無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.

Slides:



Advertisements
Similar presentations
Digital Signatures and Hash Functions. Digital Signatures.
Advertisements

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Web Security for Network and System Administrators1 Chapter 4 Encryption.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
How To Not Make a Secure Protocol WEP Dan Petro.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Wired Equivalent Privacy (WEP)
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Network Security Sorina Persa Group 3250 Group 3250.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Mobile and Wireless Communication Security By Jason Gratto.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
CSC-682 Advanced Computer Security
CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.
Computer Networks with Internet Technology William Stallings Network Security.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
每时每刻 可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.
Chapter 8: Scrambling Through Cryptography Security+ Guide to Network Security Fundamentals Second Edition.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Chapter 21 Public-Key Cryptography and Message Authentication.
Stream Cipher July 2011.
NSRI1 Security of Wireless LAN ’ Seongtaek Chee (NSRI)
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 2 “Cryptographic Tools”.
WEP Protocol Weaknesses and Vulnerabilities
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
Network Security David Lazăr.
Chapter 2 Advanced Cryptography (Part C)
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Lecture 2: Introduction to Cryptography
Chapter 11 Message Authentication and Hash Functions.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
Cryptography and Network Security (CS435) Part Nine (Message Authentication)
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
BZUPAGES.COM Cryptography Cryptography is the technique of converting a message into unintelligible or non-understandable form such that even if some unauthorized.
How To Not Make a Secure Protocol WEP Dan Petro.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
หัวข้อบรรยาย Stream cipher RC4 WEP (in)security LFSR CSS (in)security.
Presentation transcript:

無線網路安全 WEP

Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack Active Attack

Passive Attack Release of message contents, Traffic analysis

Active Attack(1/4) Masquerade

Active Attack(2/4) Replay

Active Attack(3/4) Modification of Messages

Active Attack(4/4) Denial of Service

The Defense Cryptography system Symmetry key (shared key) Asymmetric key (public key) Issue: Key distribution Plain text Encryption Algorithm Encryption Algorithm Ciphertext Decryption Algorithm Decryption Algorithm Plain text (original) Encryption key Decryption key (open) (secret)

Symmetric-Key Systems DES (Data Encryption Standard) A block cipher with a 56-bit key. Has been one of the most widely used encryption algorithms Too weak today because of the computing power of current CPU. Triple-DES (or 3DES)A enhanced version of DES with increased key length. IDEA(International Data Encryption Algorithm) Encrypting data faster and more secure than DES. (128-bit) Blowfish A compact and simple block cipher with a variable-length key of up to 448 bits. RC2 (Rivest cipher no. 2) A block cipher with a variable-length key of up to 2048 bits. The details of the algorithm used have not been officially published. RC4 (Rivest cipher no. 4)A stream cipher with a variable-length key of up to 2048 bits. AES (Advanced Encryption Standard) One of the most popular algorithms used in symmetric-key system

Asymmetric-Key Systems RSA (named after its creators–Rivest, Shamir and Adleman) Based on the problem of factoring large integers Advances in the mathematical methods will affect the algorithm's vulnerability. DSS (Digital Signature Standard) Developed by the US National Security Agency (NSA). Can be used only for digital signatures and not for encryption or key distribution.

The Attack - Cryptanalysis Ciphertext only Brute-force Known plaintext has a sample of plaintext and a corresponding sample of ciphertext deduce the encryption key for decrypt other portion of ciphertext Chosen text select particular blocks of plaintext to yield more information about the key

The Defense - Integrity Modification attack may occur in a series of related cipher blocks  Data integrity is broken Message Digest Fixed-length hash value dependent on original data Requirement: difficulty to deduce the original data (one-way hash) MD5 Takes any arbitrary length input string and produces a fixed 128-bit value. SHA (secure hash algorithm) Similar to MD5 but produces a 160-bit hash value so is more resistant to brute force attacks 1.

The Defense - Freshness For replay attack Timestamp the message and the time stamp need to be bound together in some way Sequence number Useless in connectionless packet-switched network Nonce an unpredictable value in a challenge–response sequence

The Defense - Freshness

The Defense - Authentication To provide some assurance about the source of a message Challenge–Response protocol using public key on message digest  Digital Signature To assure that the public key is really belong to its owner  Digital Certificate Third-party certification authority is required

Attacks on Wireless Networks Eavesdropping Communication Jamming Denial of Service, DoS Man-In-The-Middle attack

Attacks on Wireless Networks

Eavesdropping In wireless network, attacker can easily capture packet from air- interface. For packets with no encryption or weak encryption, attacker can analyze and crack them.

