8/12/2019 09 Wlan Security 2005

1/29

WLAN SECURITY

TEAM NAME : Crypto_5

TEAM MEMBERS:

Rajini Ananthoj

Srimani Reddy Gatla

Ishleen Kour

Pallavi MurudkarDeepagandhi Vadivelu

8/12/2019 09 Wlan Security 2005

2/29

Agenda

WLAN and architecture

Security issues faced in WLAN

Basic security of WLAN

solutions for WLAN security

802.1X

EAP Authentication methodsTKIP

CCMP

Intrusion prevention system

Hardware solutions

Things you can do to secure your wireless network

Conclusion References

8/12/2019 09 Wlan Security 2005

3/29

WLAN and Architecture

WLAN: Linking of two

or more computers

without using wires

which uses spreadspectrum technology

based on radio waves.

8/12/2019 09 Wlan Security 2005

4/29

Basic security in WLAN

SSIDs, WEP, and MAC Address Authentication:

Service Set Identifiers: Prevents access by any client device thatdoes not have the SSID.

Open or shared-key authentication, static WEP key: Accesspoint sends the client device a challenge-text packet which clientmust encrypt

Media Access Control authentication: clients MAC addressmatches an address in an authentication table

8/12/2019 09 Wlan Security 2005

5/29

Issues of WLAN Security

Ad- hoc Networks

Policy violation

Identify theft Man in the middle attack

Denial of service attack

8/12/2019 09 Wlan Security 2005

6/29

How WEP works

8/12/2019 09 Wlan Security 2005

7/29

WEP Issues

Uses RC4, a synchronous stream cipher

Does not provide mechanism for sharing Keys

Changing the Initialization Vector (IV) with each packet is

optional

CRC-32 checksum used for message integrity is linear

Concatenates IV directly to the Pre- shared key to produce a key

for RC4

8/12/2019 09 Wlan Security 2005

8/29

What is wrong with 802.11

security

Binds itself to cryptographic algorithm

No security support for handshake

Pre- shared keys One way authentication

Wired equivalent privacy (WEP)

8/12/2019 09 Wlan Security 2005

9/29

Wi-Fi Protected Access(WPA) Interim interoperable standard created by Wi-fi alliance in

response to weaknesses in Wired Equivalent Privacy (WEP) Intermediate measure to take the place of WEP while 802.11i

was prepared

Designed to work with all wireless network interface cards, butnot all first generation wireless access points.

Goals of WPA

To address the issues with WEP encryption through a softwareupgrade

To provide a secure wireless networking solution for small

office/home office (SOHO) wireless users To be forward-compatible with the upcoming IEEE 802.11i

standard

8/12/2019 09 Wlan Security 2005

10/29

Features of WPA

WPA Authentication

Pre-shared key (PSK) every user given the same pass-phrase

less secure

preferred for Personal mode - homes, small offices

IEEE 802.1X authentication

server distributes different keys to each user

enhanced security and authentication

preferred for enterprise mode - business, government, education

8/12/2019 09 Wlan Security 2005

11/29

Encryption

RC4 stream cipher using 128-bit key, 48-bit IV

larger IV defeats Key recovery attack

Key Management

Temporal Key Integrity Protocol (TKIP) - dynamically changesencryption keys for each packet.

Payload Integrity

8 Byte Message integrity code( MIC)

Calculated by algorithm called Michael

Between the payload of the 802.11 frame and the 4-byte ICV

MIC includes a frame counter to prevent replay attacks

8/12/2019 09 Wlan Security 2005

12/29

Thus, WPA makes breaking into a Wireless LAN difficult by

Increasing the size of the keys and IVs

Reducing the number of packets sent with related keys

Adding a secure message verification system

8/12/2019 09 Wlan Security 2005

13/29

IEEE 802.11i / WPA2

An amendment to the 802.11, specifying security mechanisms

for wireless networks

The draft standard was ratified on 24 June 2004

adds stronger encryption, authentication, and key management

strategies

makes use of the Advanced Encryption Standard (AES) blockcipher instead of RC4 stream cipher.

the use of WPA2 needs firmware or driver support of the wireless

host (router or access point) and the wireless client (adapter).

