Upload
vunguyet
View
230
Download
1
Embed Size (px)
Citation preview
2#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Learning Goals
Authentication with 802.1X
But first: We need to understand some PKI
And before that, we need a cryptography primer…
And before that … What is security
3#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Security basics
What is security ?
4#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Biggest security challenge at BH
6#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Why study cryptography?
• Absolutely critical to wireless security
• Heavily used during authentication process
• Protects data in transit
• Makes you more interesting at parties
7#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Meet Bob and Alice
Bob and Alice are traditionally used in examples of cryptography
8#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Symmetric Key Cryptography
9#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Symmetric Key Cryptography
• Strength:– Simple and very fast (order of 1000 to 10000 faster than asymmetric mechanisms)
• Challenges:– Must agree on the key beforehand
– How to securely pass the key to the other party?
• Examples: AES, 3DES, DES, RC4
• AES is the current “gold standard” for security
10#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Public Key Cryptography (Asymmetric)
11#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Public Key Cryptography
• Strength– Solves problem of passing the key
– Allows establishment of trust context between parties
• Challenges:– Slow (MUCH slower than symmetric)
– Problem of trusting public key (what if I’ve never met you?)
• Examples: RSA, DSA, ECDSA
12#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Hybrid Cryptography
• Randomly generate “session” key• Encrypt data with “session” key
(symmetric key cryptography)• Encrypt “session” key with recipient’s public key
(public key cryptography)
13#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Hash Function
• Properties
– it is easy to compute the hash value for any given message
– it is infeasible to find a message that has a given hash
– it is infeasible to find two different messages with the same hash
– it is infeasible to modify a message without changing its hash
• Ensures message integrity
• Also called message digests or fingerprints
• Examples: MD5, SHA1, SHA2 (256/384/512)
14#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Message Integrity with CBC-MAC
• Set IV=0
• Run message through AES-CBC (or some other symmetric cipher)
• Discard everything except final block – this output is the MAC
15#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
AES-CCM (Counter with CBC-MAC)
CBC-MAC
AES in Counter
Mode
16#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Entropy(Information-theoretic, not thermodynamic!)
• When we create a random key, it must be unique and unpredictable
• We need good random numbers for this
• What happens if it’s not unique or unpredictable?
17#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Summary: Security Building Blocks
• Encryption provides
– confidentiality, can provide authentication and integrity protection
• Checksums/hash algorithms provide
– integrity protection, can provide authentication
• Digital signatures provide
– authentication, integrity protection
– For more info:
Buy this Book!
19#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
What is a Certificate?
• Binds a public key to some identifying information
– The signer of the certificate is called its issuer
– The entity talked about in the certificate is the subject of the certificate
• Certificates in the real world
– Any type of license, government-issued ID’s, membership cards, ...
– Binds an identity to certain rights, privileges, or other identifiers
20#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Public Key Infrastructure
• A Certificate Authority (CA) guarantees the
binding between a public key and another
CA or an “End Entity” (EE)
• CA Hierarchies
21#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Who do you trust?
Windows: Start->Run->certmgr.msc
22#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Public Key Infrastructure
• We trust a certificate if there is a valid chain of trust to a root CA that we explicitly trust• Web browsers also check DNS hostname == certificate
Common Name (CN)• Chain Building & Validation
23#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Creating Certificates A-Z
1. Generate entropy
2. Use entropy to create random public/private keypair(asymmetric crypto)
3. Attach identifying information to public key – send to CA (Certificate Signing Request)
4. CA issues certificate in X.509 format– Contains public key as supplied in CSR
– Contains hash of certificate contents
– Contains digital signature signed with CA’s private key (hash + asymmetric crypto)
5. Retrieve certificate from CA – match up with private key. Ready for use.
24#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Generating Certificate Signing Request
25#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Public CA versus Private CA
• Windows Server includes a domain-aware CA – why not just use it?
• Disadvantages:– PKI is complex. Might be easier to let Verisign/Thawte/etc. do it for you.
– Nobody outside your Windows domain will trust your certificates
• Advantages:– Less costly
– Better security possible. Low chances of someone outside organization getting a certificate from your internal PKI
26#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
For More Info
Buy this Book!
https://kvazar.files.wordpress.com/2008/12/unencrypted.pdf
28#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Authentication with 802.1X
• Authenticates users before granting access to L2 media
• Makes use of EAP (Extensible Authentication Protocol)
• 802.1X authentication happens at L2 –users will be authenticated before an IP address is assigned
29#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Sample EAP Transaction
2-stage process– Outer tunnel establishment
– Credential exchange happens inside encrypted tunnel
Clie
nt
Auth
entic
atio
n S
erv
er
Request Identity
Response Identity (anonymous) Response Identity
TLS Start
CertificateClient Key exchange
Cert. verification
Request credentials
Response credentials
Success
EAPOL RADIUSA
uth
entic
ato
r
EAPOL Start
30#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
802.1X Acronym Soup
PEAP (Protected EAP)– Uses a digital certificate on the network side
– Password or certificate on the client side
EAP-TLS (EAP with Transport Level Security)– Uses a certificate on network side
– Uses a certificate on client side
TTLS (Tunneled Transport Layer Security)– Uses a certificate on the network side
– Password, token, or certificate on the client side
EAP-FAST– Cisco proprietary
– Do not use – known security weaknesses
32#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Configure Supplicant Properly
• Configure the Common Name of your RADIUS server (matches CN in server certificate)
• Configure trusted CAs (an in-house CA is better than a public CA)
• ALWAYS validate the server certificate
• Do not allow users to add new CAs or trust new servers
• Enforce with group policy
33#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
Isn’t MSCHAPv2 broken?
• Short answer: Yes – because of things like rainbow tables, distributed cracking, fast GPUs, etc.
• This is why we use MSCHAPv2 inside a PEAP (TLS) tunnel for Wi-Fi
– What happens if you don’t properly validate the server certificate?
– Look up FreeRADIUS-WPE
• Test at Aruba HQ Sunnyvale
34#ATM15ANZ | @ ArubaANZ CONFIDENTIAL © Copyright 2015. Aruba, a Hewlett Packard Enterprise company. All rights reserved.
WPA2 Key Management Summary
Step 1: Use RADIUS to push PMK from AS to AP
Step 2: Use PMK and 4-Way Handshake to
derive, bind, and verify PTK
Step 3: Use Group Key Handshake to send GTK
from AP to STA
Auth Server
AP/Controller