Presentation is loading. Please wait.

Presentation is loading. Please wait.

WEBOK Tutorial Paul Kubik

Published byStewart Dean Modified over 9 years ago

Similar presentations

Presentation on theme: "WEBOK Tutorial Paul Kubik"— Presentation transcript:

1 WEBOK Tutorial Paul Kubik
Wireless Engineering Body of Knowledge (WEBOK) Wireless Security WEBOK Tutorial Paul Kubik

2 What is Wireless Security?
Confidentiality: the communication data are only disclosed to authorized users. Integrity: the data in the communication retain their veracity and are not able to be modified by unauthorized users. Availability: authorized users are granted timely access and sufficient bandwidth to access the data. 3.6 Security Requirements (WEBOK)

3 What is Wireless Security?
Why is Wireless Security important? Fraud, Theft – Stealing customer login details from a WiFi hotspot Sabotage – Disabling a local 2G cellular network using a jamming device Espionage – Stealing a phonebook from a mobile phone via bluetooth Malicious – Distribution of Mobile viruses, unsolicited Bluetooth advertising etc. How can we protect technology through Security? Encryption – protects the information stored in a message Authentication – validates the identity of end-points in a communication Authorization - restricts access to a service through the use of authentication systems. Certification – authentication of end-points by a third party An attack may be based on poor encryption which allows the attacker to retrieve enough information to authenticate as a trusted party using the wireless protocol, thus authorizing them to perform transactions on the “In 1996, fraudulent activities through cloning and other means cost operators some US$750 million in lost revenues in the United States alone. Fraud is still a problem today, and IDC estimates that in 2000, operators lost more than US$180M in revenues from fraud.” August 2002,

4 What is Wireless Security?
What type of attacks are there? brute-force attack authenticate by incrementing through every possible combination of a password dictionary attack authenticate by guessing the password from a library of common words Man-in-the-middle Attacker actively intercepts the path of communications between two legitimate parties, thereby obtaining authentication credentials and data. Attacker can then masquerade as a legitimate party. Spoofing Attacker impersonates an authorized user and gains certain unauthorized privileges. Replay attack Attacker passively monitors transmissions and retransmits messages, acting as if the attacker were a legitimate user. Denial of service Attacker prevents or prohibits the normal use or management of networks or network devices. Brute-force – Bluetooth MAC address is used to communicate to hidden access points. The address can be made sufficiently short that the MAC address can be found by incrementing through addresses Dictionary – reduce the search space for a brute-force attack by keeping a known range for MAC addresses that are used by a handset manufacturer (eg. Sony Ericsson) Man-in-the-middle – WiFi hotspots rely on the Access Point to redirect the user’s traffic to the internet. Setting up a malicious AP allows the user to connect to the internet unaware of a man-in-the-middle

5 What is Wireless Security?
Common concepts in security Private Key - two (or more) parties share the same key, and that key is used to encrypt data from clear-text to a cipher-text. Private key cryptography relies on keeping the key secret Eg. AES, DES, 3-DES Public Key – each party has a pair of keys. One key is public and the other is private. A message encrypted with the public key can be decrypted with the private key. The public key can be made known to all parties (including attackers). The private key is kept secret. Eg. RSA, Diffie-Hellman Private (Symmetric) - Public (Asymmetric) -

6 Network Access Control
Network Access Control is used to authenticate, authorize and account for a user or client on the network Challenge-Response Authentication The authenticating party asks for information that could only be known to the user Network Access Control protocols: RADIUS Diameter Extensible Access Protocol 3.6.1 Network Access Control (WEBOK)

7 Network Access Control – RADIUS
User authenticates with NAS using a username/password NAS sends Access-request to RADIUS server RADIUS server generates an Access-Challenge for the user. User calculates hash and sends response to the RADIUS server User is authenticated as an end-point in the network (Access-Accept) RADIUS (WEBOK) In wireless networks, the NAS may be implemented within a specific access point such as the PDSN, GGSN, etc.

