1 / 23

Life After WPA

Life After WPA. Yap Chern Nam Secretary of IEEE Computer Chapter cnyap@tp.edu.sg. Overview. What has happened? What is going on now? What is up and coming?. Why WPA/802.11i?. – Walker, “Unsafe at any Key Size” , IEEE 802.11 doc. 00-362, October 2000

lacy-buck
Télécharger la présentation

Life After WPA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Life After WPA Yap Chern Nam Secretary of IEEE Computer Chapter cnyap@tp.edu.sg

  2. Overview • What has happened? • What is going on now? • What is up and coming?

  3. Why WPA/802.11i? • – Walker, “Unsafe at any Key Size” , IEEE 802.11 doc. 00-362, October 2000 • – Arbaugh, “An inductive Chosen Plaintext Attack against WEP”, IEEE 802.11 doc. 01-230, May 2001 • – Borisov, Goldberg, Wagner, “The insecurity of 802.11”,Proceedings of International Conference on Mobile Computing and Networking, July 2001 • – Fluhrer, Mantin, Shamir, “Weaknesses in the key schedule algorithm of RC4”, Proceedings of 4th Annual Workshop of Selected Areas of Cryptography, August 2001

  4. How are the Hackers? • http://www.youtube.com/watch?v=kDD9PjiQ2_U&feature=player_embedded

  5. Is WPA Safe? • 2008, Martin Beck / Erik Tews • Dictionary Attacks on TKIP • 2009, Masakatu Morii, Toshihiro • (Reduce under 1 minute)

  6. WPA2 too complex? • Windows 2003 Server; • Windows 2008 Server • PEAP/MS-CHAP • Server Authentication http://www.microsoft.com/downloads/details.aspx?familyid=0f7fa9a2-e113-415b-b2a9-b6a3d64c48f5&displaylang=en • Low Cost Solutions - Zero Shell

  7. Voice over IP • 2009,"It only took more than 125 years but POTS (plain old telephony service) is now on the decline in the U.S.," said Ken Dulaney, vice president and distinguished analyst at Gartner. "The emergence of VoIP and the phenomenal rise of the mobile phone now represent the 'dial tone' for the future"

  8. IEEE 802.11 Security

  9. IEEE 802.1x (EAP/TLS)

  10. 4 Way Handshake Mutual Authentication

  11. IEEE 802.11e - 2005

  12. BSS Transition

  13. Security or Voice?

  14. Network Setup

  15. Voice Traffic on BSS Transition

  16. Various Codec on Wireless LAN

  17. IEEE 802.11k - 2008 • Load Balancing in WLAN • Capacity Management • Roaming becomes more inportant

  18. IEEE 802.11r - 2008

  19. Roaming Timing with w/o STA Load 0.14 0.12 0.10 Roaming Latency (Sec) 0.08 0.06 0.04 0.02 0.00 0 50 100 150 200 250 BackEnd Latency (mSec) IEEE 802.11i Roaming Latency IEEE 802.11i Voice Latency IEEE 802.11r Roaming Latency IEEE 802.11r Voice Latency OPNET Simulation

  20. Current Security • Management Frame and Control are Clear text. • Why so worry so much for management frames??.... • IEEE 802.11k lots of network information related information, handoff information • De-Auth and Dis-Assoc simplest DoS

  21. IEEE 802.11w - 2009 • 802.11w get rids of “Spoofed Disconnect” DoS attacks • Deauthentication • Disassociation • Certain “Action Management Frames” are made anti-spoof • Spectrum Management (IEEE 802.11k) • QoS (IEEE 802.11e) • Fast BSS Transition(IEEE 802.11r)

  22. How is it done? • IEEE 802.11w adds cryptographic protection to Deauth and Disassoc • Using MIC attached to the Management Frames.

  23. Thank You

More Related