Vulnerability In Wi-Fi

1
Vulnerability In Wi-Fi

• By Angus U
• CS 265 Section 2
• Instructor Mark Stamp

2
Outline

• Why Wireless?
• Overview Security in Wirelss Networking
• WEP
• Authentication
• Integrity
• Encryptions
• Off Standard Access Control List
• Attacks
• Future Solution

3
Wireless?

• Wire Limited by power and LAN cable
• Mobility ? unwire ? Laptop Wireless
• Simple Installation
• Convenience to use
• Cost of equipment
• Popularity

4
Wireless Standards

• IEEE 802.11b
• 11Mbps 2.4Ghz band Unlicensed, 1999
• IEEE 802.11a
• 54Mbps, 5Ghz band Licensed
• IEEE 802.11g
• 54Mbps 2.4Ghz band Unlicensed, 2003
• IEEE 802.11i (Amendment)

5
Overview Wireless

• Wi-Fi Wireless Fidelity
• Hotspot Where you can have Wi-Fi access
• Two types of Wireless Networking
• ad hoc meeting or conference (no internet)
• Infrastructure base station clients
• Connect to external Network (Internet)
• Needs Access point and/or Wireless NIC

6
Overview Security in Wireless

• Protocol WEP
• Authentication (challenge Response)
• Integrity CRC-32
• Encryption Stream cipher, RC4, with IV

7
WEP

• Wired Equivalent Privacy Protocol
• Security behind the Wi-Fi
• Designed to encrypt and decrypt data for Wi-Fi
• Disable or 40 bit keys or 104 bit keys
• Uses RC4 encryption algorithm
• 64 bits for RC4 keys or none
• 40 bits for WEP key 24 bits for IV

8
Authentication in WEP

• Open Shared Key
• Picture from Mark Stamp
• Problem Know Plaintext Attack

Request for shared key auth.
Nonce N
E(N, KA-B)
Bob (base station)
Authentication response
Alice
9
Access Control List (not in WEP)

• Created by Vendors, not in 802.11 Family
• Identity Problem Who you are?
• Based on the shared Key?
• Only one shared Key
• Access List a list of MAC addresses
• Failure MAC addresses can be modifiable
• Open source device drivers

10
Encryption in WEP

• IV Secret Key XOR Plaintext
• IV is only 24 bits, too short
• 40 bits for WEP is still too short
• Remember The other 64 bits for RC4
• Given P1 P2 then C1 C2
• No session Key, One key for all operations
• Encryption and Decryption
• Access point Users

11
Integrity in WEP

• No protect against replays
• (No sequence Number in Packet)
• CRC-32 checksum is not good enough for integrity
  in experiment
• High Possibility of Collision

12
Key Management in WEP

• No key distribution systems
• Static Key and the same key for everything
• Manually Enter the secret key in Both sides
• Not practice, is often ignored

13
Attacks in WEP

• Numerous Attacks since 2001
• Fluhrer-Mantin-Shamir (FMS) attacks
• Publicly Released the tools to attack WEP
• Off-the-Shelf Hardware and Software
• Impossible to detect
• Only a couple of hours

14
Solution IEEE 802.11i

• A Future Standard for Wi-Fi
• IEEE 802.11i still Amendment
• Two new Protocols to address above issues
• New key management IEEE802.1X
• Short Term Solution TKIP
• Long Term Solution CCMP

15
TKIP

• Temporal Key Integrity Protocol
• No new hardware required but
• firmware upgrade driver upgrade
• Three element
• A message integrity code
• A packet sequencing
• A per-packet key mixing function
• 128-bit Encryption, 64-bit Authentication

16
CCMP

• Counter-Mode-CBC-MAC Protocol
• New Protocol in 802.11i
• required new hardware
• Many properties similar to TKIP
• Free from constraints of existed Hardware
• RC4 replaced by AES
• AES 128-bit, 48-bit IV, no per-packet key
• Fix all well known WEP flaws

17
The End

• Good-bye