Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004."— Presentation transcript:

1 Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004

2 Introduction A presentation of the paper “Your 802.11 Wireless Network has No Clothes” by – William A. Arbaugh,Narendra Shankar,Y.C. Justin Wan at Univ. Maryland at College Park Explosive growth in wireless networks. But many security issues initially left open by 802.11 standards committee. Result : weak or non-existent security solutions for current deployments.

3 Introduction (Cont.) In the Wired World emphasis on protection from external compromise. (Firewalls) Wireless Networks provide an access point for any adversary beyond physical controls. A “back door” is opened for an attacker, which can be exploited. (Parking lot attacks) And a simple eavesdropping attack against 802.11 shared key authentication.

4 Standard Security Mechanisms Wired Equivalent Privacy protocol (WEP) – For confidentiality of network traffic – Demostrated to be vulnerable Open Systems Authentication – Authenticates anyone who requests authentication – Management frames sent in clear even with WEP Shared Key Authentication – Uses a standard challenge and response protocol

5 Shared Key Authentication InitiatorResponder Authentication Request Seq # 1 Authentication Challenge Seq # 2 Authentication Response Seq # 3 Authentication Result Seq # 4

6 Shared Key Authentication (Cont.) Initator sends an authentication req. management frame Responder replies by sending mgmt. Frame with 128 octets of challenge text. – Text Generated using WEP PRNG with shared secret and a random initialization vector (IV) Initiator copies the text into a new frame, encrypts with WEP using shared secret and a new IV Responder verifies text and 32-bit CRC (ICV)

7 Weaknesses in Shared Key Auth. Passive attack, eavesdropping 1 leg of auth. Works because fixed structure of protocol Random challenge is the only diffrence between two Authentication messages. Also because of weakeness in WEP WEP = Pseudo Random Number Generator K = Shared key IV = Initialization Vector (Sent in clear) P = Plain text challenge text C = Cipher text R = Challenge text

8 Shared Key Auth. (Cont) Messages based on sequence numbers Sequence #Status CodeChallenge Text WEP Used 1ReservedNot PresentNO 2StatusPresentNO 3ReservedPresentYES 4StatusNot PresentNO

9 Shared Key Flaw (Cont.) Attacker captures 2 nd & 3 rd frames. – 2 nd Frame => Random challenge in clear (P) – 3 rd Frame => Encrypted challenge (C) PRNG stream – WEP K,IV P R = C P – Stream can be derived from above without knowing the shared Key (K)

10 Shared Key Attack Attacker requests authentication from an AP AP responds with challenge text (R) in clear Attacker takes R and PRNG to get valid authentication response by XOR-ing the 2 Attacker computes a new integrity check value (ICV) Valid response allows Attacker to join the network.

11 Conclusions & Future Work All deployed 802.11 networks are at risk WEP can make it harder but vulnerable as keys are static and hard to change Vendors have used un-authenticated Diffie- Hellman for key exchange. Worse solution as Man In The Middle attack can give the Key to the attacker.

12 Question & Comments

Download ppt "Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004."

Similar presentations

Off-the-Record Communication, or, Why Not To Use PGP

Off-the-Record Communication, or, Why Not To Use PGP
CS470, A.SelcukStream Ciphers1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukStream Ciphers1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Your 802.11 Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.

Your Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
15 November 2004 1 Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

Similar presentations

Ads by Google