Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and Authentication for Wireless LAN 1 Privacy And Authentication for Wireless Local Area Networks Ashar Aziz Whitfield Diffie Sun Microsystems,

Published byTracey Tyler Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy and Authentication for Wireless LAN 1 Privacy And Authentication for Wireless Local Area Networks Ashar Aziz Whitfield Diffie Sun Microsystems,"— Presentation transcript:

1 Privacy and Authentication for Wireless LAN 1 Privacy And Authentication for Wireless Local Area Networks Ashar Aziz Whitfield Diffie Sun Microsystems, Inc Presented by: Naveen Srinivasan.

2 Privacy and Authentication for Wireless LAN 2 OUTLINE Loopholes in wireless Design Goals Design Overview Message Exchange in Protocol Other Issues

3 Privacy and Authentication for Wireless LAN 3 Loopholes in Wireless medium –Wireless receivers –No physical constraints Design Goals –Privacy of wireless data communication and authenticity of the communicating parties –Seamless integration into existing wired network –Mutual authentication –To take advantage of shared key cryptography

4 Privacy and Authentication for Wireless LAN 4 Two ways to achieve security –Secure wireless link Obviates the need for upgrading existing network secured(wired)+secured(wireless) –End-to-End Approach application layer transport layer upgrading existing network

5 Privacy and Authentication for Wireless LAN 5 Public key and shared key cryptographic techniques –Public Key : session key and authentication –Shared Key: privacy CA Pub Key MobileBase Challenge/Response Protocol Design Overview

6 Privacy and Authentication for Wireless LAN 6 Content of the Certificate Contents: Serial Number Validity Period Machine Name Machine Public Key CA Name CA

7 Privacy and Authentication for Wireless LAN 7 MobileBase Cert_Mobile, CH1, Lists of SKCSs Message #1 CH1 128 bit random number List of SK algorithm include algo and key size Base station on receiving could indentify that it received from mobile but it doesn’t know if the certificate belongs to Mobile Certificate Invalid – rejects the connection Valid – Reply to message as mentioned in Message #2

8 Privacy and Authentication for Wireless LAN 8 Issues in choosing the SKCS Why list of SKCSs and CH1 is sent in Msg #2 ? Message #2 MobileBase Cert_Base, E(Pub_mobile, RN1), Chosen SKCS, Sig(Priv_Base, { E(pub_Mobile, RN1), Chosen SKCS, CH1, List of SKCSs })

9 Privacy and Authentication for Wireless LAN 9 Message #3 MobileBase E(Pub_Base, RN2), Sig{ Priv_Mobile, { E(Pub_Base, RN2), E(Pub_Mobile, RN1) } }

10 Privacy and Authentication for Wireless LAN 10

11 Privacy and Authentication for Wireless LAN 11 Data Packet Issues Problems: Packet losses Playback attack Solutions: Message ID Count of no. of 64-bits blocks that have been sent Last 64-bits of the cipher-text of the last packet Assumes taken care by higher layer protocol

12 Privacy and Authentication for Wireless LAN 12 Operation with Multiple CAs Previous protocol description single network wide CA – not feasible Hierarchy of CA s is employed Base Station Not only include the certificate but also the certificate path Mobile Just its own certificate

Download ppt "Privacy and Authentication for Wireless LAN 1 Privacy And Authentication for Wireless Local Area Networks Ashar Aziz Whitfield Diffie Sun Microsystems,"

Similar presentations

IEEE 802.11 Overview Mustafa Ergen UC Berkeley

IEEE Overview Mustafa Ergen UC Berkeley
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Similar presentations

Ads by Google