8 Network Access Control – Diameter
Failover: supports application-layer acknowledgment and defines failover algorithms. Confidentiality: IPSEC support is mandatory for Diameter and TLS is optional. Reliable transport: Transmission Control Protocol (TCP) or STCP protocols. Server-initiated messages: Mandatory support allowing re-authentication/re-authorization Auditability: Data-object security mechanisms preventing against untrusted proxies modifying attributes or packet headers Capability negotiation: Error messages, capability negotiation, mandatory/non-mandatory flags for attributes (AVPs). Peer discovery and configuration: Dynamic discovery of peers using Domain Name System (DNS). Dynamic session keys via transmission-level security. Roaming support: Supports user roaming, interdomain exchange of user and accounting information. Diameter (WEBOK)

9 Network Access Control - EAP
Extensible Access Protocol is a authentication framework, not a specific implementation. It defines methods and common functions used for authentication. Supplicant – The party that wants to be authenticated Authenticator - The party that demands proof of authentication Four types of messages are defined in EAP: request, response, success, and failure. The authenticator sends a request message to the supplicant asking for a response message to authenticate. If the authentication is successful, a success message is sent to the supplicant; if not, a failure message is sent. Encapsulation on IEEE wireless LANs, IEEE i WPA, WPA2 Standard EAP-TLS, EAP-TTLS, PEAP Extensible Access Protocol (WEBOK)

10 Network Access Control – 802.1x
An authentication protocol based on EAP The supplicant is the authenticating user, sends an EAP-Start message to the authenticator The authenticator is the Wireless Access Point (802.11), sends an EAP-Request Identity to the supplicant The authenticator only allows the supplicant to generate EAP traffic (EAPoL) until it has been authenticated The authentication server determines whether a supplicant is authenticated (eg RADIUS server) IEEE 802.1x (WEBOK)

11 NAC Example (1) The Traffic Capture is RADIUS conversation using EAP-TLS Supplicant MAC: Z-Com_64:61:dc Authenticator MAC: 3com_7a:eb:fc IP Addr: Auth Server IP Addr: 3: The supplicant sends an EAP Response containing 4: The authenticator sends a RADIUS packet to the authentication server containing the connection details

12 NAC Example (2) 8: The authentication server sends an access-challenge to verify the supplicant’s identity. 10: The authenticator requests that the supplicant use EAP-TLS to verify the user identity 26: The authentication server decides that client certificate is valid and the supplicant is a known user 29: Now the authenticator must still make sure that the supplicant has the correct WPA pre-shared key

13 Wireless LAN Security Service Set Identifier (SSID) - wireless LAN name used client to identify the network Media Access Control (MAC) address - administrator may specify which MACs are allowed to access the network Security Algorithm – used for network authentication, including WEP, WPA or WPA2 Wireless LAN Security

14 WLAN Security - WEP WEP Initialization Vector (IV) – 24-bit seed value to initialize the cryptographic system Stream cipher (RC4) – 40-bit, 104-bit keys. Generates a key which is XOR’ed with the message. A different sequence is used for each message Integrity checking (CRC-32) – computed and encrypted on each message, becomes the Integrity Check Value (ICV) on the frame Wired Equivalent Privacy Security weaknesses * 24-bit IV finishes a cycle in about one hour and then repeats * Bit-flip attacks on the CRC-32 allowing an attacker to know which encryption bits change when message bits are modified.

15 WLAN Security - TKIP TKIP is used to enhance the RC4 cipher. It is designed to strengthen the WEP protocol (based on RC4) without significant performance degradation Message encryption using the RC4 algorithm Integrity protection, using the Message Integrity Code (MIC) Replay prevention, using a frame sequencing technique; and Use of a new encryption key for each frame. Temporal Key Integrity Protocol

16 WLAN Security - CCMP CCMP is used to enhance the AES cipher. AES is the secure cipher used by WPA/WPA2 CCMP provides authentication and privacy features based on AES Integrity control (MIC) Message encryption (payload only) CCMP is designed for a 128-bit key and block size Temporal Key Integrity Protocol

17 WLAN Security – WPA/WPA2
RC4 Cipher. TKIP/MIC Encryption Implements partial i standard TKIP generates a sequence of WEP keys based on a master key. Message Integrity Code (MIC) and ICV (Integrity Check Value) identify if the packet is tampered with WPA2 AES Cipher (instead of RC4). AES-CCMP Encryption Implements full i standard, known as RSN AES is a secure cipher that can be implemented in hardware. CCMP arranges for Message Integrity Control (MIC) and Message encryption (payload only)

18 WLAN Security Example Securing your network
Enable WPA/WPA2 security on the access point. Change the default admin password Change the default SSID and disable broadcast. Disable DHCP, enable MAC address filtering

