1. Wireless Networking WLAN Security Module-12
Jerry Bernardini
Community College of Rhode Island
4/16/2017
Wireless Networking J. Bernardini

2. Presentation Reference Material
CWNA Certified Wireless Network Administration Official Study Guide
(PWO-104), David Coleman, David Westcott, 2009, Chapter-13
CWNA Certified Wireless Network Administration Official Study Guide, Fourth Edition, Tom Carpenter, Joel Barrett
Chapter-9,10
Cisco White Paper - A Comprehensive Review of Wireless LAN Security and the Cisco Wireless Security Suite
Your Wireless Network has No Clothes¤
William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan, Department of Computer Science University of Maryland College Park, Maryland March 30, 2001
4/16/2017
Wireless Networking J. Bernardini

3. What is Information Security?
Information Security: Task of guarding digital information
Information must be protective -on the devices that store, manipulate, and transmit the information through products, people, and procedures.
Information that must be protected are CIA
Confidentiality
Only authorized parties can view information
Integrity
Information is correct and unaltered
Availability
Authorized parties must be able to access at all times

4. Layers of Security

5. Wireless Networking J. Bernardini
Security Basics
Data Privacy
Authentication, Authorization, Accounting (AAA)
Segmentation
Monitoring
Policy
Because data is transmitted freely and in open air, wireless systems need strong encryption
4/16/2017
Wireless Networking J. Bernardini

6. Wireless Networking J. Bernardini
Wireless Data Privacy
Data privacy means others can not read your messages unless you allow it.
Data must be encrypted
Most common methods
RC4 algorithm
Advanced Encryption algorithm (AES)
Most encryption is Layer-2, protecting layers 3-7
management frames are not encrypted
control frames are not encrypted
4/16/2017
Wireless Networking J. Bernardini

7. Authentication, Authorization, Accounting (AAA)
Authentication – verification of user identity
Authorization – granting access to
Accounting – tracking the use of network by users
4/16/2017
Wireless Networking J. Bernardini

8. Wireless Networking J. Bernardini
Early IEEE Security
Referred to as: Pre-RSNA Security
RSNA=Robust Security Network Association
Pre-RSNA Security includes
Open System Authentication
Share Key Authentication
Wired Equivalent Privacy
This technology has many flaws and should not be considered for new systems
But we should understand Pre-RSNA to appreciate WLAN vulnerabilities
4/16/2017
Wireless Networking J. Bernardini

9. Security Segmentation and Monitoring
Segmentation – separating users
Firewalls
Routers
VPNs
VLANs
Monitoring and Policy
Full-time monitoring of wireless network needed
Protect against possible attacks
Use a Wireless Intrusion detection System(WIDS)
4/16/2017
Wireless Networking J. Bernardini

10. 4/16/2017
Open Authentication
Open authentication allows any device network access.
If no encryption is enabled on the network, any device that knows the SSID of the access point can gain access to the network.
With WEP encryption enabled on an access point, the WEP key itself becomes a means of access control.
CCRI J. Bernardini

11. 802.11 client authentication process
4/16/2017
client authentication process
1. Client broadcasts a probe request frame on every channel
2. Access points within range respond with a probe response frame
3. The client decides which access point (AP) is the best for access and sends an authentication request
4. The access point will send an authentication reply
5. Upon successful authentication, the client will send an association request frame to the access point
6. The access point will reply with an association response
7. The client is now able to pass traffic to the access point
CCRI J. Bernardini

12. Open Authentication Vulnerabilities
4/16/2017
Open Authentication Vulnerabilities
No way for the access point to determine whether a client is valid.
A major security vulnerability if WEP or better encryption is not implemented
Cisco does not recommend deploying wireless LANs without WEP encryption.
When WEP encryption is not needed or is not feasible to deploy - such as public WLAN deployments
Higher-layer authentication can be provided by implementing a Service Selection Gateway (SSG).
CCRI J. Bernardini

13. Shared Key Authentication
4/16/2017
Shared Key Authentication
The client sends an authentication request to the access point requesting shared key authentication
The access point responds with an authentication response containing challenge text
The client uses its locally configured WEP key to encrypt the challenge text and reply with a subsequent authentication request
If the access point can decrypt the authentication request and retrieve the original challenge text, then it responds with an authentication response that grants the client access
CCRI J. Bernardini

