Your 802.11 Wireless Network has No Clothes* William A. Arbaugh, Narendar Shankar Y.C. Justin Wan University of Maryland Presentation by Eddy Purnomo,

Slides:

Advertisements

Similar presentations

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Advertisements

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005

Your Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

1 MD5 Cracking One way hash. Used in online passwords and file verification.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

WEP and i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

COMP4690, HKBU1 Security of COMP4690: Advanced Topic.

The Dangers of Mitigating Security Design Flaws: A Wireless Case Study Nick Petroni Jr., William Arbaugh University of Maryland Presented by: Abe Murray.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.

Wired Equivalent Privacy (WEP)

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.

IEEE Wireless Local Area Networks (WLAN’s).

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

Security – Wired Equivalent Privacy (WEP) By Shruthi B Krishnan.

802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.

Networks Olga Agnew Bryant Likes Daewon Seo.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Introduction to Wireless Networking. Basic Wireless and Wired Network.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University

WLAN What is WLAN? Physical vs. Wireless LAN

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.

A History of WEP The Ups and Downs of Wireless Security.

Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.

Wireless Network Security Dr. John P. Abraham Professor UTPA.

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Wireless Insecurity By: No’eau Kamakani Robert Whitmire.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

Intercepting Mobile Communications: The Insecurity of Nikita Borisov Ian Goldberg David Wagner UC Berkeley Zero-Knowledge Sys UC Berkeley Presented.

Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.

NSRI1 Security of Wireless LAN ’ Seongtaek Chee (NSRI)

CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.

WEP Protocol Weaknesses and Vulnerabilities

WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.

DoS Attacks On Wireless Voice Over IP Systems By Brendon Wesley Supervisor- Noria Foukia.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.

Lecture 24 Wireless Network Security

National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

CSE 5/7349 – April 5 th 2006 Wireless Networking.

How To Not Make a Secure Protocol WEP Dan Petro.

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

Wireless Network Security CSIS 5857: Encoding and Encryption.

802.11: Introduction Reference: “IEEE : moving closer to practical wireless LANs”; Stallings, W.; IT Professional, Volume: 3 Issue: 3, May- June.

Doc.: IEEE /230 Submission May 2001 William Arbaugh, University of MarylandSlide 1 An Inductive Chosen Plaintext Attack against WEP/WEP2 William.

WLAN Security1 Security of WLAN Máté Szalay

Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.

Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Wireless LAN Security Daniel Reichle Seminar Security Protocols and Applications SS2003.

Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?

Wired Equivalent Privacy. INTRODUCTION Wired Equivalent Privacy (WEP) is a security algorithm for IEEE wireless networks. Introduced as part of.

1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.

Module 48 (Wireless Hacking)

Wireless Protocols WEP, WPA & WPA2.

WEP & WPA Mandy Kershishnik.

WLAN Security Antti Miettinen.

Antti Miettinen (modified by JJ)

Presentation transcript:

Your Wireless Network has No Clothes* William A. Arbaugh, Narendar Shankar Y.C. Justin Wan University of Maryland Presentation by Eddy Purnomo,

Outline  Introduction  overview of the  Standard Security Mechanisms  Shared Key Authentication Flaw  Conclusion  Question

Introduction  standard provides only limited support for confidentially.  has many security issues such as key management and robust authentication mechanism  Deployment of a wireless network opens a “back door” into the internal network.  Use of encryption prevents an adversary from gaining immediate access, but the weaknesses found in WEP will provides such access.

wireless standard Ad-hoc network Infrastructure network Independent Basic Service Set (IBSS)Basic Service Set (BSS)

wireless standard(cont)  wireless clients and access points must establish a relationship, or an association  Only after an association is established can the two wireless stations exchange data.  The association process is a two step process involving – 1. Unauthenticated and unassociated, – 2. Authenticated and unassociated, and – 3. Authenticated and associated  Transition between the states, the communicating parties exchange messages called management frames.

Standard Security Mechanisms  Wired Equivalent Privacy protocol(WEP) – provide confidentiality for network traffic using the wireless protocol.  Open System Authentication – Authenticates anyone who requests authentication  Access Control Lists – Each access point can limit the clients of the network to those using a listed MAC address.  Key Management – window of four keys – key mappings table

Shared key Authentication 1. Share key 3. Challenge text 2. Authenticate request Authentication request management frame Authentication management frame WEP pseudo-random number generator + Shared secret & random initialization vector(IV) 4. Challenge text copy into management frame Encrypted with WEP using ‘shared secret’ And new IV 5. Encrypted management frame 6. Decrypts and And verify. Match Challenge text OK!

Shared Key Authentication Flaw  Fixed structure protocol  By capturing the 2 nd & 3 rd management message: Authentication management frame Encrypted management frame  Attacker can derive pseudo-random stream and use it to authenticate.

Conclusion  These paper demonstrates serious flaws in the security mechanisms used by the vast majority of access points supporting the IEEE wireless standard  ALL of the deployed wireless networks are at risk.  Question: Are there any such thing as a perfect security in wireless communication?