Evolution of Wireless LAN Security Standards - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

Evolution of Wireless LAN Security Standards

Description:

Secrecy of the cryptographic algorithm (restricted algorithm) The cryptographic algorithm is not a secret, but ... Attacking wireless laptop* :promiscuous mode ... – PowerPoint PPT presentation

Number of Views:90
Avg rating:3.0/5.0
Slides: 22
Provided by: har100
Category:

less

Transcript and Presenter's Notes

Title: Evolution of Wireless LAN Security Standards


1
Evolution of Wireless LAN Security Standards
Bo Li Daniel Menchaca Harold Lee Narendra Kamat
2
Outline
  • Why security?
  • Demo (hopefully answers the above)
  • Wired Equivalent Privacy and flaws
  • VPN
  • 802.1x and design flaws
  • 802.11i (anticipated)
  • Conclusions and recommendations

3
Purposes of network security
  • Four main purposes
  • Secrecy (or confidentiality) Encryption of
    information
  • Secrecy of the cryptographic algorithm
    (restricted algorithm)
  • The cryptographic algorithm is not a secret, but
    the key is.
  • Authentication Verification of identity of
    participants
  • Message integrity Assurance that message
    received was not altered
  • Non-repudiation Deniable sending of a message
    not possible

4
Security
  • Somebody elses job!
  • But only people with a UT EID can connect to
    this Wireless LAN
  • Isnt there some sort of encryption?

5
A Demo
  • The Cast
  • Typical wireless Laptop User (you?)
  • Typical unskilled hacker (me, for this demo!)
  • Typical unprotected WLAN (ENS)
  • Attacking wireless laptop promiscuous mode
  • Courtesy Network Engineering Lab (Prof. Bill
    Bard)

6
The Next StepWEP
  • Encryption.
  • Initial idea Wired Equivalent Privacy (WEP)
  • An implementation of RC4 a commercial
    stream-cipher
  • C (Mc(M)) XOR RC4(IV,k)
  • Integrity
  • 32-bit integrity check vector (CRC)
  • Authentication
  • Open System (!)
  • Shared Key (40-bit challenge/response)

7
Secure? Not quite
  • k is 40 (recently, 104 bits), infrequently
    changed
  • IV can be seen by everyone
  • IV space is small (24 bits)
  • C1 P1 XOR RC4(IV, k)
  • C2 P2 XOR RC4(IV, k)
  • C1 XOR C2 P1 XOR P2.
  • IV changed on per-packet basis.
  • IV collision 24-bit IV, exhausted in a few hours.

8
IEEE 802.1x
  • Provides an architecture for authenticity methods
  • Simplicity
  • Simple transport for EAP messages
  • Runs over all 802 LANs
  • Inherits EAP (Extensible Authentication Protocol)
    architecture
  • Provides port-based network access control
  • Network port An association between a Station
    and an AP
  • Provides dynamic key management

9
802.1x Set Up
10
IEEE 802.1x Check List
  • Improvement over WEP
  • Authentication
  • Dynamic key management
  • MAC access control
  • 802.1x issue
  • No encryption specification, vendors may keep WEP

11
Known Design Flaw- MITM Attack
  • An attacker acts as an AP to supplicant and as
    client to the AP (authenticator)
  • Reason lack of mutual authentication
  • One way authentication of the supplicant to AP
  • An attacker can get all network traffic from
    supplicant to pass through it

12
Other Known Design Flaws
  • Session Hijacking
  • Lack of clear communication between RSN and
    802.1x state machines and message authentication
  • Denial of Service
  • 802.1x enables per-user session keys, but no
    keyed message integrity check in 802.11

13
Solutions
  • Per-packet authentication
  • Authentication and integrity of EAP messages
  • Peer-to-peer authentication
  • Symmetric authentication
  • Scalable authentication
  • Adopt strong encryption algorithms
  • Luckily, 802.11i modified 802.1x

14
IEEE 802.11i
  • 802.11i proposed architecture
  • 802.1x
  • Robust authentication
  • Key distribution
  • TKIP (upgrade path)
  • Fixes WEP issues
  • Backward compatible
  • CCMP (Mandatory)
  • Advanced Encryption Standard (AES)
  • Privacy, integrity

15
802.11i Data Transfer Requirements
  • Never send or receive unprotected data
  • Message origin authenticity-prevent forgeries
  • Sequence packets-detect replays
  • Protect source and destination addresses
  • Use one strong cryptographic primitive for both
    confidentiality and integrity

16
More 802.11i Features
  • Pre-authentication and roaming
  • PEAP and legacy authentication support
  • Pre-shared key without authentication
  • Ad hoc networks
  • Home networks
  • Password-to-Key mapping
  • Home networks
  • Random number generation
  • High quality pseudo-random number generator is
    required of cryptographic applications

17
IEEE 802.11i Checklist
  • New 802.11i data protocols provide
    confidentiality, data origin authenticity, replay
    protection
  • Fresh key is generated on every session
  • Key management delivers keys used as
    authorization tokens, proving channel access in
    authorized
  • Architecture ties keys to authentication

18
Is 802.11i Our Final Solution?
  • Time will prove it !!

19
Conclusions
  • No solution/protocol is completely secure, at
    least not for long
  • Hacking techniques improved, standards have to
    keep pace, and evolve continuously
  • Lessons from previous standards
  • Wired solutions implemented in a wireless
    environment
  • Partial solution cannot work

20
Recommendations
  • Use of strong cryptographic primitives
  • Tradeoff between speed and security
  • Hardware support for encryption
  • Dynamic key management
  • Mutual authentication
  • Complexity vs. manageability

21
Q A
Write a Comment
User Comments (0)
About PowerShow.com