14. Vulnerability of Shared Key Authentication
4/16/2017
Vulnerability of Shared Key Authentication
CCRI J. Bernardini

15. Wired Equivalent Privacy-WEP
Wired Equivalent Privacy, a security protocol for WLANs defined in the b standard.
A secret key is shared between STAs and an AP
The secret key is used to encrypt packets (MSDU) before they are transmitted.
LANs are inherently more secure than WLANs
WLANs are over radio waves and can be intercepted
Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the b standard. WEP is designed to provide the same level of security as that of a wired LAN. LANs are inherently more secure than WLANs because LANs are somewhat protected by the physicality's of their structure, having some or all part of the network inside a building that can be protected from unauthorized access. WLANs, which are over radio waves, do not have the same physical structure and therefore are more vulnerable to tampering. WEP aims to provide security by encrypting data over radio waves so that it is protected as it is transmitted from one end point to another. However, it has been found that WEP is not as secure as once believed. WEP is used at the two lowest layers of the OSI model - the data link and physical layers; it therefore does not offer end-to-end security.
Under b WEP is optional!
MPDU
MAC protocol data unit: The unit of data exchanged between two peer MAC entities using the services of
the physical layer (PHY).
MSDU
MAC service data unit: Information that is delivered as a unit between MAC service access points (SAPs).

16. Wireless Networking J. Bernardini
WEP uses RC4
It is reasonably strong:
It is self-synchronizing:
WEP is self-synchronizing for each message. This property is critical for a
data-link level encryption algorithm, where “best effort” delivery is assumed and packet loss rates may be high.
It is efficient:
The WEP algorithm is efficient and may be implemented in either hardware or software.
It may be exportable:
4/16/2017
Wireless Networking J. Bernardini

17. Wireless Networking J. Bernardini
What is RC4
RC4 is a stream cipher designed by Ronald L. Rivest (MIT Professor) for RSA Data Security (now RSA Security).
It is a variable key-size stream cipher with byte-oriented operations.
The algorithm is based on the use of a random permutation. Analysis shows that the period of the cipher is overwhelmingly likely to be greater than
Eight to sixteen machine operations are required per output byte, and the cipher can be expected to run very quickly in software.
Independent analysts have scrutinized the algorithm and it is considered secure.
4/16/2017
Wireless Networking J. Bernardini

18. Correct WEP Key Required
4/16/2017
Correct WEP Key Required
If a device does not have the correct WEP key, even though authentication is successful, the device will be unable to transmit data through the access point.
Neither can it decrypt data sent from the access point
CCRI J. Bernardini

19. WEP Encryption Process
recommends IV change per-frame
same packet is transmitted twice resulting cipher-text will be different
Cipher text IV
Initialization
Vector (IV)
PRNG
Seed
Key Stream C1
Secret
Key
Pseudorandom Number Generator
Plain
text
Exclusive-OR C2
Note; The green triangles in the slide represent combiners that just concatenated two values.
The secret key is concatenated with an initialization vector (IV) and the resulting seed is input to a PRNG. The PRNG outputs a key sequence k octets equal in length to the number of data octets that are to be transmitted in the expanded MPDU plus 4 [since the key sequence is used to protect the integrity check value (ICV) as well as the data]. Two processes are applied to the plaintext MPDU. To protect against unauthorized data modification, an integrity algorithm operates on P to produce an ICV. Encipherment is then accomplished by mathematically combining the key sequence with the plaintext concatenated with the ICV. The output of the process is a message containing the IV and ciphertext. The WEP PRNG is the critical component of this process, since it transforms a relatively short secret key into an arbitrarily long key sequence. This greatly simplifies the task of key distribution, as only the secret key needs to be communicated between STAs. The IV extends the useful lifetime of the secret key and provides the self-synchronous property of the algorithm. The secret key remains constant while the IV changes periodically. Each new IV results in a new seed and key sequence, thus there is a one-to-one correspondence between the IV and k. The IV may be changed as frequently as every MPDU and, since it travels with the message, the receiver will always be able to decipher any message. The IV is transmitted in the clear since it does not provide an attacker with any information about the secret key, and since its value must be known by the recipient in order to perform the decryption.
Integrity Algorithm
Integrity
Check
Value (ICV)
What is Transmitted

20. WEP Implementation IEEE 802.11 cryptography objectives:
Efficient
Exportable
Optional
Reasonably strong
Self-synchronizing
WEP relies on secret key “shared” between a wireless device and the AP
Same key installed on device and AP
A form of Private key cryptography or symmetric encryption

21. WEP Characteristics WEP shared secret keys must be at least 40 bits
Most vendors use 104 bits
Options for creating WEP keys:
40-bit WEP shared secret key (5 ASCII characters or 10 hexadecimal characters)
104-bit WEP shared secret key (13 ASCII characters or 16 hexadecimal characters)
Passphrase (16 ASCII characters)
APs and wireless devices can store up to four shared secret keys
Default key one of the four stored keys
Default key used for all encryption
Default key can be different for AP and client

