Presentation is loading. Please wait.

Presentation is loading. Please wait.

Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit 1 Wireless Security Developed by: Alberto Escudero Pascual,

Published byToby Stevens Modified over 8 years ago

Similar presentations

Presentation on theme: "Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit 1 Wireless Security Developed by: Alberto Escudero Pascual,"— Presentation transcript:

1 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 1 Wireless Security Developed by: Alberto Escudero Pascual, IT +46

2 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 2 Goals To be able to situate wireless security within the broad context of information security. To understand where “security” can be built into each layer of the OSI/Internet protocol stack To be able to identify the key security elements that need to be considered when performing wireless design planning.

3 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 3 Table of Contents Part I –Wireless Security/Information Systems Security –OSI model and link level encryption Part II – Five security attributes in the context of WLAN Part III – Ten threats for security in WLAN

4 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 4 Defining Wireless Security Security is a wide and general concept What ”Security” are we talking about? We need to start by defining the right “Security Context” to study WLAN Security We will present Wireless Security in the context of Information Security.

5 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 5 What is Information Security? (COMSEC) ● Late 70's, refered to as ”Communication Security” COMSEC was defined by “U.S. National Security Telecommunications and Information Systems Security Instruction” (NSTISSI) as: “ Measurement and controls taken to deny unauthorized persons information derived from telecommunications and to ensure the authenticity of such telecommunications.”

6 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 6 What is Information Security? (COMSEC) ● COMSEC security included two security attributes related to this unit: ● Confidentiality ● Authentication

7 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 7 Confidentiality ”Assurance that information is not disclosed to unauthorized persons, processes, or devices.” Protection from unauthorized disclosure

8 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 8 Authentication ”Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s authorization to receive specific categories of information” Verification of originator

9 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 9 Growth of PC's in the 80's lead to a new security era COMPUSEC was defined by the NSTISSI as: “Measures and controls that ensure confidentiality, integrity, and availability of information system assets including hardware, software, firmware, and information being processed, stored, and communicated” What is Information Security? (COMPUSEC)

10 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 10 COMPUSEC introduced two more security attributes related to this unit: Integrity Availability What is Information Security? (COMPUSEC)

11 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 11 Integrity ”Quality of an Information System (IS) reflecting the local correctness and reliability of the operating system; the logical completeness of the hardware and software implementing the protection mechanisms; and the consistency of the data structures and occurrence of the stored data.” The data can not be modified without notice

12 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 12 Availability ”Timely, reliable access to data and information services for authorized users.” The access is “reliable”

13 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 13 In the 90's, COMSEC and COMPUSEC merged to form Information Systems Security (INFOSEC) INFOSEC included the four attributes: Confidentiality, Authentication, Integrity and Availability from COMSEC and COMPUSEC What is Information Security? (INFOSEC)

14 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 14 INFOSEC included also a new attribute: Non-Repudiation What is Information Security? (INFOSEC)

15 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 15 Non-Repudiation (Accountability) ”Assurance the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the data.”

16 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 16 INFOSEC in WLAN INFOSEC is defined by the U.S. NSTISSI as: ”The protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.”

17 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 17 The Methodology What: Wireless Security will be presented from the point of view of INFOSEC Why: To give a methodological approach for designing security of a wireless network How: All five security attributes of INFOSEC are presented and we discuss how WLAN (can) implements each of them

18 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 18 Two reminders Before moving into the five security attributes, two reminders from the Advanced Internetworking Unit –OSI model and WLAN standards –Link level encryption

19 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 19 The OSI Model and Wireless Security (reminder) Wireless standards refers to layer 1 and 2 of the OSI protocol stack Security in WLAN tends to be identifief as setting properly ”Wireless Link Level Encryption” Security mechanisms in layer 3 and above do not belong to ”wireless security” and should be considered as part of a “Network or Application Security Unit”

20 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 20 Link Level Encryption Definition: The process to secure data at link level when data is transmitted between two nodes attached to the same physical link. Requirements: A (secret/key) shared between the communication parties and an agreed encryption algorithm.

