Wireless%20Security%20(802.11b) - PowerPoint PPT Presentation

About This Presentation
Title:

Wireless%20Security%20(802.11b)

Description:

Title: Security Issues in 802.11b WLANs Author: Mahendran Velauthapillai Last modified by: Mahendran Velauthapillai Created Date: 4/28/2003 2:14:22 AM – PowerPoint PPT presentation

Number of Views:198
Avg rating:3.0/5.0
Slides: 45
Provided by: Mahen7
Category:

less

Transcript and Presenter's Notes

Title: Wireless%20Security%20(802.11b)


1
Wireless Security (802.11b)
  • Mahendran Velauthapillai
  • April 29, 2004

2
  • Agenda
  • Introduction to WLAN
  • Communication Security Requirements
  • 802.11b Security Architecture
  • Security Issues in 802.11b
  • Proposed Solutions for Enhanced Security

3
Introduction to WLAN
  • Two modes
  • 1) Infrastructure
  • 2) Adhoc

4
Infrastructure Network
5
Ad-Hoc Network

6
  • Prior to communicating data, wireless clients and
    access points must establish a relationship, or
    an association.
  • Only after an association is established can the
  • two wireless stations exchange data.

7
Infrastructure Mode
  • clients associate with an access point.
  • The association process is a two step process
    involving three states
  • 1. Unauthenticated and unassociated,
  • 2. Authenticated and unassociated, and
  • 3. Authenticated and associated.

8
  • To transition between the states, the
    communicating parties exchange messages called
    management frames.
  • All access points transmit a beacon management
    frame at fixed interval.
  • To associate with an access point and join a BSS,
    a client listens for beacon messages to identify
    the access points within range.
  • The client then selects the BSS to join in a
    vendor independent manner.

9
  • A client may also send a probe request management
    frame to find an access point affiliated with a
    desired SSID.
  • After identifying an access point, the client and
    the access point perform a mutual authentication
    by exchanging several management frames as part
    of the process.
  • After successful authentication, the client moves
    into the second state, authenticated and
    unassociated.
  • Moving from the second state to the third and
    final state, authenticated and associated,
    involves the client sending an association
    request frame, and the access point responding
    with an association response frame.

10
Authentication Management Frame
11
WEP
(encrypted traffic
  • The industrys solution WEP (Wired Equivalent
    Privacy)
  • Share a single cryptographic key among all
    devices
  • Encrypt all packets sent over the air, using
    the shared key
  • Use a checksum to prevent injection of spoofed
    packets

12
Communication Security Requirements
  • Privacy
  • Data Integrity
  • Authentication

13
802.11b Security Architecture
  • Link-layer security protocol
  • Prevent link-layer eavesdropping
  • Control network access
  • WEP (Wired Equivalent Protocol)
  • Essentially, equivalent to wired
  • access point security

14
WEP Requirements
  • Reasonably Strong (What does this mean?)
  • Self-synchronizing
  • Computationally efficient
  • Exportable
  • Optional

15
WEP Data Frame
16
802.11b Shared Key Authentication
17
Security Issues
  • War Driving / Sniffing (Parking Lot attack)
  • Rogue Access Points
  • MAC Address
  • SSID
  • WEP

18
War Driving
  • War driving is one of the latest hacker fads
  • http//www.wardriving.com/
  • Involves driving around and scanning in search of
    unprotected 802.11 wireless networks
  • Several War Driving tools are available
  • NetStumbler
  • AiroPeek
  • MobileManager
  • Sniffer Wireless
  • THC-WarDrive

19
War Driving Example
20
Parking Lot Attack
21
Unauthorized Access Points
  • Install access points without permission
  • (Bala!!!!! Shuuuu!)
  • Security is NOT enabled
  • The whole Network becomes vulnerable
  • to war driving/sniffing attacks

22
Using MAC Address
  • Control access by allowing only valid
  • MAC addresses to access the network
  • Complicated and difficult to maintain list of
    valid MAC addresses
  • Using software, MAC addresses can be spoofed

23
Service Set ID (SSID)
  • SSID is the network name given to a wireless
    network
  • Can be used to access a specific access point by
    name
  • The more people that come to know about the SSID
    the more likely that it will be misused
  • Changes in SSID requires communicating it to all
    people who access the network

24
Wired Equivalent Protocol (WEP)
  • Not an industrial strength encryption protocol
  • Vulnerable to attack
  • Passive attacks to decrypt traffic based on
    statistical analysis
  • Active attacks to inject new traffic from
    unauthorized mobile stations, based on known
    plaintext
  • Dictionary-building attack that, after analysis
    of a days worth of traffic, allows real-time
    automated decryption of all traffic
  • All users share the same encryption key
  • Data headers are not encrypted
  • Initialization Vector (IV) Misuse
  • Weakness in RC4s Key Scheduling Algorithm

25
WEP - A Little More Detail
IV, P ? RC4(K, IV)
  • WEP uses the RC4 stream cipher to encrypt a
    TCP/IPpacket (P) by xor-ing it with keystream
    (RC4(K, IV))

26
A Property of RC4
  • Keystream leaks, under known-plaintext attack
  • Suppose we intercept a ciphertext C, and suppose
    we can guess the corresponding plaintext P
  • Let Z RC4(K, IV) be the RC4 keystream
  • Since C P ? Z, we can derive the RC4 keystream
    Z by P ? C P ? (P ? Z) Z
  • This is not a problem ... unless keystream is
    reused!