22. WEP Keys - Key order must be the same for all devices
- Default Keys can be different for each device

23. Initialization Vector
4/16/2017
Initialization Vector
The IV is a 24-bits that augments a 40-bit WEP key to 64 bits and a 104-bit WEP key to 128 bits.
The IV is sent in the clear in the frame header so the receiving station knows the IV value and is able to decrypt the frame
Although 40-bit and 104-bit WEP keys are often referred to as 64-bit and 128-bit WEP keys, the effective key strength is only 40 bits and 104 bits, respectively, because the IV is sent unencrypted.
CCRI J. Bernardini

24. WEP Encryption Process
Data
Key Stream
Cipher Stream (Transmitted and Received)
Key Stream
Data

25. WEP Encryption Process
The WEP Encrypted Frame Body
Encrypted IV 4
Data PDU
>=1
ICV 4
The encypherment process has expanded the original Frame Body by 8 octets, 4 for the IV and 4 for the ICV. The ICV is calculated on the data field only.
The WEP ICV shall be a 32-bit field containing the CRC-32, as defined in calculated over the Data
(PDU) field as depicted in Figure 46. The expanded Frame Body shall include a 32-bit IV field immediately
preceding the original Frame Body. This field shall contain three subfields: a three-octet field that contains
the initialization vector, a 2-bit key ID field, and a 6-bit pad field. The ordering conventions defined in 7.1.1
apply to the IV fields and its subfields and to the ICV field. The key ID subfield contents select one of four
possible secret key values for use in decrypting this Frame Body. Interpretation of these bits is discussed further
in The contents of the pad subfield shall be zero. The key ID occupies the two msb of the last octet
of the IV field, while the pad occupies the six lsb of this octet.
The WEP mechanism is invisible to entities outside the IEEE MAC data path.
Init. Vector 3
1 Octet
Pad
6-bits
Key ID
2-bits

26. WEP Keys 802.11b – 64-bit shared RC4 Key. 128-bit shared RC4 Key
24-bit IV plus a 40-bit Secret Key.
128-bit shared RC4 Key
24-bit IV plus a 104-bit Secret Key.
152-bit shared RC4 Key
24-bit IV plus a 128-bit Secret Key.
23|24 63 IV
24 - bits
Secret Key
40 - bits
PRNG Seed
WEP Maximum seed length is 256-bits.
For WEP protected frames, the first four octets of the frame body contain the IV field for the MPDU. This
field is defined in The PRNG seed is 64 bits. Bits 0 through 23 of the IV correspond to bits 0 through
23 of the PRNG seed, respectively. Bits 0 through 39 of the secret key correspond to bits 24 through 63 of
the PRNG seed, respectively. The bit and octet numbering conventions in apply to the PRNG seed,
secret key, and IV. The numbering of the octets of the PRNG seed corresponds to that of the RC4 key. The
IV is followed by the MPDU, which is followed by the ICV. The WEP ICV is 32 bits. The WEP Integrity
Check algorithm is CRC-32, as defined in
As stated previously, WEP combines k
with P
using bitwise XOR.

27. WEP Weaknesses Key management and key size. 40-bit
The IV is too small.
24-bit = 16,777,216 different cipher streams.
The ICV algorithm is not appropriate
Uses CRC-32 when MD5 or SHA-1 would be better.
Authentication messages can be easily forged.
WEP has been widely criticized for a number of weaknesses:
Key management and key size Key management is not specified in the WEP standard; without interoperable key management, keys will tend to be long-lived and of poor quality. Most wireless networks that use WEP have one single WEP key shared between every node on the network. Access points and client stations must be programmed with the same WEP key. Since synchronizing the change of keys is tedious and difficult, keys are seldom changed. Also, the standard does not specify any WEP key sizes other than 40 bits.
The IV is too small
WEP's IV size of 24 bits provides for 16,777,216 different RC4 cipher streams for a given WEP key, for any key size. Remember that the RC4 cipher stream is XOR-ed with the original packet to give the encrypted packet that is transmitted, and the IV is sent in the clear with each packet. The problem is IV reuse. If the RC4 cipher stream for a given IV is found, an attacker can decrypt subsequent packets that were encrypted with the same IV or can forge packets.
Weakness: The ICV algorithm is not appropriate The WEP ICV is based on CRC-32, an algorithm for detecting noise and common errors in transmission. CRC-32 is an excellent checksum for detecting errors, but an awful choice for a cryptographic hash. Better-designed encryption systems use algorithms such as MD5 or SHA-1 for their ICVs.
Authentication messages can be easily forged

