8/19/2019 Application Cryptography Wireless LAN Security
1/50
Bachelor Degree of Telecommunication Engineering
School of Electrical Engineering
Telkom University
*
Nur Andini
Raditiana Patmasari
Cryptography and Network Security 1
8/19/2019 Application Cryptography Wireless LAN Security
2/50
Cryptography and Network Security 2
*
⇰ Knowing and understanding application of
cryptography on computer network security
⇰ Knowing and understanding application of
cryptography on WLAN security
⇰ Knowing and understanding application of
cryptography on GSM
8/19/2019 Application Cryptography Wireless LAN Security
3/50
Cryptography and Network Security 3
*
1. Introduction
2. WEP
3. WPA
4. WPA2
8/19/2019 Application Cryptography Wireless LAN Security
4/50
*
Cryptography and Network Security 4
8/19/2019 Application Cryptography Wireless LAN Security
5/50
*
IEEE 802.11
WirelessLocal Area
Network(WLAN)
IEEE 802.11i
WLAN
Security
Cryptography and Network Security 5
8/19/2019 Application Cryptography Wireless LAN Security
6/50
*
IBSS
IndependentBasic
Service Set
BSS
BasicService Set
ESS
ExtendedService Set
Cryptography and Network Security 6
8/19/2019 Application Cryptography Wireless LAN Security
7/50
*
Cryptography and Network Security 7
8/19/2019 Application Cryptography Wireless LAN Security
8/50
*
Cryptography and Network Security 8
8/19/2019 Application Cryptography Wireless LAN Security
9/50
*
Cryptography and Network Security9
8/19/2019 Application Cryptography Wireless LAN Security
10/50
*
Encryption
AAASegmentation
Cryptography and Network Security10
8/19/2019 Application Cryptography Wireless LAN Security
11/50
*
• Ron’s Code or Rivest’s Cipher
• Stream cipher• Protecting internet trafficRC4• Advanced Encryption standard
• Block cipher
• Protecting WLAN dataAES
Cryptography and Network Security11
8/19/2019 Application Cryptography Wireless LAN Security
12/50
*
Authentication
AuthorizationAccounting
Cryptography and Network Security12
8/19/2019 Application Cryptography Wireless LAN Security
13/50
*
AuthenticationIt is the first stepof connecting user
to the network.It is to verify theidentity of user.
Cryptography and Network Security 13
8/19/2019 Application Cryptography Wireless LAN Security
14/50
*
AuthorizationIt is the next step
afterauthentication.
It is to grant user
the access ofnetwork resources
and services.
Cryptography and Network Security 14
8/19/2019 Application Cryptography Wireless LAN Security
15/50
*
AccountingIt is the next
step afterauthorization.
It is to track theuse of network
resource.
Cryptography and Network Security 15
8/19/2019 Application Cryptography Wireless LAN Security
16/50
*
It is to segment users into groups.
After authorization, user is
restricted in case of resource andcoverage.
Cryptography and Network Security 16
8/19/2019 Application Cryptography Wireless LAN Security
17/50
*
Cryptography and Network Security 17
8/19/2019 Application Cryptography Wireless LAN Security
18/50
*
Encryption
process onLayer 2
RC4 isused
64-bitWEP
Cryptography and Network Security 18
8/19/2019 Application Cryptography Wireless LAN Security
19/50
*
Confidentiality
Access
controlIntegrity
Cryptography and Network Security 19
8/19/2019 Application Cryptography Wireless LAN Security
20/50
*
Confidentiality
Providing data privacy
Encrypting the data usingRC4
Cryptography and Network Security 20
8/19/2019 Application Cryptography Wireless LAN Security
21/50
*
Authentication
Open System
Shared-Key
Access control
Authorization
Granting user theaccess of network
resources and services
Cryptography and Network Security 21
8/19/2019 Application Cryptography Wireless LAN Security
22/50
Cryptography and Network Security 22
*
Authentication
Open System
Verifiying useridentitywithout user
verification.
Pre-Shared
Verifiying user identitywithuser verification using
static key.