8/12/2019 09 Wlan Security 2005

14/29

Components of WPA2

802.1X Port-Based Network Access Control for

authentication

Counter Mode with CBC-MAC Protocol (CCMP) for

confidentiality, integrity and origin authentication

Temporary Key Integrity Protocol (TKIP) (check)

4-Way Handshake

for Encryption key distribution

8/12/2019 09 Wlan Security 2005

15/29

Comparisons between WPA and WPA2 modes

WPA WPA2

Enterprise Mode

(Business,

Government,Education)

Authentication:

IEEE

802.1X/EAP Encryption:

TKIP/MIC

Authentication:

IEEE

802.1X/EAP Encryption: AES-

CCMP

Personal Mode

(SOHO,Home/Personal)

Authentication:

PSK Encryption:

TKIP/MIC

Authentication:

PSK Encryption: AES-

CCMP

8/12/2019 09 Wlan Security 2005

16/29

IEEE 802.1X

802.1Xis an IEEE standard for port-based Network Access

Control for LANs For WLANs, it is based on the EAP, Extensible Authentication

Protocol

Fullfills the security loopholes of access control, authentication

and key management in 802.11 architecture

Contributes to a solution RSN

The authentication is usually done by a third-party entity, such as

a RADIUS server

8/12/2019 09 Wlan Security 2005

17/29

802.1X Authentication and Access Control

Client -Supplicant

Access point -Authenticator

8/12/2019 09 Wlan Security 2005

18/29

Authenticator deals with controlledand uncontrolledports

8/12/2019 09 Wlan Security 2005

19/29

802.1X Key Management : Broadcast Key Rotation(BKR):

AP periodically broadcasts the WEP shared / root key Mobiles creates session encryption keys by combining

the IV with the broadcast root key

Larger key space: key-hopping cycles through IV

space as well as the session key set Message Integrity

A non-linear MIC prevents bit-flip attacks on encrypted

packets. Implemented on access point and client devices

Adds a few bytes to each packet to make the packetstamper-proof

8/12/2019 09 Wlan Security 2005

20/29

EAP AUTHENTICATION METHODS EAP-MD5: Requires username/password , does not provide dictionary attack

resistance, mutual authentication, or key derivation

Lightweight EAP (LEAP): A username/password combination is sent to aAuthentication Server (RADIUS) for authentication.

EAP-TLS: Creates a TLS session within EAP, between the Supplicant and theAuthentication Server. Both the server and the client(s) need a valid (x509)certificate, and therefore a PKI. This method provides authentication both ways.

EAP-TTLS: Sets up a encrypted TLS-tunnel for safe transport of authenticationdata. Within the TLS tunnel, (any) other authentication methods may be used.

Protected EAP (PEAP):Uses, as EAP-TTLS, an encrypted TLS-tunnel.Supplicant certificates for both EAP-TTLS and EAP-PEAP are optional, butserver (AS) certificates are required

EAP-MSCHAPv2: Requires username/password, and is basically an EAPencapsulation of MS-CHAP-v2 .Usually used inside of a PEAP-encrypted tunnel

8/12/2019 09 Wlan Security 2005

21/29

TKIP - Temporal Key Integrity

Protocol

RC4 stream cipher as in WEP

Keys used for encryption - 128-bit long

Keys used for authentication - 64 bit long

TKIP provides Per-Packet Key Hashing to Mitigate "Weak IV" Attacks:

Each time a wireless station associates to an access point,a new base key is created which is built by hashing basekey with the IV.

Prevention of Collision attacks: Each packet transmittedusing TKIP has a unique 48-bit serial number whichincremented every time a packet is transmitted. Thissolves another problem in WEP, called "collision attacks,"which can occur when the same key is used for twodifferent packets.

8/12/2019 09 Wlan Security 2005

22/29

CCMP (Counter Mode with CBC

MAC Protocol)

CCMP uses the counter mode (CTR) for data confidentialityand the Cipher Block Chaining Message Authentication Code(CBC-MAC) for data integrity.

It uses the Advanced Encryption Standard (AES) algorithm

with a 128-bit key and a 128-bit block size. CCMP provides MIC protection over both the frame body and

nearly the entire header in a MAC frame, which prevents anadversary from exploiting the MAC headers.