28. Block Cipher Operation
4/16/2017
Block Cipher Operation
Block ciphers deal with data in defined blocks
The block cipher fragments the frame into blocks of predetermined size and performs the XOR function on each block.
Each block must be the predetermined size, and leftover frame fragments are padded to the appropriate block size
CCRI J. Bernardini

29. Wireless Networking J. Bernardini
RSNA Security
Robust Security Network Association
IEEE Clause 8 (previously IEEE i)
TKIP and RC4
CCMP and AES
IEEE 802.1X
Preshared Keys
Certificates and PACs
Four way Handshake
Key Hierarchies
Transition Security Network
4/16/2017
Wireless Networking J. Bernardini

30. Wireless Networking J. Bernardini
IEEE , Clause 8
Discusses and defines the following issues
4/16/2017
Wireless Networking J. Bernardini

31. Temporal Key Integrity Protocol - TKIP
Part of the IEEE i encryption standard for wireless LANs (Pronounced tee-kip )
TKIP is the next generation of WEP (initially call WEP2).
Provides per-packet key mixing, a message integrity check and a re-keying mechanism, thus fixing the flaws of WEP.
TKIP Process
begins with a 128-bit "temporal key" shared among clients and access points
Combines the temporal key with the client's MAC address and then adds a relatively large 16-octet initialization vector to produce the key that will encrypt the data.
This procedure ensures that each station uses different key streams to encrypt the data.
Older WEP based devices can be upgraded to TKIP and not processor intensive
"The advantage is that [TKIP] can be deployed quickly," said Kim Getgen, RSA BSAFE product marketing manager. "Vendors can patch their existing implementations. The IEEE will adopt other algorithms in the future, but this solves the immediate business problem of being able to distribute a privacy solution."
The temporal key integrity protocol (TKIP), initially referred to as WEP2, is an interim solution that fixes the key reuse problem of WEP, that is, periodically using the same key to encrypt data. The TKIP process begins with a 128-bit "temporal key" shared among clients and access points. TKIP combines the temporal key with the client's MAC address and then adds a relatively large 16-octet initialization vector to produce the key that will encrypt the data. This procedure ensures that each station uses different key streams to encrypt the data.
TKIP uses RC4 to perform the encryption, which is the same as WEP. A major difference from WEP, however, is that TKIP changes temporal keys every 10,000 packets. This provides a dynamic distribution method that significantly enhances the security of the network.
An advantage of using TKIP is that companies having existing WEP-based access points and radio NICs can upgrade to TKIP through relatively simple firmware patches. In addition, WEP-only equipment will still interoperate with TKIP-enabled devices using WEP. TKIP is a temporary solution, and most experts believe that stronger encryption is still needed.

32. Wireless Networking J. Bernardini
CCMP and AES
Counter Mode with Cipher Block Chaining-Message Authentication Code (CCMP)
CCMP uses Advanced Encryption Standard (AES) instead of RC4 algorithm
CCMP/AES uses 128-bit encryption, encrypts 128-bit blocks, uses 8-bytes integrity check
AES is very processor intensive
Not upgradable for older devices
4/16/2017
Wireless Networking J. Bernardini

33. Advanced Encryption Standard - AES
Relatively new U.S. National Institute of Standards and technology (NIST) for single-key encryption; approved in 2002.
16-byte Block Cipher based on Rijndael
(pronounced “Rain Doll”)
Key Lengths of 128, 192, and 256-bit
Time to brute-force break an AES 256-bit key… several years.
AES Encryption is a four step process
In cryptography, the Advanced Encryption Standard, or AES, is a block cipher adopted as an encryption standard by the US government, and is expected to be used worldwide and analyzed extensively, as was the case with its predecessor, the Data Encryption Standard (DES). It was adopted by National Institute of Standards and Technology (NIST) as US FIPS PUB 197 in November 2001 after a 5-year standardization process.
AES was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, and was based on their previous design, Square. It is also known by the name of "Rijndael", something best pronounced by non-Dutch speakers more or less as "Rhine dahl" (a long "i" and a silent "e"). Daemen and Rijmen have announced that, for those who object, they have several other names already prepared which will be even more difficult to pronounce. Strictly speaking, AES is not precisely Rijndael, as Rijndael supports a larger range of block and key sizes); AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits.
Specifically, AES is an iterative, symmetric-key block cipher that can use keys of 128, 192, and 256 bits, and encrypts and decrypts data in blocks of 128 bits (16 bytes). Unlike public-key ciphers, which use a pair of keys, symmetric-key ciphers use the same key to encrypt and decrypt data. Encrypted data returned by block ciphers have the same number of bits that the input data had. Iterative ciphers use a loop structure that repeatedly performs permutations and substitutions of the input data.
How is that pronounced ? If you're Dutch, Flemish, Indonesian, Surinamer or South-African, it's pronounced like you think it should be. Otherwise, you could pronounce it like "Reign Dahl", "Rain Doll", "Rhine Dahl". We're not picky. As long as you make it sound different from "Region Deal".

