Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Security Ian Bodley.

Similar presentations


Presentation on theme: "Wireless Security Ian Bodley."— Presentation transcript:

1 Wireless Security Ian Bodley

2 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

3 Wireless vs. Wired Accessibility
The main difference between wired and wireless is obviously the need for a physical connection to a network. The creates many attractive advantages for corporations and institutions, yet unless properly manages, exposes these networks to anyone with a wireless card. For instance, any of us could sit outside of this building and have wireless access to it.

4 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

5 WEP Overview Wireless Equivalent Privacy (WEP)
802.11's optional encryption standard implemented in the MAC Layer that most radio network interface card (NIC) and access point vendors support. If a user activates WEP, the NIC encrypts the payload (frame body and checksum) of each frame before transmission using an RC4 stream cipher provided by RSA Security. The receiving station, such as an access point or another radio NIC, performs decryption upon arrival of the frame. As a result, WEP only encrypts data between stations. Once the frame enters the wired side of the network, such as between access points, WEP no longer applies.

6 WEP Overview Plaintext frame data M concatenated with checksum c(M)
Wireless node M Per packet initialization vector IV (24 bits) prepended to secret key to create the packet key M . c(M) RC4 cipher initialized using the packet key IV . k IV: a sequence of random bytes appended to the front of the packet key. Adding the IV to the beginning eliminates the possibility of having the initial ciphertext block the same for any two messages. Few things to note here: the packets will all be encrypted differently due to the presence of the IV, creates a random aspect to the data stream for each packet RC4 Cipher Output bytes of cipher are exclusive-ored with checksummed plaintext C=(M . c(M)) ◦ RC4(IV . K) Access Point

7 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

8 Vulnerabilities Human Error Short IVs Static keys WEP Configuration
Large networks reuse IVs every hour Static keys No support to change keys When transmitting messages having a common beginning, such as the "FROM" address in an , the beginning of each encrypted payload will be equivalent when using the same key. After encrypting the data, the beginnings of these frames would be the same, offering a pattern that can aid hackers in cracking the encryption algorithm In stream ciphers, it is unsafe to use the same key twice. But WEP's small IV almost guarantees keystream reuse. Manually-configured LANs cannot to change the key often enough to avoid reuse.

9 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

10 Exploits Fluhrer, Mantin, and Shamir Inductive
Cryptanalytic attack (pattern recognition) Capture enough WEP frames, compare streams to determine secret key Inductive Discover message by modifying a captured frame When transmitting messages having a common beginning, such as the "FROM" address in an , the beginning of each encrypted payload will be equivalent when using the same key. After encrypting the data, the beginnings of these frames would be the same, offering a pattern that can aid hackers in cracking the encryption algorithm frames carry IP packets containing a large amount of known plaintext. This lets an attacker recover a partial keystream for every packet. Building up hints, an attacker eventually discovers the entire keystream. CRC lets the receiver verify that the frame was not modified in transit, an attacker can sniff a valid b frame, set the destination IP address to his own, adjust the CRC to cover his tracks, and transmit the modified frame to the AP. If the AP operates as an Internet gateway, it will decrypt the packet and deliver the plaintext to the attacker's PC

11 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

12 Protection Mapping table of MACs Firewalls Second level of encryption
firewalls to restrict the flow of packets from wireless APs to appropriate destinations

13 Thank You!


Download ppt "Wireless Security Ian Bodley."

Similar presentations


Ads by Google