19 Cellular Security AMPS Security Analog FM system. Unencrypted channels
ESN / MIN used for Customer and Handset registration on the network CDMA Security Subscriber Authentication (CAVE) Subscriber Identity confidentiality (TMSI). No SIM card Spreading sequences on physical channel GSM Security Subscriber Authentication (A3/COMP128) Subscriber Identity confidentiality (TMSI). Removable SIM card Encryption of Air interface only UMTS security Mutual authentication (Subscriber and Network) Encryption from Air interface to RNC Mechanism for upgrading security features. GSM Security 1983 American Mobile Phone System (AMPS) 1991 Global System for Mobile Communication (GSM) Universal Mobile Telecommunications System (UMTS)

20 Cellular Security – CDMA
“A-Keys may be programmed by one of the following: a) The factory b). The dealer at the point of sale c) Subscribers via telephone d) OTASP (over the air service provisioning).”

21 Cellular Security – GSM
IMEI (International Mobile Equipment Identity) is a unique 17 or 15 digit code used to identify a Mobile Station (hardware) IMSI (International Mobile Subscriber Identity) is a unique 15-digit code used to identify a subscriber (user) Ki (128-bit) is a secret key shared between the Mobile Station and the HLR Kc (64-bit) is a Session Key for channel encryption. Kc is generated by the Mobile Station from RAND and Ki using the A8 algorithm. RAND (128-bit) is a random challenge generated by the HLR. SRES (32-bit) is a Signed Response generated by both the Mobile Station and the HLR from the RAND to verify identity HLR / AuC – Stores the IMSI and Ki for Mobile Stations EIR – Stores an IMEI black-list to prevent calls from stolen or unauthorized Mobile Stations. HLR / AuC – Home Location Register / Authentication Center EIR – Equipment Identity Register SRES (32-bit) is the Signed Response generated by the Mobile Station and the Mobile Services Switching Center.

22 Cellular Security – GSM
BTS HLR Mobile Station MSC RAND Ki, Kc SRES Ki, Kc The Mobile Station (MS) signs into the network. The HLR uses the A8 algorithm to generate RAND, SRES and Kc The HLR sends RAND to the RNC and the MS The MS generates SRES from RAND and Ki using the A3 algorithm The MS sends SRES to the MSC The MSC verifies SRES (Mobile) and SRES (HLR) The MS generates Kc from RAND and Ki using the A8 algorithm The BTS verifies Kc (MS) and Kc (HLR) The MS initialises the A5 algorithm with Kc and the frame number An encrypted channel between the MS and the BTS is established Reference:

23 Bluetooth Security Bluetooth Security Attacks
Bluejacking - attempt to send a phone contact or business card to another nearby phone for the purpose of spamming information / advertising Bluesnarfing - stealing data (messages, calendar, phone book etc) from the target device in an unauthorised manner which includes bypassing the usual paring requirement. Bluebugging - victim device is controlled by the attacker who sends commands to perform actions as if having physical access to the device Security attributes Bluetooth address : unique device identifier (48-bit). The first 3 bytes are assigned to a manufacturer. The last 3 bytes allocated by the manufacturer. "Discoverable" mode : determines whether the device is visible to other devices. PIN Code : Four digit secret code entered into both devices to establish a Link Key (128-bit) Frequency hopping : Pseudo-random sequence (1600 hops / second) Setting Bluetooth to a "non-discoverable" prevents devices from appearing during a search. It is still visible to those devices that know the MAC address (eg. previously paired devices) Bluetooth sniffer can record the exchanged messages being used to derive the link key and feed the recordings to software that knows the Bluetooth algorithms and can cycle through all 10,000 possibilities of the PIN. The frequency hopping sequence used in Bluetooth technology is pseudo-random, meaning that a hacker with the proper equipment can synchronize to a pre-defined frequency hopping pattern used by two Bluetooth devices in communication Instructions to modify a Bluetooth Dongle in such a way to reach operating ranges around several hundred meters are available on the internet

24 Wireless Security END

Download ppt "WEBOK Tutorial Paul Kubik"

Similar presentations

SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – 802.11b  Security Mechanisms in 802.11b  Security Problems in 802.11b  Solutions for 802.11b.

無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
Information Security of Embedded Systems 20.1.2010: Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Georgy Melamed Eran Stiller

Georgy Melamed Eran Stiller

Similar presentations

Ads by Google