Security And Availability For Wireless Communication

1
Security And Availability For Wireless
Communication
Organization Post Telestyrelse Anders
Rafting Coach Lars
Adolfsson Co-Coach Fredrik
Lilieblad
Mehdi Ghasemi
Xiaodong Hu
Yvonne Grunnevall
2
Security And Availability For Wireless
Communication
Presentation disposition

• Goals
• What is Wireless Security?
• Threats in wireless LAN
• Security implementations in
• HiperLAN/2, IEEE 802.11a, b and Bluetooth
• IP-Roaming (WVPN)
• OS security
• Conclusion

3
Security And Availability For Wireless
Communication
Goals

• Classifying security threats in WLAN
• Security implementation in HiperLAN/2, 802.11 and
  Bluettoth
• Comparing HiperLAN, 802.11 and Bluetooth with
  each other
• Seamless IP-Roaming
• Security solutions
• Inventory of terminals on the market

4
Security And Availability For Wireless
Communication
What is WLAN Security?
5
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Passive attacks
• Active attacks

6
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Passive attacks Eavesdropping (sniffering)
• Very easy in the radio environment.
• If the wireless LAN is inside a building, the
  eavesdropping could actually occur from an
  external point

7
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Active attacks
• Social Engineering
• Impersonation
• Exploits
• Data Driven
• Transitive Trust
• Infrastructure
• Denial of Service

Similar in Wired Wireless Communication
8
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Social Engineering
• Fooling the victim for fun and profit
• Example
• Please change your password to fooble
• Attacker then logs in as user from our network
• System bugs exploited to gain complete run of
  system

9
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Impersonation
• Stealing access rights of authorized users
• Example
• Attacker with network sniffer (tcpdump,nitsniff,
  etc) at trade show or network captures complete
  login session
• Attacker later logs into system with user-id and
  stolen password

10
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Exploits
• Exploiting a hole in software or
  operatingsystems
• Example
• Attacker sends a message to invalid recipient
  that appears to have come from a program
  invocation

11
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Data Driven
• Trojans, trapdoors, viruses
• Example
• Attacker logs into user's account

12
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Transitive Trust
• Attacker fools the mobile host into trusting a
  base station controlled by the attacker
• Wireless LANs offer an interface to an attacker
  requiring no physical arrangements

13
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Infrastructure
• Taking advantage of protocol or infrastructure
  features or bugs
• Infrastructure attacks are based on weaknesses in
  the system software bugs, configuration
  mistakes, hardware failures, etc.
• Similar to problems in wired LANS.
• Protection against this type of attacks is nearly
  impossible. Efforts should be made to minimize
  potential damage.

14
Security And Availability For Wireless
Communication
Threats in Wireless Communication

• Denial of Service
• Preventing system from being used
• As result of the nature of radio transmissions,
  wireless LANs are very vulnerable to DOS attacks
• With a powerful enough transceiver, an attacker
  can easily generate enough interference to jam
  communications

15
Security And Availability For Wireless
Communication

• Security Implementation in
• IEEE 802.11
• HiperLAN
• Bluetooth

16
Security And Availability For Wireless
Communication
802.11 Wired Equivalent Privacy (WEP)

• Designed to be computationally efficient,
  self-synchronizing and exportable
• All users of a given access point share the same
  encryption key
• Shared key authentication
• Vulnerable to attack
• Data headers remain unencrypted so anyone can see
  the source and destination of the data stream

17
Security And Availability For Wireless
Communication
802.11 Service Set ID (SSID)

• SSID is the network name for a wireless network
• Can be required to specifically request the
  access point by name (lets SSID act as a
  password)
• The more people that know the SSID, the higher
  risks for misuse
• Changing the SSID requires communicating the
  change to all users of the network

