1 / 26

Wireless LAN Security

Wireless LAN Security. Kim W. Tracy NEIU, University Computing k.w.tracy@ieee.org. Outline. Threats to LANs & Wireless LANs Wireless LAN Security Techniques Summary. Fundamental Premise. Security cannot be considered in isolation and to be effective must consider the entire system

merton
Télécharger la présentation

Wireless LAN Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wireless LAN Security Kim W. Tracy NEIU, University Computing k.w.tracy@ieee.org

  2. Outline • Threats to LANs & Wireless LANs • Wireless LAN Security Techniques • Summary

  3. Fundamental Premise • Security cannot be considered in isolation and to be effective must consider the entire system • That is, network and LAN security must be: • Consistent with other security mechanisms • E.g. application, data, hardware, and physical • Supportive of other security mechanisms

  4. Threats

  5. Protecting Integrity Protecting Secrecy Network Traffic Protecting Availability LAN Threats

  6. Specific LAN Threats • Availability • Worms/Virus DoS • Errant applications creating lots of traffic/malformed traffic • Authentication • Spying devices on LAN • For example, a contractor connecting to LAN • Secrecy • Sniffers being connected to the LAN to collect passwords, etc.

  7. Authentication

  8. Current State of LAN Authentication • Usually none! • If in the building can plug in to the LAN • Can cause severe problems: • Using LAN for illegal purposes (company/person may be liable) • Can more easily compromise servers • For example, send spam from your mail servers • Wireless LANs are bringing issue out

  9. Authentication services • 802.1X – IEEE standard for LAN authentication • Can use PKI certificate-based authentication • Kerberos (closed environment) • Single login (once per session) • To multiple servers/domains • ‘Ticket’ for each server • X.509 (open environment) • Based on public key infrastructure • Used in SSL, IPSEC, S/MIME, SET… • One-way, two-way or three-way authentication

  10. Kerberos

  11. X.509 Authentication A B [Ta, Ra, B, EkpubB(Kab) ] sgnA One-way authentication [Ta, Ra, B, EkpubB(Kab) ] sgnA Two-way authentication [Tb, Rb, A, Ra, EkpubA(Kab) ] sgnB [Ta, Ra, B, EkpubB(Kab) ] sgnA [Tb, Rb, A, Ra, EkpubA(Kab) ] sgnB Three-way authentication [Rb] sgnA

  12. Authentication Server Supplicant Authenticator Uncontrolled port Controlled port IEEE 802.1X Terminology • 802.1X • created to control access to any 802 LAN • used as a transport for Extensible Authentication Protocol (EAP, RFC 2284)

  13. Associate EAP Identity Request EAP Identity Response EAP Identity Response EAP Auth Request EAP Auth Request EAP Auth Response EAP Auth Response EAP-Success EAP-Success Authentication traffic Normal Data 802.1X Model AP Authentication Server STA Port Status:

  14. Wireless LAN Security

  15. Introduction • 802.11 standard specifies the operating parameters of wireless local area networks (WLAN) • History: 802.11, b, a, g, i • Minimal security in early versions • Original architecture not well suited for modern security needs • 802.11i attempts to address security issues with WLANs

  16. 802.11b • Wired Equivalent Privacy (WEP) • Confidentiality • Encryption • 40-bit keys (increased to 104-bit by WEP2) • Based on RC4 algorithm • Access Control • Shared key authentication + Encryption • Data Integrity • Integrity checksum computed for all messages

  17. 802.11b • Vulnerabilities in WEP • Poorly implemented encryption • Key reuse, small keys, no keyed MIC • Weak authentication • No key management • No interception detection

  18. 802.11b • Successful attacks on 802.11b • Key recovery - AirSnort • Man-in-the-middle • Denial of service • Authentication forging • Known plaintext • Known ciphertext

  19. 802.11i • Security Specifications • Improved Encryption • CCMP (AES), TKIP, WRAP • 2-way authentication • Key management • Ad-hoc network support • Improved security architecture

  20. 802.11i Authentication Source: Cam-Winget, Moore, Stanley and Walker

  21. 802.11 Encryption Source: Cam-Winget, Moore, Stanley and Walker

  22. 802.11i – Potential Weaknesses • Hardware requirements • Hardware upgrade needed for AES support • Strength of TKIP and Wrap questionable in the long term • Authentication server needed for 2-way authentication • Complexity • The more complex a system is, the more likely it may contain an undetected backdoor • Patchwork nature of “fixing” 802.11b

  23. No Control over WLAN? • Often you want to connect to a wireless LAN over which you have no control • Options: • If you can, connect securely (WPA2, 802.11i, etc.) • If unsecured, connect to your secure systems securely: • VPN – Virtual Private Network • SSL connections to secure systems • Be careful not to expose passwords • Watch for direct attacks on untrusted networks

  24. WLAN Security - Going Forward • 802.11i appears to be a significant improvement over 802.11b from a security standpoint • Vendors are nervous about implementing 802.11i protocols due to how quickly WEP was compromised after its release • Only time will tell how effective 802.11i actually will be • Wireless networks will not be completely secure until the standards that specify them are designed from the beginning with security in mind

  25. Summary • Wireless LAN Security is not independent of the greater network security and system security • Threats to the Wireless LAN are largely in terms of being available and in providing a means to attack systems on the network • That is, not many folks attack routers (yet)

  26. References • ftp://ftp.prenhall.com/pub/esm/web_marketing/ptr/pfleeger/ch07.pdf - Charles & Shari Pfleeger’s chapter on network security • http://www.gocsi.com/forms/fbi/pdf.jhtml - To request the Computer Security Institute/FBI yearly survey results (widely referenced)

More Related