Wireless Security: The need for WPA and 802.11i By Abuzar Amini CS 265 Section 1.

Slides:

Advertisements

Similar presentations

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005

Advertisements

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.

Implementing Wireless LAN Security

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

OpenSig 2003: Panel Discussion on the Differences and Similarities of Wired vs. Wireless Security Russ Housley 9 October 2003.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID

Wired Equivalent Privacy (WEP)

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Temporal Key Integrity Protocol (TKIP) Presented By: Laxmi Nissanka Rao Kim Sang Soo.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE

IEEE Wireless Local Area Networks (WLAN’s).

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

Solutions for WEP Bracha Hod June 1, i Task Group  Addresses WEP issues –No forgery protection –No protection against replays –Attack through.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

04/14/  The IEEE wireless LAN standard was established in 1989 and was originally intended to seek a wireless equivalent to Ethernet. 

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

1 Wireless LAN Security Kim W. Tracy NEIU, University Computing

WLAN What is WLAN? Physical vs. Wireless LAN

A Methodology for Evaluating Wireless Network Security Protocols David Rager Kandaraj Piamrat.

Michal Rapco 05, 2005 Security issues in Wireless LANs.

Mobile and Wireless Communication Security By Jason Gratto.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized.

Wireless Networking.

A History of WEP The Ups and Downs of Wireless Security.

Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.

Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Six Strategies to Secure Wireless LANs Joel Snyder, PhD Senior Partner Opus One.

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

IEEE i WPA2. IEEE i (WPA2) IEEE i, is an amendment to the standard specifying security mechanisms for wireless networks. The.

WEP Protocol Weaknesses and Vulnerabilities

WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Security in Wireless Networks IEEE i Presented by Sean Goggin March 1, 2005.

WEP, WPA, and EAP Drew Kalina. Overview  Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA)  Extensible Authentication Protocol (EAP)

WEP Case Study Information Assurance Fall or Wi-Fi IEEE standard for wireless communication –Operates at the physical/data link layer –Operates.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.

IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004

Xiuzhen Cheng Xiuzhen Cheng Csci388 Wireless and Mobile Security – Temporal Key Integrity Protocol.

National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.

Wireless security Wi–Fi (802.11) Security

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.

IEEE Security Specifically WEP, WPA, and WPA2 Brett Boge, Presenter CS 450/650 University of Nevada, Reno.

Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.

Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.

By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.

EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

Wireless Authentication Protocol Presented By: Tasmiah Tamzid Anannya Student Id:

CSE 4905 WiFi Security II WPA2 (WiFi Protected Access 2)

Wireless Protocols WEP, WPA & WPA2.

IEEE i Dohwan Kim.

Presentation transcript:

Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1

Wireless Security Timeline WEP - Part of original specification published in WPA - Developed to fix numerous WEP flaws. Ratified by Wi-Fi Alliance in i - More robust, permanent security standard expected to be finalized soon. Currently in 7th draft.

WEP Wired Equivalent Privacy Uses RC4 Stream cipher Has static 40-bit base key 64-bit per-packet key 24-bit Initialization Vector (IV) Uses Integrity Check Value (ICV) to verify integrity

WEP Weaknesses (IV repetition) Short 24-bit IV means RC4 key must be changed every 2 24 packets or data can be exposed via IV repetition. With repeated IV -> c1  c2 = p1  p2 Not very feasible to change WEP key after 16 million packets transmitted.

WEP Weaknesses (Replay Attack) Alice Bob Trudy Authorized WEP communications Eavesdrop and record Replay packets

WEP Weaknesses (Forgery Attack) Packet data can be forged WEP uses ICV (CRC-32) to verify integrity. Create a blank message with same number of data bytes, flip some bits and compute ICV. XOR bit-flipped message and ICV into captured message. Result - Undetected forgery. Identity can be forged Source address, Destination address not protected.

WEP Weaknesses (Keys) WEP uses same key for authentication and encryption. No way to manage keys. Same static key used on AP as well as all clients.

WPA: The solution for today Wi-Fi Protected Access (WPA) created to fix vulnerabilities of WEP while keeping the ability to run on legacy Access Points. Subset of i Standard. Two major components: TKIP and 802.1X Extensible Authentication Protocol (EAP) based authentication.

TKIP Temporal Key Integrity Protocol. Consists of new algorithms to wrap WEP A new Message Integrity Code (MIC) called Michael. IV sequencing to defeat replay attacks. A per-packet key mixing function to de- correlate IVs from weak keys. A re-keying mechanism to provide fresh encryption and integrity keys.

TKIP (Michael) Uses two 64-bit keys, one for each link direction. Unlike WEP, packet Sender Address and Destination Address are computed as part of the MIC. 8-byte MIC appended to the packet data.

TKIP (IV Sequencing) IV sequencing used to protect against replay attacks. Reset packet sequence number to 0 on rekey. Increment sequence number by 1 each time packet transmitted. Packets received out of sequence are dropped.

TKIP (Key mixing) Per-packet mixing function implemented in 2 phases: Phase 1: Combines local MAC address and temporal key. Then run through S-box to produce intermediate key. Fistel cipher used to encrypt the packet sequence number under the intermediate key, producing 128-bit per-packet key.

TKIP (Keys) One 128-bit encryption key Two 64-bit integrity keys Master keys assigned by Authentication Server using the 802.1X architecture

802.1X EAP WPA uses 802.1X as an authentication and key replacement mechanism X specifies the following components: Supplicant – A user or a client that wants to be authenticated. Authentication server – An authentication system, such as a RADIUS server, that handles actual authentications. Authenticator – A device that acts as an intermediary between a supplicant and an authentication server. Usually, an AP.

802.1X EAP Messages EAP-identity request EAP Identity Response EAP Auth Request EAP Success / Optional Master Key Supplicant AuthenticatorAuth. Server Attach EAP Auth Response

Different forms of EAP EAP-Transport Layer Security(EAP-TLS) Authentication requires use of PKI EAP-Tunneled TLS (EAP-TTLS) Favored by some for use in i EAP-Protected EAP (PEAP) Favored by some for use in i

802.11i:Robust Security for Tomorrows WLANs Still uses some WPA features TKIP 802.1X Key hierarchy Key management

802.11i New cipher AES block cipher replaces RC4 AP hardware needs to be upgraded to support more complex AES computations. Mode of operation - AES Counter Mode Encryption with CBC-MAC (CCM).

AES-CCM Mode HeaderPayload MIC Authenticated Encrypted CBC-MAC used to compute MIC on header and payload. CTR mode is used to encrypt the payload and MIC.

802.11i (Other Features) EAP over an Ethernet LAN (EAPOL) Roaming support Allows clients to pre-authenticate with different APs, on wired or wireless LANs. Independent Base Service Set (IBSS) Allows clients to authenticate to each other, even if not in range of an AP. Password-to-key mapping

WLAN Security Summary