21 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 21 Link Level Encryption When sender and receiver are not present in the same media, the data needs to be decrypted and re-encrypted in each of the nodes along the way to the receiver. LL Encryption only works HOP-BY-HOP. The link level encryption is normally used when higher level protocol encryption is not present or in high assurance applications.

22 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 22 Link Level Encryption in IEEE 802.11 WEP has been the most known link level encryption algorithm for IEEE 802.11 (1999-2004) WEP has been proven to be insecure. Other alternatives have been develop in the last five years and standardised as the Wi-Fi Protected Access (WPA2). The new standard IEEE 802.11i will include an enhancement of WPA, named WPA-2.

23 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 23 Link Level Encryption in IEEE 802.11 Link encryption does not provide end- to-end security outside of the physical link Link Encryption should always be consider as just an extra security measure Link encryption requires more hardware resources in the access points and the security design of key distribution and management.

24 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 24 Five security attributes in WLAN Confidentiality Authentication Integrity Availability Non-repudation (Accountability)

25 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 25 1. Wireless (LAN) Confidentiality Defined as the assurance that information transmitted between access points and clients is not disclosed to unauthorized persons. Needs to ensure that either 1) the communication between a set of access points in a wirelessdistribution system (WDS) is protected OR 2) the communication between an access point (AP) and a station/client (STA) remains protected

26 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 26 WEP Part of the original IEEE 802.11b standard of 1999 Aimed to provide a “comparable level of confidentiality” to a wired network WEP was broken and obsolete shortly after its release WEP was proven weak independently of the length of the key size The lack of any key management in the protocol itself did WEP even weaker (keys are distributted manually). Quickly, new alternatives poped up as WEP+ from Lucent and WEP2 from Cisco

27 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 27 WEP and their enhancements (WEP+, WEP2) are currently obsolete WEP is based on the “RC4 stream cypher” Multiple available software to break WEP (Airsnort,wepcrack, kismac, aircrack etc). Interested in the history of WEP security? check the “Additional Resources” WEP

28 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 28 WPA and WPA2 are born Wi-Fi Protected Access (WPA) was proposed in 2003 while IEEE 802.11i was discussed. WPA focused on enable old-hardware to be easily updated. In 2004, WPA was enhanced to include AES and certified as part of the IEEE 802.11i standard with the name WPA2 (2004). WPA2 is designed to work with and without a key management server.

29 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 29 WPA and WPA2 are born If no key management server is used, all stations share a “pre-shared key” (PSK) PSK mode is known as WAP-Personal or WAP2 Personal When a key management server is used, WPA2 is known as WPA(2)-Enterprise One major improvement in WPA2: the possibility of exchanging keys dynamically

30 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 30 2. Wireless (LAN) Authentication The measure designed to establish the validity of a transmission between Access Points and/or Wireless Stations (STA) The right to send *bridge/route* data via the Access Point

31 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 31 Open Authentication - NO security, everyone can start talking to the access point Shared Key Authentication - A secret is shared between access point and the client - A challenge response allows the access point to verify the shared secret and grant access Association Mechanisms

32 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 32 WEP and Authentication in Layer-2 Shared Key Authentication in WEP is obsolete Plain-cypher text attacks can be easily performed “Encryption” key and “Authentication” key are the same shared secret Once one is compromised so is the other

33 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 33 WEP and Authentication in Layer-2 Recommendations: Use WAP2-Enterprise mode Authentication in major wireless networks (WISP) is normally implemented in higher network layers (IP layer) by means of captive portals By using a ”captive portal” we have NO simple means to stop the flow of traffic that bridges (crosses) our access points.

34 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 34 Stop Broadcasting SSID A variation of ”Open authentication” is called “Closed Network”. ”Closed networks” do NOT broadcast periodically SSID beacon frames (IEEE 802.11 link level management frames) Turning off the broadcast of SSID implies that the wireless clients need to know the SSID in advance

35 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 35 Stop Broadcasting SSID A “security” protection? Will not prevent other software to find the SSID by “eavesdrop” the association frames of another station Finding the SSID of a “Close Network” is as simple as waiting for “someone” to get associated to the wireless network and extract the SSID string from an association frame Should be consider as an “extra precaution” but NOT as a real security protection.