Attacks on Wireless Networks Communication Jamming In wireless network, the signal could be interfered by others. Use high power signal generator can interrupt the communication between MNs and AP

Attacks on Wireless Networks Denial of service (DoS) Attacker use lots of packets to paralyze AP or server Methods include: ARP packet SYN flooding attack ICMP/UDP flooding attack Smurf ….

Attacks on Wireless Networks SYN flooding attack ICMP flooding attack UDP flooding attack

Attacks on Wireless Networks Smurf flood attack

Attacks on Wireless Networks Man In The Middle attack In network, Man-in-the-Middle attack could be the forgery AP. The AP attempts lead user to give him private information.

Wire Equivalent Privacy

Properties WEP Wired Equivalent Privacy Data encryption using shared WEP keys Original goal – Providing privacy similar to a wired network Using RC4 cipher (stream cipher) Shared Key Authentication Single key is shared by all users and access points Challenge-response Manual key distribution

RC4 Cipher

WEP Data Processing

40-bit WEP key must be manually prepared Setup manually in the configuration of the AP and the stations Totally, 4 keys can be setup but only one of them can be selected for encryption Key is shared among all members 24-bit Initial Vector (IV) is randomly generated Transmitted in plaintext 32-bit ICV = 32-bit CRC of the frame body

RC4 Algorithm stream cipher symmetric key Use two array, state and key byte state table. State[256]=[ ] 2. It has the capability of using keys between 1 and 2048 bits. Key[ ] = [ ……. ] Hint. WEP use 40 bits

RC4 Algorithm * Two phases  Key Setup 1. f = ( f + S i + K g ) mod Swapping S i with S f  Ciphering ( XOR) 1. i = ( i + 1 ) mod 4, and f = ( f + S i ) mod Swaping S i with S f 3. t = ( S i + S f ) mod 256 Random byte S t

Key Setup Example Iteration 1: i=0, f=0, g=0 S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 0, 1, 2, 3 ] K[ ]=[ K 0, K 1 ] = [ 2, 5 ] Because f=(f + S 0 + K 0 )mod 4=2, then swap S 0 with S 2 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 2, 1, 0, 3 ] i= i +1 = 1 g =(g+1)mod 2 = 1

Key Setup Example Iteration 2: i=1, f=2, g=1 S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 2, 1, 0, 3 ] K[ ]=[ K 0, K 1 ] = [ 2, 5 ] Because f=(f + S 1 + K 1 )mod 4=0, then swap S 1 with S 0 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 2, 0, 3 ] i = i +1 = 2 g =(g+1)mod 2 = 0

Key Setup Example Iteration 3: i=2, f=0, g=0 S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 2, 0, 3 ] K[ ]=[ K 0, K 1 ] = [ 2, 5 ] Because f=(f + S 2 + K 0 )mod 4=2, then swap S 2 with S 2 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 2, 0, 3 ] i= i +1 = 3 g =(g+1)mod 2 = 1

Key Setup Example Iteration 4: i=3, f=2, g=1 S[ ]=[ S0, S1, S2, S3 ] = [ 1, 2, 0, 3 ] K[ ]=[ K0, K1 ] = [ 2, 5 ] Because f=(f + S3 + K1)mod 4=2, then swap S3 with S2 New array S[ ]=[ S0, S1, S2, S3 ] = [ 1, 2, 3, 0 ]

Ciphering Example “H” : i=0, f=0 S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 2, 3, 0 ] Because i = ( i + 1 )mod 4 = 1 f =( f + S 1 )mod 4 = 2, then swap S 1 with S 2 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 3, 2, 0 ] t = ( S 1 + S 2 )mod 4 = 1 S 1 = 3 ( ) H XOR

Ciphering Example “I” : i=1, f=2 S[ ]=[ S0, S1, S2, S3 ] = [ 1, 3, 2, 0 ] Because i = ( i + 1 )mod 4 = 2 f =( f + S2)mod 4 = 0, then swap S 2 with S 0 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 2, 3, 1, 0 ] t = ( S2 + S0 )mod 4 = 3 S3 = 0 ( ) I XOR

Ciphering Example  Result Plaintext : Cipher :

Weakness Key Management WEP uses static (keys are not changed dynamically)master keys  easy to crack. Since all users use same WEP key, difficult to change the key. The IV value is too short. IV+WEP key  Weak key attacks (FMS attack). Reconstruct the key from a number of collected encrypted messages Weak keys in RC4 algorithm No effective detection of message integrity  Modifying the contents of a frame without changing the ICV no protection against message replay.