Presentation is loading. Please wait.

Presentation is loading. Please wait.

無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.

Published byBuddy Wright Modified over 9 years ago

Similar presentations

Presentation on theme: "無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack."— Presentation transcript:

1 無線網路安全 WEP

2 Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack Active Attack

3 Passive Attack Release of message contents, Traffic analysis

4 Active Attack(1/4) Masquerade

5 Active Attack(2/4) Replay

6 Active Attack(3/4) Modification of Messages

7 Active Attack(4/4) Denial of Service

8 The Defense Cryptography system Symmetry key (shared key) Asymmetric key (public key) Issue: Key distribution Plain text Encryption Algorithm Encryption Algorithm Ciphertext Decryption Algorithm Decryption Algorithm Plain text (original) Encryption key Decryption key (open) (secret)

9 Symmetric-Key Systems DES (Data Encryption Standard) A block cipher with a 56-bit key. Has been one of the most widely used encryption algorithms Too weak today because of the computing power of current CPU. Triple-DES (or 3DES)A enhanced version of DES with increased key length. IDEA(International Data Encryption Algorithm) Encrypting data faster and more secure than DES. (128-bit) Blowfish A compact and simple block cipher with a variable-length key of up to 448 bits. RC2 (Rivest cipher no. 2) A block cipher with a variable-length key of up to 2048 bits. The details of the algorithm used have not been officially published. RC4 (Rivest cipher no. 4)A stream cipher with a variable-length key of up to 2048 bits. AES (Advanced Encryption Standard) One of the most popular algorithms used in symmetric-key system

10 Asymmetric-Key Systems RSA (named after its creators–Rivest, Shamir and Adleman) Based on the problem of factoring large integers Advances in the mathematical methods will affect the algorithm's vulnerability. DSS (Digital Signature Standard) Developed by the US National Security Agency (NSA). Can be used only for digital signatures and not for encryption or key distribution.

11 The Attack - Cryptanalysis Ciphertext only Brute-force Known plaintext has a sample of plaintext and a corresponding sample of ciphertext deduce the encryption key for decrypt other portion of ciphertext Chosen text select particular blocks of plaintext to yield more information about the key

12 The Defense - Integrity Modification attack may occur in a series of related cipher blocks  Data integrity is broken Message Digest Fixed-length hash value dependent on original data Requirement: difficulty to deduce the original data (one-way hash) MD5 Takes any arbitrary length input string and produces a fixed 128-bit value. SHA (secure hash algorithm) Similar to MD5 but produces a 160-bit hash value so is more resistant to brute force attacks 1.

13 The Defense - Freshness For replay attack Timestamp the message and the time stamp need to be bound together in some way Sequence number Useless in connectionless packet-switched network Nonce an unpredictable value in a challenge–response sequence

14 The Defense - Freshness

15 The Defense - Authentication To provide some assurance about the source of a message Challenge–Response protocol using public key on message digest  Digital Signature To assure that the public key is really belong to its owner  Digital Certificate Third-party certification authority is required

16 Attacks on Wireless Networks Eavesdropping Communication Jamming Denial of Service, DoS Man-In-The-Middle attack

17 Attacks on Wireless Networks

18 Eavesdropping In wireless network, attacker can easily capture packet from air- interface. For packets with no encryption or weak encryption, attacker can analyze and crack them.

19 Attacks on Wireless Networks Communication Jamming In wireless network, the signal could be interfered by others. Use high power signal generator can interrupt the communication between MNs and AP

20 Attacks on Wireless Networks Denial of service (DoS) Attacker use lots of packets to paralyze AP or server Methods include: ARP packet SYN flooding attack ICMP/UDP flooding attack Smurf ….

21 Attacks on Wireless Networks SYN flooding attack ICMP flooding attack UDP flooding attack

22 Attacks on Wireless Networks Smurf flood attack

23 Attacks on Wireless Networks Man In The Middle attack In 802.11 network, Man-in-the-Middle attack could be the forgery AP. The AP attempts lead user to give him private information.