CCMP uses a 48-bit Packet Number (PN) to prevent replay

attacks and construct a fresh nonce for each packet Analysis suggests that once CCMP is implemented, an

adversary will not able to break the data confidentiality andintegrity without the knowledge of the key.

8/12/2019 09 Wlan Security 2005

23/29

Dynamic Key Exchange and

Management

802.11i - key derivation/management regime

8/12/2019 09 Wlan Security 2005

24/29

IPS - Intrusion Prevention

System

An intrusion prevention system is a computersecurity device that exercises access control toprotect computers from exploitation.

IPS make access control decisions based onapplication content, rather than IP address or portsas traditional firewalls.

Access points acts as air monitors and dataforwarding devices which allows access points to

communicate real-time information about thewireless domain, including potential security threatsto Wireless LAN controllers

8/12/2019 09 Wlan Security 2005

25/29

Cisco Unified IDS/IPS

The Cisco Unified IDS/IPS is part of the Cisco Self-DefendingNetwork and is the industry's first integrated wireline andwireless security solution.

When an associated client sends malicious traffic through theUnified Wireless network, the Cisco wireline IDS devicedetects the attack and sends shun requests to Unified WLANcontrollers which will then disassociate the client device

8/12/2019 09 Wlan Security 2005

26/29

Some other solutions Smart cards

Beneficial in environments requiring authentication beyondsimple username and password

User certificate and other information are stored on the cards

Portable - users can securely access their networks fromvarious locations

VPN

Provides secure data transmission across public networkinfrastructures.

VPNs employ cryptographic techniques to protect IPinformation as it passes from one network to the next .

Use IPsec Protocol suite for ensuring private communications.

Biometrics

For agencies needing higher levels of security, biometrics suchas fingerprint/palm-print scanners , optical scanner can beintegrated with wireless smart cards

8/12/2019 09 Wlan Security 2005

27/29

Things you can do to secure your wireless

network.

Change the default Admin password on your Access Point

Check / Update the firmware for your Wireless Access Point anddrivers for your Wireless Adapter.

Use the highest level of WEP/WPA (WPA2/802.11i strongly

preferred) -- Use decent keys. Authenticate wireless users with protocols like 802.1X, RADIUS,

EAP (including EAP-PAX, EAP-PSK, EAP-TLS, EAP-TTLS,PEAP, and EAP-SIM).

Use strong encryption for all applications you use over the

wireless network, e.g., use SSH and TLS/HTTPS. Encrypt wireless traffic using a VPN (Virtual Private Network),

e.g. using IPSEC or other VPN solutions.

8/12/2019 09 Wlan Security 2005

28/29

Conclusion

The optimal security solution for WLAN

involves a combination of security

technologies.

A detailed threat risk assessment and

analysis is essential to determine which

security measures or combination of

measures are the most effective.

8/12/2019 09 Wlan Security 2005

29/29

References

en.wikipedia.org/wiki/Wi-Fi_Protected_Access

en.wikipedia.org/wiki/WPA2

http://en.wikipedia.org/wiki/IEEE_802.1x

en.wikipedia.org/wiki/TKIP http://www.networkworld.com/reviews/2004/1004wir

elesstkip.html

http://tldp.org/HOWTO/html_single/8021X-

HOWTO/#p8021x www.wi-fiplanet.com/tutorials/article.php/953561

www.drizzle.com/~aboba/IEEE/

http://en.wikipedia.org/wiki/IEEE_802.1xhttp://tldp.org/HOWTO/html_single/8021X-HOWTO/http://tldp.org/HOWTO/html_single/8021X-HOWTO/http://www.wi-fiplanet.com/tutorials/article.php/953561http://www.drizzle.com/~aboba/IEEE/http://www.drizzle.com/~aboba/IEEE/http://www.wi-fiplanet.com/tutorials/article.php/953561http://www.wi-fiplanet.com/tutorials/article.php/953561http://www.wi-fiplanet.com/tutorials/article.php/953561http://tldp.org/HOWTO/html_single/8021X-HOWTO/http://tldp.org/HOWTO/html_single/8021X-HOWTO/http://tldp.org/HOWTO/html_single/8021X-HOWTO/http://en.wikipedia.org/wiki/IEEE_802.1x