Basic Wireless LAN Security Technologies - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

Basic Wireless LAN Security Technologies

Description:

It is important to verify that the countermeasure is in place and working properly ... Then the Euler totient function is formed. That is, RSA Scheme ... – PowerPoint PPT presentation

Number of Views:182
Avg rating:3.0/5.0
Slides: 19
Provided by: raveen7
Category:

less

Transcript and Presenter's Notes

Title: Basic Wireless LAN Security Technologies


1
Basic Wireless LAN Security Technologies
  • Most wireless security incidents occur because
    system administrators do not implement available
    counter measures.
  • It is important to verify that the countermeasure
    is in place and working properly
  • Thus, WLAN security wheel which is a continuous
    security process is very effective

2
WLAN Security Wheel
  • The Four Steps of Wireless Security Policy
  • Secure
  • Monitor
  • Test
  • Improve

3
Secure
  • This step implements WLAN security solutions to
    stop or prevent unauthorized access or activities
    and to protect information using the following
  • Authentication (802.1x)
  • Encryption (WEP or AES)
  • Traffic Filters
  • Controlled wireless coverage area

4
Monitor
  • This step involves the following actions
  • Detecting violations to the WLAN security policy
  • Involving system auditing, logs, and real-time
    intrusion detection
  • Validating the security implementation in step 1

5
Test Improve
  • Test This step validates the effectiveness of
    the WLAN security policy through system auditing
    and wireless and wired vulnerability scanning
  • Improve This step involves the following
  • Using info from step 3 to improve WLAN
    implementation
  • Adjusting the security policy

6
First Generation Wireless Security
  • Security was not a big concern
  • Many WLANs used Service Set IDentifier (SSID) as
    the basic form of security.
  • Some WLANs controlled access by entering the MAC
    address of each client into their wireless AP.
  • Neither option was secure, because wireless
    sniffing could reveal both valid MAC addresses
    and the SSID

7
SSID
  • SSID is a 1-32 character ASCII string that can be
    entered on the clients and APs
  • In 802.11, any client with a NULL string
    associates to any AP regardless of SSID setting
    on an AP
  • Broadcast SSIDs are required by the IEEE
    standard.
  • Some vendors have options such as SSID broadcast
    and allow any SSID

8
SSID
  • These features are enabled by default and make it
    easy to set up a wireless network
  • Using the allow any SSID option lets the AP allow
    access to a client with blank SSID
  • The SSID broadcast option sends beacon frames
    which advertise the SSID
  • MAC based authentication is not defined in 802.11
    specification

9
Wired Equivalent Privacy (WEP)
  • IEEE 802.11 standard includes WEP to protect
    authorized users of a WLAN from a casual
    eavesdropping
  • IEEE 802.11 WEP standard specifies a static
    40-bit key
  • Most vendors have extended WEP to 128 bits or
    more.
  • When using WEP, both AP and wireless client must
    have a matching WEP key
  • WEP is based on Rivest Cipher 4 (RC4)

10
WEP
  • Encryption based on key lengths greater than 64
    bits are considered high encryption standard

11
Rivest-Shamir-Adelman (RSA) Encryption Scheme
  • In RSA scheme messages are first represented as
    integers in the range (0,n-1)
  • Each user chooses his/her own value of n and
    another pair of positive integers e and d.
  • The user places the encryption key, (n,e) in the
    public directory
  • The decryption key consists of the number pair
    (n,d)

12
RSA Scheme
  • d is kept secret.
  • Encryption
  • Decryption

13
RSA Scheme
  • n is obtained by selecting two large prime
    numbers p and q such that npq
  • Although n is made public, p and q are kept
    secret due to the great difficulty in factoring n
  • Then the Euler totient function is formed. That
    is,

14
RSA Scheme
  • The parameter has an interesting property
    that for any integer X in the range (0, n-1) and
    for any integer k
  • A large integer d is randomly chosen so that it
    is relatively prime to , which means that
    and d must have no common divisors other
    than 1

15
RSA Scheme
  • That is gcd ,d1
  • Any prime number greater than the larger of
    (p,q) will suffice. Then the integer e, where
    0ltelt , is found from the relationship
  • which amounts to choosing e and d to satisfy
    Thus,

16
Example of RSA Scheme
  • Let p47, q59. Therefore, npq2773
  • (p-1)(q-1)2668. d is chosen to be
    relatively prime to . For example, choose
    d157. Next the value of e is computed as
    follows
  • Thus e17

17
RSA Scheme
  • Consider ITS ALL GREEK TO ME
  • Replacing each letter with a two-digit number in
    the range (01, 26) encoding blank as 00
  • 0920 1900 0112 1200 0718 0505 1100 2015 0013 0500
  • Each message needs to be expressed as an integer
    in the range (0, n-1) For this example,
    encryption is done on blocks of 4 digits at a
    time since this is the maximum number of digits
    that will always yield a number less than
    n-12772

18
RSA Scheme
  • The first 4 digits (0920) of the plaintext are
    encrypted as
  • C0948 2342 1084 1444 2663 2390 0778 0774 0219
    1655
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Basic Wireless LAN Security Technologies" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!