Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to...
If you can't read please download the document
Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized
Investigators have published numerous reports of birds taking
turns vocalizing; the bird spoken to gave its full attention to the
speaker and never vocalized at the same time, as if the two were
holding a conversation Researchers and scholars who have studied
the data on avian communication carefully write the (a) the
communication code of birds such has crows has not been broken by
any means; (b) probably all birds have wider vocabularies than
anyone realizes; and (c) greater complexity and depth are
recognized in avian communication as research progresses. The Human
Nature of Birds, Theodore Barber
Slide 3
IEEE 802 committee for LAN standards IEEE 802.11 formed in
1990s charter to develop a protocol & transmission
specifications for wireless LANs (WLANs) since then demand for
WLANs, at different frequencies and data rates, has exploded hence
seen ever-expanding list of standards issued
Slide 4
Slide 5
802.11b first broadly accepted standard Wireless Ethernet
Compatibility Alliance (WECA) industry consortium formed 1999 to
assist interoperability of products renamed Wi-Fi (Wireless
Fidelity) Alliance created a test suite to certify interoperability
initially for 802.11b, later extended to 802.11g concerned with a
range of WLANs markets, including enterprise, home, and hot
spots
Slide 6
Slide 7
Slide 8
wireless traffic can be monitored by any radio in range, not
physically connected original 802.11 spec had security features
Wired Equivalent Privacy (WEP) algorithm but found this contained
major weaknesses 802.11i task group developed capabilities to
address WLAN security issues Wi-Fi Alliance Wi-Fi Protected Access
(WPA) final 802.11i Robust Security Network (RSN)
Slide 9
Symmetric key crypto Confidentiality Station authorization Data
integrity Self synchronizing: each packet separately encrypted
Given encrypted packet and key, can decrypt; can continue to
decrypt packets when preceding packet was lost Unlike Cipher Block
Chaining (CBC) in block ciphers Efficient Can be implemented in
hardware or software 9
Slide 10
Combine each byte of keystream with byte of plaintext to get
ciphertext m(i) = ith unit of message ks(i) = ith unit of keystream
c(i) = ith unit of ciphertext c(i) = ks(i) m(i) ( = exclusive or)
m(i) = ks(i) c(i) WEP uses RC4 10 keystream generator key
keystream
Slide 11
Recall design goal: each packet separately encrypted If for
frame n+1, use keystream from where we left off for frame n, then
each frame is not separately encrypted Need to know where we left
off for packet n WEP approach: initialize keystream with key + new
IV for each packet: 11 keystream generator Key+IV packet keystream
packet
Slide 12
Sender calculates Integrity Check Value (ICV) over data
four-byte hash/CRC for data integrity Each side has 104-bit shared
key Sender creates 24-bit initialization vector (IV), appends to
key: gives 128-bit key Sender also appends keyID (in 8-bit field)
128-bit key inputted into pseudo random number generator to get
keystream data in frame + ICV is encrypted with RC4: Bytes of
keystream are XORed with bytes of data & ICV IV & keyID are
appended to encrypted data to create payload Payload inserted into
802.11 frame 12 encrypted dataICVIV MAC payload Key ID
Slide 13
13 New IV for each frame
Slide 14
Receiver extracts IV Inputs IV and shared secret key into
pseudo random generator, gets keystream XORs keystream with
encrypted data to decrypt data + ICV Verifies integrity of data
with ICV Note that message integrity approach used here is
different from the MAC (message authentication code) and signatures
(using PKI). 14 encrypted dataICVIV MAC payload Key ID
Slide 15
15 Nonce: number (R) used only once in-a-lifetime How: to prove
Alice live, Bob sends Alice nonce, R. Alice must return R,
encrypted with shared secret key I am Alice R K (R) A-B Alice is
live, and only Alice knows key to encrypt nonce, so it must be
Alice!
Slide 16
16 AP authentication request nonce (128 bytes) nonce encrypted
shared key success if decrypted value equals nonce Not all APs do
it, even if WEP is being used. AP indicates if authentication is
necessary in beacon frame. Done before association.
Slide 17
security hole: 24-bit IV, one IV per frame, -> IVs
eventually reused IV transmitted in plaintext -> IV reuse
detected attack: Trudy causes Alice to encrypt known plaintext d 1
d 2 d 3 d 4 Trudy sees: c i = d i XOR k i IV Trudy knows c i d i,
so can compute k i IV Trudy knows encrypting key sequence k 1 IV k
2 IV k 3 IV Next time IV is used, Trudy can decrypt!
Slide 18
numerous (stronger) forms of encryption possible provides key
distribution uses authentication server separate from access
point
Slide 19
AP: access point AS: Authentication server wired network STA:
client station 1 Discovery of security capabilities 3 STA and AS
mutually authenticate, together generate Master Key (MK). AP
servers as pass through 2 3 STA derives Pairwise Master Key (PMK)
AS derives same PMK, sends to AP 4 STA, AP use PMK to derive
Temporal Key (TK) used for message encryption, integrity
Slide 20
Slide 21
wired network EAP TLS EAP EAP over LAN (EAPoL) IEEE 802.11
RADIUS UDP/IP EAP: end-end client (mobile) to authentication server
protocol EAP sent over separate links mobile-to-AP (EAP over LAN)
AP to authentication server (RADIUS over UDP)