Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless security Wi–Fi (802.11) Security

Published byEvelyn Barrett Modified over 9 years ago

Similar presentations

Presentation on theme: "Wireless security Wi–Fi (802.11) Security"— Presentation transcript:

1 Wireless security Wi–Fi (802.11) Security
Seminar by: Jigar Shah Guide: Prof. G.K. Kharate

2 Content Introduction to Wi-Fi Types of attacks
Traditional security with ref. to Wi-Fi How IEEE WEP works Why WEP is not secured IEEE i and RSN WPA: An intermediate solution Wi-Fi security in Real World

3 Ad hoc mode

4 Infrastructure mode

5 Types of attacks

6 Example: Man – In – Middle attack
Listen to message from Mob to AP Read message till end of “check-word” Transmit a sudden burst of noise to corrupt check-word Forge ack. message with AP’s address and send it to MOB Recalculate check-word and send captured msg. to AP Wait for ACK from AP and corrupt check-word again so MOB rejects it

7 Traditional security Architecture
UntrustedZone Trusted Zone firewall Conventional Security Architecture firewall UntrustedZone Trusted Zone VPN User Remote User in “Trusted Bubble”

8 Wireless LAN security option 1
VPN UntrustedZone Trusted Zone User firewall Wireless User in Untrusted Zone VPN UntrustedZone Trusted Zone WLAN Treating a Wi-Fi LAN user Like a Remote User firewall

9 How WEP works Authentication Message Encryption

10 Open Authentication AP STA Authenticate (request)
Authenticate (success) Authenticate (request) STA AP

11 WEP Authentication STA AP Authenticate (request)
Authenticate (challenge) STA AP Authenticate (response) Authenticate (success)

12 WEP Message Encryption using RC4 stream cipher
IV Secret Key RC4 Algorithm C A B $ W & Combined RC4 key

13 Mechanics of WEP Data & ICV Key ID IV DATA ICV Adding ICV
Encrypt Compute check DATA ICV Adding ICV Encrypted Data & ICV Key ID IV Unencrypted Adding IV and KeyID bits

14 Why WEP is not secure Authentication Access control Replay prevention
Message modification Message privacy IV reuse RC4 weak keys Direct key attacks

15 Basic requirements for authentication
Robust method of proving identity Method of preserving identity over subsequent transaction that cannot be transferred Mutual authentication Independent keys. i.e. independent from encryption keys

16 Transition to 802.11i (RSN): The ultimate solution
Encryption algorithms TKIP CCMP – AES. WRAP Message Integrity – A strong data integrity algorithm (Michael Message Integrity Check) is applied. Mutual Authentication – i uses 802.1X/EAP for user authentication. Other security features - secure IBSS, secure fast handoff, and secure deauthentication and disassociation. Roaming Support

17 Relationship of Wireless LAN Security Layers
Authentication Layer Authentication Server Authentication Client (Kerberos V5, TLS, PEAP,EAP-SIM) Corporate Network Operating System Access Control Layer Authenticator (Access Control) (EAP, IEEE 802.1X, RADIUS) Supplicant Wireless LAN Layer Wireless LAN Wireless LAN Access Point Mobile Devices

18 An intermediate solution: WPA
Goals of WPA be a strong Interoperable security replacement for WEP be software upgradeable to existing Wi-Fi CERTIFIED products be Applicable for both home and large enterprise users be available immediately

19 WPA (Wi-Fi Protected Access)
Implements 802.1X EAP based authentication Apply Temporal Key Integrity Protocol (TKIP) on existing RC4 WEP Use Michael Message Integrity Check

20 Wi-Fi Security In Real World

21 Conclusion

22 References http://www.iss.net/wireless

23 References http://www.hackfaq.org/wireless-networks/802.11i.shtml

24 Thank you!

25 Questions ?

Download ppt "Wireless security Wi–Fi (802.11) Security"

Similar presentations

IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – 802.11b  Security Mechanisms in 802.11b  Security Problems in 802.11b  Solutions for 802.11b.

無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
Implementing Wireless LAN Security

Implementing Wireless LAN Security
Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.

Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
WEP and 802.11i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.

WEP and i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

Similar presentations

Ads by Google