1. Chapter 24 Wireless Network Security
Wireless Security
Chapter 24 Wireless Network Security

2. Objectives The student shall be able to:
Define the main function of the IEEE standards: a, b, g, i, n
Define Access Point, BSS, ESS, WEP, WPA2
Describe how a man-in-the-middle attack could occur within a wireless network, and how sniffing could be used by an attacker.
Define 3 main protections for WLAN protocol configurations.
Define 3 additional protections that will help safeguard an access point or station.
Define the purposes of the phases of WLAN connections: discovery, authentication, key exchange, protected data transfer.

3. IEEE WIFI
802.11a - Wireless network bearer operating in the 5 GHz ISM band with data rate up to 54 Mbps
802.11b - Wireless network bearer operating in the 2.4 GHz ISM band with data rates up to 11 Mbps
802.11e - Quality of service and prioritisation
802.11f - Handover
802.11g - Wireless network bearer in 2.4 GHz ISM band with data rates up to 54 Mbps ; compatible with b, n
802.11h - Power control
802.11i - Authentication and encryption
802.11j - Interworking
802.11k - Measurement reporting
802.11n - Wireless network bearer operating in the 2.4 and 5 GHz ISM bands with data rates up to 600 Mbps
802.11s - Mesh networking
802.11ac - Wireless network bearer operating below 6GHz to provide data rates of at least 1Gbps per second for multi-station operation and 500 Mbps on a single link
802.11ad - Wireless network bearer providing very high throughput at frequencies up to 60GHz
802.11af - Wi-Fi in TV spectrum white spaces (often called White-Fi)

4. Typical Configuration
Security Issues:
Shared Medium: Sniffing, jamming, data emanation, replay
Offsite access: War Driving, war chalking

5. WIFI Protocol Stack Physical Layer: Transmits bits
MAC Layer: Discards packets received with errors
LLC Layer: An optional layer retransmits if necessary

6. IEEE 802.11 Extended Service Set
Access Point (AP):
Provides access to the distribution system
Can serve as the coordination function, which controls when stations are permitted to transmit.
Basic Service Set (BSS): Set of stations controlled by a single coordination function (AP)
Extended Service Set (ESS): A set of 1 or more interconnected BSSs/LANs that appear to the LLC as a single BSS.
Distribution System: A system which internconnects a set of BSSs/LANs into an ESS

7. Man-in-the-Middle Attack
(2) Login
(1) Login
(2/3) are IP addresses
The red computer here is pretending to be , and forward confidential information to
(3) Password
(4) Password

8. Wireless Attacks Eavesdrop Attacks Active Attacks
Accidental Association: Connecting through the wrong Access Point
Malicious Association: Connecting through a Spoofed or Rogue Access Point (Evil Twin)
Ad hoc Network: Connecting through another Station
Nontraditional Networks: Other protocols (Bluetooth, PDAs) may be insecure
Identity Theft: Impersonation of MAC address
Denial of Service: Bombarding a WLAN with messages
Network Injection: Attacker inject packets to affect connection or network configuration
KISMET: Displays local WLANs, including no SSID broadcast. Lists characteristics, security of each

9. Securing Wireless Transmissions
Hide Service Set Identifier (SSID)
SSID is network name
“Disable SSID broadcasting” = true
Assign cryptic name
Reduce External Signal Strength
Reduce power level
Position AP in innermost building
Use directional antennas
Use signal-shielding techniques
Encrypt all transmissions (WPA2 best)

10. Other Important Security Considerations
Change Password: Change default Admin password for wireless router
MAC Address Filtering: Limit the MAC addresses that can connect to the network
Captive Portal: Force person to authenticate to web page and/or accept terms of use
Use VPN: VPN adds a high encryption level to all applications, originator-> destination

11. MAC: Broadcast SSID

12. Secure Wireless AP Use Firewall Use Anti-virus/Anti-spyware software
Change Router Standard Configuration
Change default password
Change default router identifier
Configure for Specific MAC Addresses
Harder but not impossible to break in

13. Secure Station Stolen Device Malware – Malicious App Firewall
Encrypt disk
Backup data
Malware – Malicious App
Antivirus – Antispyware software
Firewall
Secure other interfaces (e.g., Bluetooth)
Secure authentication

14. Insecure WEP Protocol
Problems:
All devices in a network share a secret key
No mutual authentication
Key is static
Key is limited in size and scope

15. WPA and WPA2 WPA WPA2 128 bit key
TKIP: Temporal Key Integrity Protocol
Changes encryption keys for every packet sent
Integrity checking
EAP: Extensible Authentication Protocol
Configurable authentication: Kerberos, token/smart cards,
LEAP and PEAP (Lightweight and Protected) are variations
AES Encryption: 128, 192, 256 bit keys configurable
CCMP: Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
Supports encryption, authentication, integrity
Replaces TKIP
RECOMMENDED
From COMPTIA SECURITY+ book

16. Robust Security Network Five 802.11i Phases
Discovery:
AP & STA negotiate cipher suite and authentication method
Authentication:
AP & STA mutually authenticate
Authentication: Can you prove you are who you say you are?
Key Management:
Keys are generated and distributed to AP/STA.
Protected Data Transfer:
Encrypted transmissions
Connection Termination:
Secure connection torn down

