Presentation is loading. Please wait.

Presentation is loading. Please wait.

Inaugural meeting (for Hasheem: that means ‘the first meeting’

Published byKristin Pierce Modified over 5 years ago

Similar presentations

Presentation on theme: "Inaugural meeting (for Hasheem: that means ‘the first meeting’"— Presentation transcript:

1 Inaugural meeting (for Hasheem: that means ‘the first meeting’
Electronic Security Inaugural meeting (for Hasheem: that means ‘the first meeting’

2 What Is Electronic Security?
For our purposes: Security that does not involve the mechanical exploitation of vulnerabilities in physical locks The examination of security systems which are implemented primarily by means of an electronic Basically, anything interesting that involves both security and electronics (we are open to suggestions for future meetings! )

3 Quick and Dirty Network Security: (NOT an exhaustive list, just enough concept to move to our main topic) Privacy Only trusted parties can participate in conversations (actively) Anyone who tries to listen won’t understand the conversation Integrity When person A sends message M to person B, the person B can be certain that M did not change at all from the time A sent it to the time B received it

4 WEP (or: when smart engineers make very, very bad decisions)
Wired Equivalent Privacy Outlined in the IEEE b standard Uses RC4 stream cipher for privacy/encryption Used badly/improperly Uses CRC-32 checksum for integrity Ultimately this provides ZERO integrity

5 RC4 is a Stream Cipher A B C D E F Keystream: Plaintext: Cyphertext:
To infinity and beyond! 1001 1111 0101 1110 1010 1000 0010 0110 1101 0000 Plaintext: A B C D E F 0100 0001 0010 0011 0101 0110 Cyphertext: 1101 1110 0001 1100 1011 0110 0010 1000 0100 0000 Claude E Shannon proved that this encryption scheme provides PERFECT security if and only if: There is no repeating pattern in the keystream The keystream is as long as the plaintext RC4 Provides a PSEUDORANDOM keystream = a secret key + Initialization Vector. Not perfect, but pretty good… ONLY if the IV NEVER repeats!

6 WEP Implementation (credit for this image: Vitaly Shmatikov)
RC4 keystream = IV + secret key 1 keystream := 1 data layer frame IV is sent in the clear CRC-32 is a linear translation through xor, so anyone can re -compute THE FREAKING IV IS SENT IN THE CLEAR, IT MAKES UP 24 BITS OF THE KEY NO MATTER HOW BIG THE KEY IS Vulnerable to Fluhrer et al. attack on RC4. John Gordon will now demonstrate.

Download ppt "Inaugural meeting (for Hasheem: that means ‘the first meeting’"

Similar presentations

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Security flaws of the WEP-Protocol by Bastian Sopora, Seminar Computer Security 2006.

Security flaws of the WEP-Protocol by Bastian Sopora, Seminar Computer Security 2006.
WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.

WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
COMP4690, HKBU1 Security of 802.11 COMP4690: Advanced Topic.

COMP4690, HKBU1 Security of COMP4690: Advanced Topic.
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
How To Not Make a Secure Protocol 802.11 WEP Dan Petro.

How To Not Make a Secure Protocol WEP Dan Petro.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004.

Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.
RC4 1 RC4 RC4 2 RC4  Invented by Ron Rivest o “RC” is “Ron’s Code” or “Rivest Cipher”  A stream cipher  Generate keystream byte at a step o Efficient.

RC4 1 RC4 RC4 2 RC4  Invented by Ron Rivest o “RC” is “Ron’s Code” or “Rivest Cipher”  A stream cipher  Generate keystream byte at a step o Efficient.
Foundations of Network and Computer Security J J ohn Black Lecture #34 Dec 5 th 2007 CSCI 6268/TLEN 5831, Fall 2007.

Foundations of Network and Computer Security J J ohn Black Lecture #34 Dec 5 th 2007 CSCI 6268/TLEN 5831, Fall 2007.
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
The Final Nail in WEP’s Coffin Andrea Bittau, Mark Handley – University College London Joshua Lackey - Microsoft CPS372 Gordon College.

The Final Nail in WEP’s Coffin Andrea Bittau, Mark Handley – University College London Joshua Lackey - Microsoft CPS372 Gordon College.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
802.11 Security – Wired Equivalent Privacy (WEP) By Shruthi B Krishnan.

Security – Wired Equivalent Privacy (WEP) By Shruthi B Krishnan.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
AJ Mancini IV Paul Schiffgens Jack O’Hara. WIRELESS SECURITY  Brief history of Wi-Fi  Wireless encryption standards  WEP/WPA  The problem with WEP.

AJ Mancini IV Paul Schiffgens Jack O’Hara. WIRELESS SECURITY  Brief history of Wi-Fi  Wireless encryption standards  WEP/WPA  The problem with WEP.

Similar presentations

Ads by Google