18
Security And Availability For Wireless
Communication
802.11 MAC Address

• Can control access by allowing only defined MAC
  addresses to connect to the network
• Must compile, maintain, and distribute a list of
  valid MAC addresses to each access point
• This address can be spoofed
• Not a valid solution for public applications

19
Security And Availability For Wireless
Communication
Bluetooth

• Three security modes
• Non-secure
• Link level security, four entities
• Service levle security, three security levels

20
Security And Availability For Wireless
Communication
HiperLAN/2

• Authentication
• Pre-shared key
• Public key
• Encryption

21
Security And Availability For Wireless
Communication
Comparison between the standards
22
Security And Availability For Wireless
Communication
Interoperability

• 802.11a and 802.11b work on different
  frequencies, so Can coexist in one network
• Interference between 802.11b and Bluetooth (near
  each other)
• HiperLAN/2 is not interoperable with 802.11a or
  802.11b

23
Security And Availability For Wireless
Communication
Wireless VPN

• Security and seamless IP-Roaming
• IP Mobility
• Session Mobility

24
Security And Availability For Wireless
Communication
IP Mobility
25
Security And Availability For Wireless
Communication
Session Mobility
26
Security And Availability For Wireless
Communication
OS Security
27
Security And Availability For Wireless
Communication
Windows Security
28
Security And Availability For Wireless
Communication
Unix security
29
Security And Availability For Wireless
Communication
Conclusion

• Wireless LANs very useful and convenient, but
  current security state not ideal for sensitive
  environments.
• Growing use and popularity require increased
  focus on security
• Cannot forget client security
• Strong end user security policies and
  configurations
• The nature of the radio communication makes it
  practically impossible to prevent some attacks,
  like denial of service using radio interference
• Firewalls
• Wireless VPN

30
Security And Availability For Wireless
Communication
Questions?
31
Security And Availability For Wireless
Communication
What is WLAN (Wireless Local Area Network) ?
32
Security And Availability For Wireless
Communication
HiperLAN/2,IEEE 802.11 and Bluetooh
33
Security And Availability For Wireless
Communication
IP-Roaming
34
Security And Availability For Wireless
Communication
802.11

• 2.4GHz operating frequency
• 1 to 2 Mbps throughput
• Can choose between frequency hopping or direct
  sequence spread modulation

35
Security And Availability For Wireless
Communication
802.11a

• Operates in 5GHz band (less RF interference than
  2.4GHz range)
• Users Orthogonal Frequency Division Multiplexing
  (OFDM)
• Supports data rates up to 54 Mbps
• Currently no products available, expected in
  fourth quarter

36
Security And Availability For Wireless
Communication

802.11b

• Operates in 2.4GHz band
• Data rates can be as high as 11 Mbps
• Only direct sequence modulation is specified
• Most widely deployed today

37
Security And Availability For Wireless
Communication
HiperLAN/2

• Development led by the European
  Telecommunications Standards Institute (ETSI)
• Operates in the 5 GHz range, uses OFDM
  technology, and support data rates over 50Mbps
  like 802.11a
• QoS

38
Security And Availability For Wireless
Communication

VPN (Virtual Private Network)

• Provides a scaleable authentication and
  encryption solution
• Does require end user configuration and a strong
  knowledge of VPN technology
• Users must re-authenticate if roaming between VPN
  servers

39
Security And Availability For Wireless
Communication
WEP Encapsulation

• WEP Encapsulation Summary
• Encryption Algorithm RC4
• Per-packet encryption key 24-bit IV
  concatenated to a pre-shared key
• WEP allows IV to be reused with any frame
• Data integrity provided by CRC-32 of the
  plaintext data (the ICV)
• Data and ICV are encrypted under the per-packet
  encryption key

40
Security And Availability For Wireless
Communication
Difference between HiperLAN/2 and 802.11

• Higher efficiency with regard to throughput
• Main difference is at MAC-layer
• Can be used in a vriouse core network envoironment

41
Security And Availability For Wireless
Communication
Vulnerability