17. Discovery Phase Discovery Phase: Negotiation of:
Encryption & Integrity Cipher Suite
WEP
TKIP (WPA)
CCMP (WPA2)
Vendor Specific
Authentication & Key Mgmt
IEEE 802.1X
Pre-shared Key
Vendor-Specific
Key management approach

18. Discovery Phase: 3 Stages
Network & Security Capability Discovery:
What device and security capabilities exist?
AP broadcasts Beacons to advertise network & security policies (Optional)
STA sends Probe <-> and gets Probe Response back
Open System Authentication
STA & AP exchange identifiers
Simple for backward compatibility
Association
Agree on set of security capabilities
Association Request (STA)
Association Response (AP)

19. MAC: Probe Request (w. Security)
MAC: Beacon w. Security
MAC: Probe Request (w. Security)
RSN = Robust Secure Network
RSN=Robust Secure Network
HT = High Throughput

20. MAC: Probe Request
MAC: Probe Request

21. MAC: Probe Response cont’d

22. Probe Response, cont’d w. security
MAC: Probe Response w. Security
Probe Response, cont’d w. security

23. MAC: Authentication Response
Authentication Algorithm is 0=Open System as opposed to 1=Shared Key
Authentication Sequence = 2 = Authentication Response, Therefore status code = successful
The mac address starting with BC:77:37 implies Intel

24. MAC: Association Response
Association Response negotiates security features (not shown)?

25. MAC: Ack (Negotiation)
AP describes how acks are to occur. Instead of transmitting an individual ACK for every MPDU (i.e., frame), multiple MPDUs can be acknowledged together using a single Block Ack (BA) frame.

26. Authentication Phase
Mutual authentication between an STA and Authentication Server
Before Authentication: Uncontrolled
All packets go to the Authentication Server
After Authentication: Controlled
STA packets can go to other BSS or DS.

27. Authentication Phase Stages
Connect to AS (Authentication Server)
STA -> AS: Connection Request
AP acknowledges & forwards request
EAP Exchange
Extensive Authentication Protocol (EAP)
IEEE 802.1X Port-Based Network Access Control
The STA and AS authentication each other
Secure Key Delivery
AS -> STA: Master Session Key
Relies on EAP for secure exchange

28. MAC: QoS Data Counter Mode Cipher Block Chaining
Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC Protocol or simply CCMP (CCM mode Protocol)
Counter Mode Cipher Block Chaining
Message Authentication Code Protocol,
Counter Mode CBC-MAC Protocol =
CCMP (CCM mode Protocol)
Implies: WPA2

29. Key Management Phase: Two Types of Keys
Pairwise Keys: Unicast(AP<->STA)
Unique per STA
Pre-Shared Key: Pre-shared before transmission
PTK = HMAC-SHA-1(PMK+MAC Addresses[STA,AP]+nonce)
Confirmation Key: Integrity & Authenticity of control frames
Encryption: Confidentiality of key exchange
Temporal key: Used for data exchange
Group Keys: Multicast (AP<->STAs)
GTK changed when STA leaves network
Nonce: Time-related number prevents replay

30. (Both sides generate PTK from Anonce, Snonce, MAC addresses, PMK)
Key Management Phase
Unicast 4-Way Handshake:
STA AP
EAPOL-key(Anonce, Unicast))
EAPOL-key(Snonce, Unicast, MIC)
(Both sides generate PTK from Anonce, Snonce, MAC addresses, PMK)
EAPOL-key(Install PTK, Unicast, MIC))
EAPOL-Key(Unicast, MIC)
Group Key Distribution
EAPOL-key(GTK,MIC)
EAPOL-Key(MIC)
Notes
Anonce, Snonce: Timed values & Local MAC Addresses (Anonce=AP nonce)
MIC=Message Integrity Code (HMAC-MD5 or HMAC-SHA-1-128)
Anonce = AP nonce; Snonce = Station nonce.

31. Data Transfer Phase IEEE 802.11i
Temporal Key Integrity Protocol (TKIP)
WPA but WEP-Compatible
Message Integrity Code (MIC) = 64 bits
Calculated from MAC addresses + data + key material
Data Confidentiality: Uses RC4 to encrypt MPDU+MIC
Sequence number prevents replay
Counter Mode CBC MAC Protocol (CCMP) (WPA2)
Integrity: Cipher-block-chaining Message Auth. Code (CBC-MAC)
Confidentiality: AES CTR block cipher mode.

32. MAC: DeAuthentication

33. Pseudo-Random Function Generator
Used for
Nonces
Expand Pairwise keys
Generate IEEE i PRF(K,A,B,Len)
K=Secret key
A=connection-specific text string (nonce or key expansion)
B=data specific to each case
Len=desired # pseudorandom bits for output
Counter I, incrementing

34. Summary Protocol Design Good Practices
A set of authentication mechanisms from bad to good
Negotiated security
Mutual authentication before service
Session keys
Integrity (MAC), Nonce (Replay), Encryption
Multicast keys possible
Hidden identity
Low Signal Strength
Firewall
Avoid default configuration (password, id)
Encrypt transmissions
Encrypt mobile devices
Antivirus/Antispyware S/W