34. Wireless Networking J. Bernardini
AES Four Steps 3 1 2 4
4/16/2017
Wireless Networking J. Bernardini

35. 802.1X and EAP
IEEE’s 802.1X Port Based Network Access Control standard provides strong authentication and network access control for networks.
Extensible Authentication Protocol (EAP) is used to pass authentication information between the supplicant and the AS.
802.1X is a standard that provides a means to authenticate and authorize devices for network access; a security mechanism absent from X provides a port-based network access control solution for networking technologies such as Ethernet, , Token Ring and FDDI. 3
802.1X has three components that combine to deliver authentication: the Supplicant, Authenticator and Authentication Server (AS). The wireless terminal is the supplicant and the access point is the authenticator. The most common type of AS is RADIUS (Remote Authentication Dial-In User Service) - typically a stand-alone software package installed on a standard PC platform. Authentication requests occur during system initialization and are initiated by wireless terminals or access points, after the terminal has associated to the access point. Various authentication methods such as digital certificates, smart cards and one-time passwords can be used to provide credential information for authentication. Of course, without successful authentication, network access is denied.
EAP/MD5: Simple, one-way handshake in which the AS authenticates the client. Credentials are based on mutual knowledge of a shared secret such as username and password. MD5 requires little memory and is simple to implement and manage; making it ideal for wireless terminals with limited memory and processing power.
EAP/TLS: Two-way (mutual) authentication in which the AS authenticates the client, and in turn, the client authenticates the server. This mutual authentication secures against man-in-the-middle-attacks. TLS uses digital certificates to provide credential information and secures against dictionary attacks.
EAP/TTLS: Two-way (mutual) authentication of the client and AS based on TLS. TTLS only requires server-side certificates, eliminating the need to install and configure certificates for each wireless client. User authentication occurs via a security database already in use on the corporate LAN, such as Windows domain controllers, SQL, or LDAP. TTLS securely forwards client authentication information after a TLS tunnel is established.
EAP/PEAP: Similar in functionality to TTLS in that, it too specifies mutual authentication, uses TLS to establish a secure tunnel between the wireless client and authentication server, and only requires server-side certificates. The difference is that you would deploy an authentication method defined by EAP on the wireless client.
EAP is a general protocol and is ‘extensible’ in that it supports multiple authentication mechanisms X supports such EAP types as Message Digest 5 (MD-5), Transport Layer Security (TLS), Tunneled Transport Layer Security (TTLS) and Protected Extensible Authentication Protocol (PEAP).
Supplicant
Authenticator
Authentication Server 1

36. 802.1X Requires Three Entities:
4/16/2017
802.1X Requires Three Entities:
The supplicant-—Resides on the wireless LAN client
The authenticator-—Resides on the access point
The authentication server—Resides on the RADIUS server
CCRI J. Bernardini

37. Cisco Wireless Security Suite and 802.1X
4/16/2017
Cisco Wireless Security Suite and 802.1X
authentication framework—The IEEE 802.1X standard provides a framework for many authentication types and the link layer
Extensible Authentication Protocol (EAP) Cisco authentication algorithm—The EAP Cisco Wireless authentication type, also called Cisco LEAP supports centralized, user-based authentication with the ability to generate dynamic WEP keys
Temporal Key Integrity Protocol (TKIP)—Cisco has implemented two components to augment WEP encryption:
Message Integrity Check (MIC)—The MIC function provides effective frame authenticity to mitigate man-in-the-middle vulnerabilities
Per-Packet Keying—Per-packet keying provides every frame with a new and unique WEP key that mitigates WEP key derivation attacks
Broadcast Key Rotation—Dynamic key rotation
CCRI J. Bernardini

38. Wireless Networking J. Bernardini
Four-Way Handshake
Used to establish temporary transient keys with AP
Four-packet exchange
Number used once (Anounce)
Supplicant nounce (Snounce)
Authenticator Nounce
Message Integrity Check (MIC)
4/16/2017
Wireless Networking J. Bernardini