24 Wire Equivalent Privacy

25 Properties WEP Wired Equivalent Privacy Data encryption using shared WEP keys Original goal – Providing privacy similar to a wired network Using RC4 cipher (stream cipher) Shared Key Authentication Single key is shared by all users and access points Challenge-response Manual key distribution

26 RC4 Cipher

27 WEP Data Processing

28 40-bit WEP key must be manually prepared Setup manually in the configuration of the AP and the stations Totally, 4 keys can be setup but only one of them can be selected for encryption Key is shared among all members 24-bit Initial Vector (IV) is randomly generated Transmitted in plaintext 32-bit ICV = 32-bit CRC of the frame body

29 RC4 Algorithm stream cipher symmetric key Use two array, state and key 1. 256-byte state table. State[256]=[ 0.. 255 ] 2. It has the capability of using keys between 1 and 2048 bits. Key[1..2048] = [ ……. ] Hint. WEP use 40 bits

30 RC4 Algorithm * Two phases  Key Setup 1. f = ( f + S i + K g ) mod 256 2. Swapping S i with S f  Ciphering ( XOR) 1. i = ( i + 1 ) mod 4, and f = ( f + S i ) mod 256 2. Swaping S i with S f 3. t = ( S i + S f ) mod 256 Random byte S t

31 Key Setup Example Iteration 1: i=0, f=0, g=0 S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 0, 1, 2, 3 ] K[ ]=[ K 0, K 1 ] = [ 2, 5 ] Because f=(f + S 0 + K 0 )mod 4=2, then swap S 0 with S 2 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 2, 1, 0, 3 ] i= i +1 = 1 g =(g+1)mod 2 = 1

32 Key Setup Example Iteration 2: i=1, f=2, g=1 S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 2, 1, 0, 3 ] K[ ]=[ K 0, K 1 ] = [ 2, 5 ] Because f=(f + S 1 + K 1 )mod 4=0, then swap S 1 with S 0 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 2, 0, 3 ] i = i +1 = 2 g =(g+1)mod 2 = 0

33 Key Setup Example Iteration 3: i=2, f=0, g=0 S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 2, 0, 3 ] K[ ]=[ K 0, K 1 ] = [ 2, 5 ] Because f=(f + S 2 + K 0 )mod 4=2, then swap S 2 with S 2 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 2, 0, 3 ] i= i +1 = 3 g =(g+1)mod 2 = 1

34 Key Setup Example Iteration 4: i=3, f=2, g=1 S[ ]=[ S0, S1, S2, S3 ] = [ 1, 2, 0, 3 ] K[ ]=[ K0, K1 ] = [ 2, 5 ] Because f=(f + S3 + K1)mod 4=2, then swap S3 with S2 New array S[ ]=[ S0, S1, S2, S3 ] = [ 1, 2, 3, 0 ]

35 Ciphering Example “H” : i=0, f=0 S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 2, 3, 0 ] Because i = ( i + 1 )mod 4 = 1 f =( f + S 1 )mod 4 = 2, then swap S 1 with S 2 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 1, 3, 2, 0 ] t = ( S 1 + S 2 )mod 4 = 1 S 1 = 3 ( 0000 0011 ) H 0100 1000 XOR 0000 0011 0100 1011

36 Ciphering Example “I” : i=1, f=2 S[ ]=[ S0, S1, S2, S3 ] = [ 1, 3, 2, 0 ] Because i = ( i + 1 )mod 4 = 2 f =( f + S2)mod 4 = 0, then swap S 2 with S 0 New array S[ ]=[ S 0, S 1, S 2, S 3 ] = [ 2, 3, 1, 0 ] t = ( S2 + S0 )mod 4 = 3 S3 = 0 ( 0000 0000 ) I 0100 1001 XOR 0000 0000 0100 1001

37 Ciphering Example  Result Plaintext : 0100 1000 0100 1001 Cipher : 0100 1011 0100 1001

38 Weakness Key Management WEP uses static (keys are not changed dynamically)master keys  easy to crack. Since all users use same WEP key, difficult to change the key. The IV value is too short. IV+WEP key  Weak key attacks (FMS attack). Reconstruct the key from a number of collected encrypted messages Weak keys in RC4 algorithm No effective detection of message integrity  Modifying the contents of a frame without changing the ICV no protection against message replay.

Download ppt "無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack."

Similar presentations

Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
How To Not Make a Secure Protocol 802.11 WEP Dan Petro.

How To Not Make a Secure Protocol WEP Dan Petro.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Similar presentations

Ads by Google