36 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 36 MAC address filtering as security measure Many WISPs use MAC address filtering to limit/provide access to a wireless networks assuming that MAC addresses are “hard- coded” and can not be easily modified MAC addresses in most (wireless) networks interfaces can easily be modified! An authentication mechanism based ONLY on MAC addresses is insecure.

37 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 37 Wireless Captive Portals Moving Authentication out of the Wireless: Captive Portal There exists many implementations of Wireless Captive Portals The majority are based on the same type of concept: HTTP redirection and Dynamic Firewalling

38 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 38 Wireless Captive Portals 1) Clients are allowed to associate with an AP and obtain an IP by means of DHCP 2) Once the client has an IP, all HTTP requests are captured and the client is forced to a “log-in” web page. 3) The captive portal verifies the validity of the user/password and changes the status of a firewall (normally in the same machine) 4) Firewalls rules are normally based on the values of the client's MAC and DHCP IP address.

39 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 39 Wireless Captive Portal authentication in three steps

40 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 40 3. Wireless (LAN) Data Integrity The capability of a wireless protocol to determine if the payload has been be altered by unauthorized users WEP was intended to provide payload integrity The integrity mechanism (CRC) used in WEP is also insecure. No surprises! The payload can be altered and the CRC message updated without knowing the WEP key

41 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 41 Wireless (LAN) Data Integrity Result: Traffic can be modified without being noticed WPA and WPA2: included a more secure message authentication code (MAC – cryptographic checksum) and the inclusion of a frame counter, which prevents “replay attacks”

42 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 42 Wireless (LAN) Data Integrity WEP vs WPA2 Data Integrity by means of WEP is obsolete WPA or WPA2 should be implemented to achieve Wireless Data Integrity by means of encryption in the link level

43 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 43 4. Wireless (LAN) Availability “The capability of the technology to ensure reliable access to data and information services for authorized users.”

44 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 44 Interference in wireless radio channel WLAN operates in predefined radio channels open for anyone to use Preventing unauthorized users to interfere with your network is almost impossible Advice: Monitor carefully your links to identify possible sources of “interference”

45 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 45 Denial of Service (DoS) WLAN networks are vulnerable to DoS by radio interference, anyone can start using: - the same or adjacent radio channel - the same SSSID DoS can be intentional and/or unintentional Consider scheduling periodical radio frequency scans Do not overpower your links

46 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 46 Other threats to availability Presence of hidden nodes (heavy retransmission) Viruses (heavy scanning) Peer-to-peer software (heaving data transfer) Spam (heavy incoming/outgoing mail)

47 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 47 5. Wireless (LAN) Non-repudiation (Accountability) The WLAN protocols do not have a mechanism to assure the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender’s identity. Accountability needs to be implemented in higher protocol layers.

48 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 48 Ten WLAN Security Threats

49 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 49 10 WLAN Security Threats

50 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 50 10 WLAN Security Threats

51 Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit www.itrainonline.org 51 Conclusions 1. Security attributes as described in INFOSEC can be implemented in different layers of the OSI model 2. If link level security is needed avoid WEP and use IEEE 802.11i (WPA2) 3. Have clear security requirements, as solutions depend on each scenario

Download ppt "Last Updated: 25 April, 2006 Alberto Escudero Pascual Multimedia Training Kit 1 Wireless Security Developed by: Alberto Escudero Pascual,"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Applied Cryptography for Network Security

Applied Cryptography for Network Security
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
N ational I NFOSEC E ducation and T raining P rogram Educational Solutions for a Safer World http//www.nsa.gov:8080/isso/programs/nietp/index.htm.

N ational I NFOSEC E ducation and T raining P rogram Educational Solutions for a Safer World http//
Cryptography and Network Security

Cryptography and Network Security
Chapter 13-802.11 Network Security Architecture 802.11 Security Basics Legacy 802.11 security Robust Security Segmentation Infrastructure Security VPN.

Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)

Similar presentations

Ads by Google