
Understand Wireless Security LESSON Security Fundamentals.
1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.
Module 48 (Wireless Hacking)
Authentication and handoff protocols for wireless mesh networks
Wireless Protocols WEP, WPA & WPA2.
Network Security.
Wireless Security Ian Bodley.
IEEE i Dohwan Kim.
Wireless Network Security
Network Security.
Presentation transcript:

Wireless LAN Security

Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Cryptographic hash functions One-way: given x, very difficult to find a such that H(a) = x. Collision resistance: very difficult to find two strings x1 and x2 such that H(x1) = H(x2). Here, difficult means that computational infeasible.

Block Cipher Very widely used. The sender is sending information to the receiver via an insecure channel, but wishes no one can know the information. The sender and the receiver share a secret key. The information is encrypted according to the secret key, and if other people does not have the key, they cannot decrypt the information. C=E key (P), P=D key (C). Typically, C and P are of the same size. In AES, 128 bits. ``Cannot’’ means computational infeasible.

Cipher Modes – ECB ECB –Electronic Code Book Mode. Break the entire file into blocks, and encode every block individually. Problems. You can replace a block if it is good for you.

CBC – Cipher block chaining Encryption: – C0 = E(P0 xor IV). – C1 = E(P1 xor C0), and so on. – IV is transmitted in plain text. Decryption: – P0 = IV xor D(C0) – P1 = C0 xor D(C1), and so on. So, same message won’t result in the same code.

Stream Cipher Mode T0 = E(IV). T1 = E(T0), and so on. C = P xor T. Don’t use the same stream twice.

Counter mode Ti = E(IV+i). Ci = Pi xor Ti. The advantage is that you can randomly access any block. Used by Skype. Often called ICM (Integer counter mode). ECB also supports random access. Does it have the same problem as ECB? No, because the Ivs are different.

Public key / Private Key If A and B wants to use a block cipher, they must share the same secret key. How can the key be established?

Public Key / Private Key Everyone has a public key and private key. With B’s public key (pkB) A can encode data that only B can decode with his private key (skB) because other people does not have B’s private key. D_skB[E_pkB(W)] = W E_pkB[D_skB(W)] = W

Public Key /Private key So, A can choose a string W as the session key and send E_pkB(W) to B. B runs the decryption algorithm to get D_skB[E_pkB(W)] = W.

The RSA algorithm Most common, the RSA algorithm is used to get the public key/private key. 1.Choose two large primes, p and q. 2.Compute n=pq and z=(p-1)(q-1). 3.Choose a large number relatively prime to z and call it d. 4.Find e such that ed = 1 mod z. (such e must exist) (e,n) is the public key for encoding and (d,n) is the private key for decoding.

The RSA algorithm To encrypt a message M, C=M^e mod n. To decrypt from C, M = C^d mod n. D_skB[E_pkB(M)] = M E_pkB[D_skB(M)] = M.

Why is RSA secure? The problem is, given (d,n), can you figure out e? It is difficult. You can try to find p and q given n. If you indeed can, then you get z. Given z and d, you get e. But it is difficult to factor large numbers.

Wireless LAN Security Compared to wired LAN, wireless LAN are more vulnerable because the frames are broadcast in the air, everyone can sniff it if they like, while wired LANs typically has a pretty good physical security.

Security A node needs to associate with the AP. – The AP broadcast the beacon signal periodically, which contains the SSID (Service Set ID). – The node selects an AP, send a request (probe request management frame) to join. – The AP either just lets the node in without any authentication, or authenticate the node with some mechanisms. – Then the client is associated with the AP. Can start to send or receive data.

Security – WEP Overview WEP: Wired Equivalent Privacy – Has flaws, but people still use it. – Provides some level of security, better than nothing. – Used to Protect from eavesdropping Prevent from unauthorized access Prevent from tampering with transmitted message – Uses static 40 or 104 bit key for authentication and encryption. – Uses RC4 stream cipher. – Only exists between wireless stations

WEP continued The stations share a secret key. Before the data transmission, a 24-bit random Initialization Vector (IV) is generated by the sender. The IV and the secret key are combined to make the session key. So the session key is 64 or 128 bits. The data is encrypted with the session key by the RC4 stream cipher. Then the encrypted data is sent to the receiver along with the plaintext IV. The receiver can decrypt the data with the IV and the shared key. Different IV are used for each transmission.

WEP Vulnerabilities WEP is vulnerable because the keys are static and the IVs are short. – With 24 bits, eventually, packets will share the same IV. 24 bits is about 16M. Remember that the IVs are sent in plaintext. With enough data packets encrypted by the same IV, the hackers can then recover the key stream, and maybe the secret key. – Does not specify how to establish the secret keys. So the same key exists for a long time. – Does not prevent replay attack. – …

WEP vulnerabilities WEP authenticates the node, but not the AP. So, an attacker can pose as the AP!

802.11i Goals: – The data should not be decrypted by unauthorized means. – All transmitted packets should be from the original sender – Authentication should be mutual

Authentication Enhancements – 802.1X Port-based authentication mechanism Interplay by – Supplicant – Authenticator – Authentication Server (AS) "Port-based network access control makes use of the physical access characteristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point-to-point connection characteristics, and of preventing access to that port in cases which the authentication and authorization fails. A port in this context is a single point of attachment to the LAN infrastructure."

Authentication Enhancements – 802.1X A wireless node (WN, the supplicant) asks for authentication. It needs to prove its credentials. The WN sends the request following EAPOL protocol. Before authentication, only EAP traffic is allowed. The Authenticator then forwards the message to the Authentication Server using the RADIOUS format. If the authentication passes, ports can be opened for the WN.

Better Key Management The AS sends the Master Key (MK) in the last authentication message if the authentication is successful. Both the WN and the AS derives a key, called the Pairwise Master Key (PMK). The PMK is moved from the AS to the Authenticator (the AP). PMK is used between the WN and the AP to ``derive, bind, and verify” the Pairwise Transient Key (PTK). The PTK includes – Key Confirmation Key (KCK), used to prove the posession of the PMK and to bind the PMK to the AP – Key Encryption Key (KEK) : used to distributed the Group Transient Key (GTK) – Temporal Key 1 & 2 (TK1/TK2) :used for encryption

TKIP

CCMP

Reading wpa_and_802_11_standards_1109?show=1109.php&cat=wireless wpa_and_802_11_standards_1109?show=1109.php&cat=wireless Check for attack tools.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.