27
A Risk of Keystream Reuse
  • If IVs repeat, confidentiality is at risk
  • If we send two ciphertexts (C, C) using the same
    IV, then the xor of plaintexts leaks (P ? P C
    ? C), which might reveal both plaintexts
  • ? Lesson If RC4 isnt used carefully, it becomes
    insecure

28
A Risk With RC4
  • If any IV ever repeats, confidentiality is at
    risk
  • Suppose P, P are two plaintexts encrypted with
    same IV
  • Let Z RC4(key, IV) then the two ciphertexts
    areC P ? Z and C P ? Z
  • Note that C ? C P ? P,hence the xor of both
    plaintexts is revealed
  • If there is redundancy, this may reveal both
    plaintexts
  • Or, if we can guess one plaintext, the other is
    leaked
  • So If RC4 isnt used carefully, it becomes
    insecure

29
Attack 1 Keystream Reuse
  • WEP didnt use RC4 carefully
  • The problem IVs frequently repeat
  • The IV is often a counter that starts at zero
  • Hence, rebooting causes IV reuse
  • Also, there are only 16 million possible IVs, so
    after intercepting enough packets, there are sure
    to be repeats
  • ? Attackers can eavesdrop on 802.11 traffic
  • An eavesdropper can decrypt intercepted
    ciphertexts even without knowing the key

30
WEP -- Even More Detail
IV
original unencrypted packet
31
Attack 2 Spoofed Packets
  • Attackers can inject forged 802.11 traffic
  • Learn RC4(K, IV) using previous attack
  • Since the checksum is unkeyed, you can then
    create valid ciphertexts that will be accepted by
    the receiver
  • ? Attackers can bypass 802.11 access control
  • All computers attached to wireless net are
    exposed

32
Attack 3 Reaction Attacks
P ? RC4(K)
  • TCP ACKnowledgement appears ? TCP checksum on
    received (modified) packet is valid ? P
    0x0101 has exactly 1 bit set
  • ? Attacker can recover plaintext (P) without
    breaking RC4

33
Attacks on WEP
  • Downloadable procedures
  • To crack the key
  • AirSnort http//airsnort.sourceforge.net/
  • WEPCrack http//sourceforge.net/projects/wepcrack
    /
  • To brute force enter into WLAN
  • THC-RUT www.thehackerschoice.com/releases.php

34
Proposed Solutions to Enhance Security
  • Virtual Private Network (VPN)
  • Secure LAN (SLAN)
  • Remote Authentication Dial In User Services
    (RADIUS)
  • IPsec
  • 802.1x
  • Proprietary WEP Implementations

35
VPN
  • Enables you to send data between two computers
    across a shared or public network in a manner
    that emulates the properties of a point-to-point
    private link
  • Provides a scaleable authentication and
    encryption solution
  • Does require end user configuration and a strong
    knowledge of VPN technology
  • Users must re-authenticate if roaming between VPN
    servers

36
(No Transcript)
37
Secure LAN (SLAN)
  • A GPL open-source VPN System
  • Provides server authentication, client
    authentication, data privacy, and integrity using
    per session and per user short life keys
  • Simpler and more cost efficient than a VPN
  • Support for Windows and Linux
  • Website http//slan.sourceforge.net/

38
SLAN Architecture
39
RADIUS
  • Several 802.11 access points offer RADIUS
    authentication
  • Clients can gain access to the network by
    supplying a username and password to a separate
    server
  • This information is securely sent over the
    network eliminating the possibility of passive
    snooping

40
IPsec
  • Provides encryption and authentication services
    at the IP level of the network protocol stack
  • Can be used to secure nearly any type of Internet
    traffic
  • Legacy applications not implementing secure
    communications can be made secure using IPsec
  • Examples
  • Free S/WAN - http//www.freeswan.org/

41
IPsec - Disadvantages
  • IPsec authenticates machines, not users
  • IPsec does not stop Denial-of-Service attacks
  • IPsec is not true end-to-end security
  • IPsec cannot be secure if your system isnt

42
802.1x
  • Provides enhanced security for users of 802.11b
    WLANs
  • Provides port-level authentication for any wired
    or wireless Ethernet client system
  • 802.1x was originally designed as a standard for
    wired Ethernet, but is applicable to WLANs
  • It leverages many of the security features used
    with dial-up networking (RADIUS)
  • Also uses Extensible Authentication Protocol
    (EAP, RFC 2284)
  • Built in support in Windows XP

43
802.1x Authentication
44
Proprietary WEP Security
  • Dynamic Key Refresh instead of static keys
  • Use of 3DES/AES instead of RC4 (NetMotion
    Wireless)
  • Disadvantages
  • Interoperability Issues (non-WiFi Compliant)

45
Conclusion
  • Wireless LANs are very useful and convenient, but
    current security state not ideal for sensitive
    environments
  • Care must be taken before sensitive information
    is made available over Wireless LANs
Write a Comment
User Comments (0)
About PowerShow.com