8/19/2019 Application Cryptography Wireless LAN Security
23/50
*
Integrity
Providing Integrity CheckValue (ICV)
Preventing the datamodification
Cryptography and Network Security 23
8/19/2019 Application Cryptography Wireless LAN Security
24/50
*
Plaintext
Message
Cyclic Redundancy Check (CRC)
Integrity Check Value
Cryptography and Network Security 24
8/19/2019 Application Cryptography Wireless LAN Security
25/50
*
Key
InitializationVector (IV)
Static keyKeystream
RC4
Statickey
IV
Cryptography and Network Security 25
8/19/2019 Application Cryptography Wireless LAN Security
26/50
*
64-bit WEPkey
24-bitInitializationVector (IV)
40-bit statickey
Cryptography and Network Security 26
8/19/2019 Application Cryptography Wireless LAN Security
27/50
*
Ciphertext
Keystream
XOR
Plaintext
Cryptography and Network Security 27
8/19/2019 Application Cryptography Wireless LAN Security
28/50
*
IV Ciphertext Ciphertext
Cryptography and Network Security 28
8/19/2019 Application Cryptography Wireless LAN Security
29/50
*
IV collisionattack
Weakkey
attack
Re-injectionattack
Bit-flippingattack
Cryptography and Network Security 29
8/19/2019 Application Cryptography Wireless LAN Security
30/50
*
It is easy to get the secret key when IVcollision occurs
IV collision attack
224 IV combination IV is generated on everyframe
Cryptography and Network Security 30
8/19/2019 Application Cryptography Wireless LAN Security
31/50
Cryptography and Network Security 31
*
It is easy to get secret key byrecovering IV
Weak key attack
RC4 Weak keys aregenerated
8/19/2019 Application Cryptography Wireless LAN Security
32/50
Cryptography and Network Security 32
*
Injecting many IVs toaccelerate IV flow
Re-injection attack
8/19/2019 Application Cryptography Wireless LAN Security
33/50
Cryptography and Network Security 33
*
ICV is weak
Bit-flipping attack
8/19/2019 Application Cryptography Wireless LAN Security
34/50
8/19/2019 Application Cryptography Wireless LAN Security
35/50
Cryptography and Network Security 35
*
Improvingencryptionmethod on
WEP
Improvingdata
protection
Improvingaccesscontrol
8/19/2019 Application Cryptography Wireless LAN Security
36/50
Cryptography and Network Security 36
*
Confidentiality
Access
controlIntegrity
8/19/2019 Application Cryptography Wireless LAN Security
37/50
Cryptography and Network Security 37
*
Encrypting the data usingTemporal Key Integrity
Protocol (TKIP)RC4
Confidentiality
8/19/2019 Application Cryptography Wireless LAN Security
38/50
Cryptography and Network Security 38
*
TKIP128-bit static key
Providing key hierarchyand key management
• Removing predictability ofstatic key
8/19/2019 Application Cryptography Wireless LAN Security
39/50
Cryptography and Network Security 39
*
Access controlGranting user the access of network resources and
services
Authentication
8/19/2019 Application Cryptography Wireless LAN Security
40/50
Cryptography and Network Security 40
*
Authentication
Personal
Pre-Shared key(PSK)
Enterprise
802.1XExtensible
AuthenticationProtocol (EAP)
8/19/2019 Application Cryptography Wireless LAN Security
41/50
Cryptography and Network Security 41
*
Preventing data modificationMessage Integrity Check
(MIC)Michael
Integrity
8/19/2019 Application Cryptography Wireless LAN Security
42/50
*
Cryptography and Network Security 42
8/19/2019 Application Cryptography Wireless LAN Security
43/50
Cryptography and Network Security 43
*
WPAAdvancedEncryption
Standard (AES)
WPA2
8/19/2019 Application Cryptography Wireless LAN Security
44/50
Cryptography and Network Security 44
*
Encrypting the data usingCounter mode with Cipher BlockChaining-Message Authentication
Code (CCMP)AES
Confidentiality
8/19/2019 Application Cryptography Wireless LAN Security
45/50
Cryptography and Network Security 45
*
AES128-bit key
128-bit
plaintext block
8/19/2019 Application Cryptography Wireless LAN Security
46/50
Cryptography and Network Security 46
*
Access controlGranting user the access of network resources and
services
Authentication
8/19/2019 Application Cryptography Wireless LAN Security
47/50
Cryptography and Network Security 47
*
Authentication
Personal
Pre-Shared key(PSK)
Enterprise
802.1XExtensible
AuthenticationProtocol (EAP)
8/19/2019 Application Cryptography Wireless LAN Security
48/50
Cryptography and Network Security 48
*
Preventing data modification8-byte Message
Integrity Check (MIC)Michael
Integrity
8/19/2019 Application Cryptography Wireless LAN Security
49/50
Cryptography and Network Security 49
*
*“CWNA Certified Wireless Network
Administrator” by David D. Coleman and David
A. Westcott*“Wi-Fi Protected Access” by Wi-Fi Alliance
*“Cryptography and Network Security” by
William Stallings
8/19/2019 Application Cryptography Wireless LAN Security
50/50
*
Cryptography and Network Security 50