39. WPA
There are 2 modes of WPA and WPA2 certification—Enterprise and Personal
WPA
WPA2
Enterprise Mode
(Business & Government)
Authentication: IEEE 802.1X/EAP
Encryption: TKIP/MIC
Encryption: AES-CCMP
Personal Mode
(Personal & SOHO)
Authentication: PSK
All Wi-Fi CERTIFIED devices are certified as WPA-Personal by default. Vendors can request additional WPA2-Personal, WPA-Enterprise or WPA2-Enterprise certification.
In this mode, each user is assigned a unique key mechanism for access to the WLAN. This affords a high level of individual privacy. For WPA, TKIP encryption is used. TKIP employs an encryption cipher that issues encryption keys for each data packet communicated in each session of each user, making the encryption code extremely difficult to break. For WPA2, AES encryption is used. AES is stronger than TKIP, thus providing additional network protection.
Personal Mode is designed for home and small office/home office (SOHO) users who do not have authentication servers available. It operates in an unmanaged mode that uses a pre-shared key (PSK) for authentication instead of IEEE 802.1X. This mode uses applied authentication in which a pass-phrase (the PSK) is manually entered on the access point to generate the encryption key. Consequently, it does not scale well in the enterprise. The PSK is typically shared among users. A PSK of sufficient strength—one that uses a mix of letters, numbers and non-alphanumeric characters—is recommended.
Client workstations will require the installation of new WPA-Enterprise or WPA2-Enterprise Wi-Fi CERTIFIED client devices or software/hardware upgrades to the presently installed Wi-Fi CERTIFIED devices.
The Wi-Fi Alliance certifies WPA-Enterprise and WPA2-Enterprise products in tests on an open architecture in which EAP-TLS is used. However, as WPA and WPA2 are open platforms that are designed to be extensible, other EAP types that are not tested by the WPA or WPA2 certification program should run in a WPA or WPA2 environment. Example EAP types include EAP-TLS, EAP-TTLS, PEAP v.0, PEAP v.1 and other open standard types. The Wi-Fi Alliance plans to add more EAP types to its interoperability testing in the future. Managers should ask their vendor about other EAP types.

40. WPA & WPA2, 7-steps The 7 steps are:
• Step 1: Security Mechanism and Credentials
• Step 2: User Authentication Database
• Step 3: Client Operating Systems
• Step 4: Supplicants
• Step 5: EAP Types (EAP-TTLS)
• Step 6: Authentication Server
• Step 7: Access Points and Client NIC Cards
Step 1—Security Mechanism and Credentials
Many existing enterprise networks already have a network security policy in place. Security policies, credentials and user identity management mechanisms will impact WPA and WPA2 enterprise deployment. Typically, the database is stored on the server or, externally, in Microsoft Active Directory™, Novell LDAP™, iPlanet™ or Secure ID™ Token.
If already running IEEE 802.1X authentication, and an authentication system is in place, a manager can continue to use it to store security credentials if it supports the EAP type(s) selected for the Wi-Fi network.
Step 2—User Authentication Database
A database is required for user authentication. If users are already being authenticated, managers should consider the database already in house. In the absence of an existing user authentication database, managers will have to select one.
Step 3—Client Operating Systems
Determine which client operating systems (OS) will be supported — Windows XP, 2000, NT, 98, 95; Windows CE; Mac OS; Linux; Palm OS; DOS or a proprietary system. Managers should make sure that EAP type, selected database, and supplicants will support the operating system that will be used with WPA or WPA2.
Step 4—Supplicants This step and Step 3 (Client Operating Systems), Step 5 (EAP Types), and Step 6 (Authentication Server) should be considered in parallel as the selection of the supplicant should be based on the EAP types, as well as on the client operating systems and authentication database being used.
Managers should determine if they already have a supplicant to support existing client operating systems. If not, one should be obtained. Some operating systems include free supplicants. Others require the purchase of an after-market supplicant. In some settings, aftermarket supplicants may offer more flexibility as they are not tied to a particular operating system. Features may vary between built-in supplicants and third party supplicants.
Step 5—EAP Types
In parallel with Step 4, decide which EAP-type will be used. The EAP type selected should support the selected database for user credentials and the network security strategy. It should match the user authentication policies, user management strategy, and client operating system.
Step 6: Authentication Server
Select an authentication server that will work with the selected user credentials database and matching EAP types. Managers may change EAP types to match the current server. Or, managers may wish to purchase a new server to work with the EAP type that best supports their security policies. Typically, a RADIUS server is used. If selecting a new server, managers must verify that it will work with the selected database and matching EAP-types.
Step 7: Access Points and Client NIC Cards
Confirm that all APs and client devices to be used in the deployment are WPA-Enterprise or WPA2-Enterprise Wi-Fi CERTIFIED as applicable. WPA-Personal and WPA2-Personal APs and clients are not recommended for enterprise deployments because they do not support IEEE 802.1X and EAP authentication.

