Title: The Dangers of Mitigating Security Design Flaws: A Wireless Case Study
1The Dangers of Mitigating Security Design
FlawsA Wireless Case Study
- Nick Petroni Jr., William Arbaugh
- University of Maryland
Presented by Abe Murray
CS577 Advanced Computer Networks
2Outline
- Abstract / Intro
- WEP Overview
- Attacks
- Dictionary
- Inductive
- Authors Implementation
- Implementation Results
- Mitigation Angle
- Closing
CS577 Advanced Computer Networks
3Abstract
- Mitigating system flaws is hard to do right
- But vendors do this all the time
- Design flaws are hard to patch
- Often best approach is to re-architect system
- WLAN Security (WEP)
- Shows the FUNDAMENTAL PREMISE that adding
security after the fact is near impossible
CS577 Advanced Computer Networks
4Introduction
- The authors present a case study showing
- Mitigating one flaw worsens another flaw
- Overall security remains the same
- The authors develop an inductive attack against
WEP - 1st synchronous attack against WEP
- Example of mitigation problem
- Does not rely on knowledge of target network
CS577 Advanced Computer Networks
5Introduction
- The authors present a case study showing
- Mitigating one flaw worsens another flaw
- Overall security remains the same
- The authors develop an inductive attack against
WEP - 1st synchronous attack against WEP
- Example of mitigation problem
- Does not rely on knowledge of target network
CS577 Advanced Computer Networks
6Outline
- Abstract / Intro
- WEP Overview
- Attacks
- Dictionary
- Inductive
- Authors Implementation
- Implementation Results
- Mitigation Angle
- Closing
CS577 Advanced Computer Networks
7WEP Overview
- IEEE 802.11 specification calls for reasonably
strong protection - WEP - Wired Equivalent Privacy - fails to
deliver - Protects at the Data Link Layer
- Symmetric Stream RC4 cipher
- Shared secret k
- Secret used to generate stream of pseudorandom
bytes equal in length to target plaintext - Encryption
- Decryption
CS577 Advanced Computer Networks
8WEP Overview
Graphic by Petroni and Arbaugh
CS577 Advanced Computer Networks
9Outline
- Abstract / Intro
- WEP Overview
- Attacks
- Dictionary
- Inductive
- Authors Implementation
- Implementation Results
- Mitigation Angle
- Closing
CS577 Advanced Computer Networks
10Dictionary Attacks
- Definition Any brute-force attack in which a
large table is used or generated - Relevance RC4 each key has unique associated
pseudorandom stream used for encryption
decryption - Build dictionary of all streams (1 per IV) Dont
need key to participate in network! - IV size ? 224 possible key streams,
- WLAN MTU 2312 Bytes ? 40 GB Dictionary!
CS577 Advanced Computer Networks
11Inductive Attacks
- Approach Obtain full network access without
knowing the key with minimal knowledge of target - HOW? Use known network protocols (redundantly
encrypted data) to intelligently guess an
initial number of encrypted bytes
CS577 Advanced Computer Networks
12Step 1 Guess the first byte(s)
Graphic by Petroni and Arbaugh
Table by Petroni and Arbaugh
CS577 Advanced Computer Networks
13Step 2 Guess the next byte
Graphic by Petroni and Arbaugh
CS577 Advanced Computer Networks
14The Authors Attack
- Attack System
- WLAN card operating in promiscuous mode (Intersil
Prism 2 chipset) - Ability to directly manipulate transmitted bytes
(OpenBSD 3.1 with modified drivers) - Attack Approach
- Choice between ICMP and SNAP/ARP
- Choose ARP so at Layer 2, though both work
CS577 Advanced Computer Networks
15Outline
- Abstract / Intro
- WEP Overview
- Attacks
- Dictionary
- Inductive
- Authors Implementation
- Implementation Results
- Mitigation Angle
- Closing
CS577 Advanced Computer Networks
16Implementation Results
Table by Petroni and Arbaugh
CS577 Advanced Computer Networks
17Outline
- Abstract / Intro
- WEP Overview
- Attacks
- Dictionary
- Inductive
- Authors Implementation
- Implementation Results
- Mitigation Angle
- Closing
CS577 Advanced Computer Networks
18Mitigation Angle
Table by Petroni and Arbaugh
CS577 Advanced Computer Networks
19Outline
- Abstract / Intro
- WEP Overview
- Attacks
- Dictionary
- Inductive
- Authors Implementation
- Implementation Results
- Mitigation Angle
- Closing
CS577 Advanced Computer Networks
20Closing Remarks
- Authors showed how to mitigate their attack
- Stop forwarding packets with bad data
- Detect attack activity
- Packet Filtering (though effectively cripples
network) - Dynamic Rekeying
- Neat attack all by itself
- Interesting example of how patching bad security
rarely works - Questions?
CS577 Advanced Computer Networks