110 likes | 315 Vues
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11 Security - 2. Dr. Kemal Akkaya E-mail: kemal@cs.siu.edu . How about using Virtual Private Networking (VPN) for better Security?.
E N D
Department of Computer ScienceSouthern Illinois University CarbondaleWireless and Network SecurityLecture 9: IEEE 802.11 Security - 2 Dr. Kemal Akkaya E-mail: kemal@cs.siu.edu Wireless & Network Security 1
How about using Virtual Private Networking (VPN) for better Security? • Deploying a secure VPN over a wireless network can greatly increase the security of your data • Idea behind this is to treat the wireless network the same as an insecure wired network (the internet). • Any user get authenticates through a server • Can use the network as if he/she is on the network • Campus network, business etc. • Not a good solution: • Overhead • Deployment • Performance • Susceptible to denial of service (DOS) attacks, along with any attack against the specific VPN Wireless & Network Security 2
Solutions for better IEEE 802.11 Security • IEEE 802.1x • Per-user authentication • Key distribution mechanism • Wi-Fi Protected Access (WPA) • Proposed in 2003 • Subset of 802.11i • Two forms: • 802.1x + EAP + TKIP + MIC • Pre-shared Key + TKIP + MIC • IEEE 802.11i – WPA2 • 802.1x + EAP + AES + CCM • But WEP is still in wide use Wireless & Network Security 3
IEEE 802.1X • 802.1X is a port-based, layer 2 (MAC address layer) authentication framework on IEEE 802 networks. • Uses EAP (Extensible Authentication Protocol) for implementation • It works along with the 802.11 protocol to manage authentication for WLAN clients • Centralized authentication • All clients go through APs • Interoperability: Can work along with NICs running WEP • Three main components: • Supplicant • Authenticator • Authentication Server Wireless & Network Security 4
IEEE 802.1X Authentication Process • Client makes an association with AP • AP places client in an unauthenticated holding area; AP sends an authentication request to client • Client sends user ID to AP, which forwards it to server • Server sends challenge via AP to client • Challenge type up to vendor • Secret info is not sent over air in plaintext • Client responds to challenge • Server verifies response, provides fresh session keys Wireless & Network Security 5
IEEE 802.1X Authentication Process Auth Server“RADIUS” Client AP Let me in! What’s your ID? ID = xxx@yyy.local Is xxx@yyy.local OK? Prove to me that you are xxx@yyy.local EAP Challenge/Authentication The answer is “xxx” Let him in. Here is the session key. Come in. Here is the session key. network http://www.yahoo.com Encryptedsession • Authentication session Wireless & Network Security 6
WPA (Wi-Fi Protected Access) • Pre-standard subset of IEEE 802.11i • Interim solution to run on existing wireless hardware • Uses Temporal Key Integrity Protocol (TKIP) for data encryption and confidentiality • On October 31, 2002, the Wi-Fi Alliance endorsed TKIP under the name Wi-Fi Protected Access (WPA). • TKIP Changes • Still uses RC4, 128 bits for encryption • Key mixing function for combining the secret root key with the IV • Merely concatenation in WEP • Provisions for changing base keys • Secret part of encryption key changed in every packet • Avoids weak keys • IV acts as a sequence counter • Starts at 0, increments by 1 • Against replay attacks • Packets received out of order will be rejected by the AP Wireless & Network Security 7
WPA Changes for Integrity • Includes Michael: a Message Integrity Code (MIC) • 64 bits • Replaces the CRC • Different keys for MIC and encryption • Observer cannot create new MIC to mask changes to data • Computationally Efficient • Increases IV from 24 bits to 64 bits • 900 years to repeat an IV at 10k packets/sec • For WEP this is done in 30 mins • Authentication • 2 forms based on 802.1X: • Per-user based: Public key • Pre-shared key: same key – WPA-PSK Wireless & Network Security 8
Final Standard: 802.11i • The long-awaited security standard for wireless • Ratified in June 2004 • Also known as WPA2 for the market • Another name is Robust Security Network (RSN) • Hardware manufactured before 2002 is likely to be unsupported • AES requires a new dedicated chip • From March 2006, WPA2 certification is mandatory for all new devices • Addresses the main problems in WEP • Components: • 802.1X based Authentication • CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) • RSN based associations Wireless & Network Security 9
More WPA2 • CCMP • Uses Advanced Encryption Standard (AES) • Unlike in TKIP, key management and message integrity is handled by a single component built around AES using a 128-bit key and a 128-bit block. • Uses CCM • Encrypts data and MIC • Key Caching • Skips re-entering of the user credential by storing the host information on the network • APs can store keys • Fast re-connection • Pre-authentication • If previously authenticated • Allows client to become authenticated with an AP before moving to it • Uses previous authentication info • Useful in encrypted VoIP over Wi-Fi • Fast Roaming Wireless & Network Security 10
802.11i Summary Wireless & Network Security 11