41. Example of a WPA2 Windows
1. Security Credentials: Digital Certificate X.509
2. Database: Microsoft Active Directory
3. Client OS: Windows XP
4. Supplicant: Built into Windows XP for EAP-TLS
5. Authentication EAP Type: EAP-TLS
6. Authentication Server: Cisco Secure Access Control Server (RADIUS server)
7. Access Points and Client Devices: WPA2-Enterprise Wi-Fi CERTIFIED

42. WPA Deployment Radius Server Authentication Database Wired LAN
802.1X EAP Type
Authentication
Database
Wired LAN
Support for 802.1X EAP Type TKIP
Access Points
AP-1
WiFi Cert with WPA 802.1X EAP Type Supplicant for EAP & OS TKIP Encryption
Wireless
Clients 1 2

43. MAC Address Authentication
4/16/2017
MAC Address Authentication
MAC address authentication is not specified in the standard
Many vendors—including Cisco—support it.
MAC address authentication verifies the client's MAC address against a locally configured list of allowed addresses or against an external authentication server
MAC authentication is used to augment the open and shared key authentications provided by    
CCRI J. Bernardini

44. Wireless Networking J. Bernardini
Remember CIA and AAA
CIA
Confidentiality-Keep things private
Integrity – Data must be consistant and accurate
Availability – The right data to the right users
AAA
Authentication –”Who are You?”
Authorization – “What do you want?”
Accounting – “What have you done?”
Bottom Line
Users are responsible for protecting there accounts and their data
4/16/2017
Wireless Networking J. Bernardini

45. Wireless Networking J. Bernardini
IPsec VPN (Secure Your Wireless with Ipsec by Dan Langille 10/21/2004 )
IPsec is short for IP security
It is a set of protocols for securely exchanging packets at the IP layer.
VPNs frequently use it. can use the same approach to secure our wireless network.
uses shared secrets to encrypt data.
uses security policies to decide what types of traffic to encrypt between which hosts.
IPsec can create a point-to-point tunnel between two hosts.
IPsec cannot exist on its own -need to have IPsec at both ends
IPsec uses a database to decide how to treat traffic.
The two main types of rules are policy and association.
Security Policy Database (SPD) determines what traffic IPsec should handle.
Security Association Database (SAD) specifies how to encrypt that traffic.
4/16/2017
Wireless Networking J. Bernardini

46. Wireless VPNs
Virtual Private Networks, or VPNs, use publicly accessible or wireless network infrastructures combined with private connections to securely exchange private applications and data.
All VPN systems use encryption and other security mechanisms to ensure that only authorized users can access the network, so that the data cannot be intercepted.
Short for virtual private network, a network that is constructed by using public wires to connect nodes. For example, there are a number of systems that enable you to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.
Virtual Private Networks, or VPNs, use publicly accessible network infrastructure combined with
private connections to securely exchange private applications and data. They make the remote or
‘virtual’ office viable, using standard data and computer interconnects. There are a number of VPN
systems that enable the creation of these networks using the Internet as the medium for transport.
All VPN systems use encryption and other security mechanisms to ensure that only authorized users
can access the network, so that the data cannot be intercepted. Among the most popular of these
solutions is Microsoft’s VPN, integrated as a core component of Windows 2000 and Windows XP.

47. Wireless Gateways
A network device or base station, usually providing shared network access, firewall security and encryption.
An Access Point, LAN Switch, Firewall, and WAN Interface in one enclosure.

