Embed Size (px)
Citation preview
Wireless LAN Wireless LAN SecuritySecurity
Yen-Cheng Chen
Department of Information Management
National Chi Nan University
Outline
1. Introduction2. WLAN Authentication3. WEP (Wired Equivalent Privacy)4. IEEE 802.1x5. Conclusion
1. Introduction
Increasing popularity of IEEE 802.11 Wireless LANs (WLANs)
More laptops and PDAs equipped with WLAN interface. (Intel Centrinotm) By 2005, over 80 percent of professional notebook
PCs will have an WLAN interface. Public Wireless LAN Hotspots
ISPs provide WLAN access services at airports, coffee shops, conference centers, shopping malls, …
Comparisons among 802.11 Versions
InternetInternet
: Access Point
CoffeeShop Airport
ConferenceCenter
Wireless LAN Hotspots
WLANAdapter
Internet/Intranet
RouterSwitch
Router
Switch
WLANAdapter
+
PDANotebook PC
Typical Wireless LAN Configuration
Access Point
IEEE 802.11 Association Services
Three association services defined in 802.11 Association ServiceAssociation Service:
Before a mobile client is allowed to send a data message via an AP, it shall first become associated with the AP.
Reassociation ServiceReassociation Service: The reassociation service is invoked to “move” a current a
ssociation from one AP to another. Disassociation ServiceDisassociation Service:
The disassociation service is invoked whenever an existing association is to be terminated.
A Scenario
Internet
Internet
AP #1 AP #2
AssociateAssociate(1)ReassociateReassociate
(2)
DisassociateDisassociate(3)
move leave
(1) Association(2) Reassociation(3) Disassociation
WiredNetwork
802.11 Client Authentication
802.11 Client Authentication
1. Client broadcasts a probe request frame on every channel2. Access points within range respond with a probe respons
e frame3. The client decides which access point (AP) is the best for
access and sends an authentication request4. The access point will send an authentication reply5. Upon successful authentication, the client will send an as
sociation request frame to the access point6. The access point will reply with an association response7. The client is now able to pass traffic to the access point
Security Threats
Data transmitted can be easily intercepted. Signal coverage area cannot be well limited. Intentional and non-intentional interference.
User authentication to prevent unauthorized
access to network resources Data privacy to protect the integrity and
privacy of transmitted data
2. WLAN Authentication
SSIDs (Service Set IDs) Open Authentication Shared Key Authentication MAC Address Authentication
SSIDs (Service Set IDs)
SSIDs (Service Set IDs)
Vulnerability of Using SSIDs SSID can be obtained by
eavesdropping.
Open Authentication
Null authentication Some hand-held devices do not have
capabilities for complex authentication algorithms.
Any device that knows the SSID can gain access to the WLAN.
Open Authentication with Differing WEP Keys
Shared Key Authentication
1. The client sends an authentication request to the access point requesting shared key authentication
2. The access point responds with an authentication response containing challenge text
3. The client uses its locally configured WEP key to encrypt the challenge text and reply with a subsequent authentication request
4. If the access point can decrypt the authentication request and retrieve the original challenge text, then it responds with an authentication response that grants the client access
Shared Key Authentication• Use of WEP key• Key distribution and
management
Shared Key Authentication Vulnerabilities
Stealing Key stream WEP uses RC4
Man-in-the-Middle Attack
C = P RC4(K)
C P = P RC4(K) P = RC4(K)
Deriving Key Stream
MAC Address Authentication
Not specified in 802.11 Many AP products support MAC
address authentication. MAC address authentication verifies
the client’s MAC address against a locally configured list of allowed addresses or against an external authentication server.
MAC Address Filtering in APs
MAC Authentication via RADIUS
MAC Address Authentication Vulnerabilities
MAC Address Spoofing Valid MAC addresses can be observed by a pr
otocol analyzer. The MACs of some WLAN NICs can be overwrit
ten.
3. WEP (Wired Equivalent Privacy)
IEEE 802.11 Std. Goals
Confidentiality Access Control Data Integrity
WEP Key: 64-bit, 128-bit
WEP (Wired Equivalent Privacy)
-- 4 Keys-- 104-bit key + 24-bit IV
104 bits
(104 bits) (128 bits)
(104 bits) (128 bits)
WEP Vulnerabilities
Key attacks Statistical key derivation – Several IVs
can reveal key bytes after statistical analysis.
Secret key problems Confidentiality attacks Integrity attacks Authentication attack
IV Replay Attack
Growing a Key Stream
Keystream Reuse in WEP
Keystream Reuse in WEP WEP standard recommends that IV be
changed after every packet. Many WLAN cards reset the IV to 0
each time they were re-initialized, and then incremented the IV by one after each packet transmitted.
IV is only 24 bits wide.1500 byte packets, 5 Mbps bandwidthhalf of a day
4. IEEE 802.1X
Port-Based Network Access Control To provide a means of authenticating and authori
zing devices attached to a LAN port that has point-to-point connection characteristics
To prevent access to that port in cases in which the authentication and authorization process fails.
802.1X requires three entities: The supplicant—resides on the wireless LAN client The authenticator—resides on the access point The authentication server—EAP server, mostly RADIUS
server
802.1X in LANs
EAP: Extended Authentication ProtocolRADIUS:Remote Authentication Dial In User Service
• EAP-MD5• EAP-TLS
Supplicant, Authenticator, and Authentication Server
PAE: port access entity
Supplicant Authentication Server
Challenge Text
MD5 (Password + Challenge Text)
Accept / Reject
EAP-MD5
EAP-TLS
TLS: Transport Layer Security Use TLS public key certification
mechanism within EAP. Digital certificate signed by CA Mutual Authentication
Client Certificate Server Certificate
Key exchange / Dynamic session key
Man-In-The-Middle Attack
Absence of Mutual Authentication
Session Hijacking
5. Conclusion IEEE 802.11i
TKIP: Temporal Key Integrity Protocol AES: Advanced Encryption Standard
Certificate based authentication EAP-TLS, EAP-TTLS, PEAP
Password authentication LEAP, Diffie-Hellman exchange, SPEKE: ZKPP(Zero Knowledge Password Proo
f)
““A Comprehensive Review of 802.11 Wireless LAN Security and the Cisco A Comprehensive Review of 802.11 Wireless LAN Security and the Cisco Wireless Security Suite”Wireless Security Suite”http://www.cisco.com/warp/public/cc/pd/witc/ao1200ap/prodlit/wswpf_wp.pdfhttp://www.cisco.com/warp/public/cc/pd/witc/ao1200ap/prodlit/wswpf_wp.pdf
““Intercepting Mobile Communications: the Insecurity of 802.11”Intercepting Mobile Communications: the Insecurity of 802.11”, Borisov, N., Goldberg, I., and Wagner, D., Proc. Of the 7th ACM International Conference on Mobile Computing and Networking, Rome, July 2001.
““An Initial Analysis of the IEEE 802.1X Standard”An Initial Analysis of the IEEE 802.1X Standard”, Mishra, A., Arbaugh, W. A., University of Maryland, February 2002.
““IEEE Std 802.11 Wireless LAN Medium Access Control and Physical LayeIEEE Std 802.11 Wireless LAN Medium Access Control and Physical Layer Specifications”r Specifications”IEEE, 1999
Reference