48. Security Solutions 802.1X Authentication TKIP Temporal Key Integrity
Protocol
MIC
Message Integrity
Checking
Key
Management
Cipher and
Authentication
Negotiation
WPA / WPA2 Wi-Fi Protected Access
AES
Advanced Encryption
Standard
You could drive a truck through the holes in the WEP (Wired Equivalent Privacy) protocol. But emerging wireless security technologies--IEEE's i and the Wi-Fi Alliance's WPA (Wi-Fi Protected Access)--are designed to avoid those holes.
802.11i overhauls the IEEE's security standard. The more airtight i specifications are in the final stages of the standards process, with compliant products due to market this year. But i, which includes data integrity and encryption, is complex and may not interoperate with your existing wireless hardware.
If you have a large base of older b clients and APs (access points), tearing them out isn't realistic. Instead, WPA may be a better fit for now. WPA is a subset of the i standard that provides security for large enterprises and small office/home office WLANs. It was designed to work with i, so it'll give you a head start on a future i deployment. WPA equipment is available now from Airespace, Aruba, Buffalo Technology, Cisco Systems, Proxim and other vendors.
Security Won't Wait After delays in the IEEE standards process, the Wi-Fi Alliance had no choice but to come up with its own WLAN security model. WPA's big selling point is that it secures your WLAN today. It's compatible with existing hardware and simple enough to deploy at home.
As a standards body, the IEEE i task group wasn't under the same market pressures as the vendor-driven Wi-Fi Alliance. After nearly three years of debate, the i committee is putting the finishing touches on its security standard, the Robust Security Network. RSN requires wireless clients and APs to have capabilities most existing devices don't have, including higher processing power and support for intensive encryption algorithms. There is also a transitional spec--conveniently called Transitional Security Network (TSN)--that lets RSN and older WEP systems operate in parallel in the same WLAN. But your wireless network won't be fully secure until it's all RSN.RSN and WPA have a lot in common. They use the same security architecture for upper-level authentication, key distribution and key renewal. WPA, though, is built around TKIP (Temporal Key Integrity Protocol), which is available as a firmware upgrade to most legacy hardware. RSN is more comprehensive and includes support for AES (Advanced Encryption Standard), which is available only on the latest WLAN hardware.
WEP (Wired Equivalency Protocol) encryption, the flaws in that standard are well documented, and hackers can break WEP easily. You need WPA (Wi-Fi Protected Access), a far stronger protocol that fixes the weaknesses in WEP. For further discussion of WPA, see our wireless security story.
Here we'll take you through the process of upgrading your networking equipment and enabling WPA security for your home WLAN. To upgrade your wireless security to WPA, you must have three critical components:
an access point (AP) or wireless router that has WPA support;
a wireless network card that has WPA drivers available;
a client (called a supplicant) that supports WPA and your operating system.
WPA replaces WEP in small-office or home routers, so moving to WPA is an all-or-nothing proposition. For you to consider an upgrade, every wireless device on your network must have WPA capabilities. This includes any wireless bridges you might use for your Microsoft Xbox (or other gaming device), digital camera, home audio gateway, and print server
802.11i

49. Wireless Security Summary
4/16/2017
Wireless Security Summary
Security Model
Authentication
Encryption
Security Level
Transitional
(only a temporary solution)
Shared Key – Up to four WEP keys should be rotated between clients
SSID Beaconing – turn off if AP permits and or cryptic name SSID
MAC Address Filtering – Pre-approved at the AP and no guests
WEP – Even 128-bit WEP has vulnerabilities. 16 ASCII passphasing generate predictable keys and should be discouraged. Only secure against Script-kiddies and casual eavesdroppers.
Low
WPA Personal (ten or fewer devices)
PSK – Manually entered and used as starting seed for encryption generation
Must be entered in both the AP and client
TKIP – Is strong than WEP but uses same hardware. TKIP has three components. MIC to prevent forgeries; the IV is increased from 24 to 48-bits and changed for each packet; TKIP key mixing generates keys that are replaced frequently.
Medium
WPA2 Personal
PSK – Keys are automatically changed after set number of packets.
AES-CCMP – Superior to TKIP and based on the i standard. Produces 128-bit blocks with 128 to 256-bits. Computation intensity strongly suggests hardware processing.
Med/High
WPA Enterprise
802.1x – Port based authentication employing a Supplicant (client), an Authenticator (server isolating client and RADIUS) and Authentication Server (RADIUS).
TKIP – Same as WPA2 Personal
High/Med
WPA2 Enterprise
802.1x – Same as WPA Enterprise
AES-CCMP - Same as WPA2 Personal
High/High
CCRI J. Bernardini

50. Wireless Security Terms
4/16/2017
Wireless Security Terms
SSID –Service Set Identifier
WPA –Wi-Fi Protected Access
WEP- Wired Equivalent Privacy
PSK –Pre-Shared Key
TKIP –Temporal Key Integrity Protocol
MAC –Media Access Control
MIC –Message Integrity Check
AES –Advanced Encryption Standard
CCMP -Counter Mode CBC-MAC Protocol
RADIUS –Remote Dial-In User Service
CCRI J. Bernardini