1 / 34

Wireless Security

Wireless Security. Dr Jerry Gao. By Latha Boopathy. Wireless Security. Security Issues in WLAN Security Issues in WAP Security Issues in Cellular phones. Intro -WLAN.

ondrea
Télécharger la présentation

Wireless Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wireless Security Dr Jerry Gao By Latha Boopathy

  2. Wireless Security • Security Issues in WLAN • Security Issues in WAP • Security Issues in Cellular phones

  3. Intro -WLAN • WLAN users can access shared information without looking for a place to plug in. A type of network that uses high frequency radio waves rather than wire to communicate between nodes. Benefits Mobility:WLAN systems can provide LAN users with access to real time information anywhere in an organization Installation speed and simplicity:Installing a WLAN system can be fast and easy and can also eliminate the need to pull cable through walls and ceilings. Reduced cost of ownership: Overall installation expenses and lifecycle costs can be significantly lower. Scalability: Network administrators can configure WLAN system in various topologies to meet the needs of specific applications and installations.

  4. IEEE 802.11 Specifications for wireless LANs 802.11: The original IEEE wireless LAN standard that provides 1 or 2 Mbps transmission speed in the 2.4 GHz band, using either FHSS or DSSS. 802.11b(Wi-Fi): transmission speed -11Mbps in 2.4 GHz band.Uses only DSSS. Security:WEP (Wired Equivalent Privacy) 802.11a: An extension to original IEEE 802.11 wireless LAN standard that provides up to 54Mbps in the 5 GHz band. uses OFDM rather than FHSS or DSSS. Security:enhanced security features with 152-bit WEP encryption and MAC address filtering but not as reliable as wi-fi 802.11i: Security enhancement to WEP.Uses TKIP(Temporal Key Integrity Protocol) 802.1x: provide enhanced security for users of 802.11b wireless LANs.It provides port level authentication for any wired or wireless Ethernet client system.

  5. 802.11 protocol architecture(IEEE 802 protocol layers compared to OSI model)

  6. Physical layer Functions • encoding/decoding of the signals • Preamble generation/removal(for synchronization) • Bit transmission/reception • Direct Sequence Spread Spectrum(DSSS) • Frequency Hopping Spread Spectrum(FHSS) • Infra red(IR) Physical Media

  7. Logical Link layer • Provide an interface to higher layers and perform flow and • error control • The LLC layer optionally keeps track of which frames have been • successfully received and retransmits unsuccessful frames. • For WLAN it must support the multi-access, shared-medium • nature of the link. • MAC layer • Reliable Data Delivery-maintains reliable data service using ACK frame • Access Control -Before transmitting a frame,the MAC coordination must gain access to the network. • Security - providing authentication and privacy

  8. IEEE 802.11 Architecture

  9. Basic Service Set(BSS)-Consists of number of stations executing the same MAC protocol competing for access to the same shared wireless medium Access Point(AP)-Any entity that has station functionality and provides access to the distribution system through wireless medium for associated stations Distribution System(DS)-A system used to interconnect a set of BSS and integrated LANs to create an ESS Extended Service Set(ESS)-A set of more interconnected BSSs and integrated LANs that appear as a single BSS to the LLC layer at any station associated with one of these BSSs Portal-To integrate the IEEE802.11 architecture with a traditional wired LAN.

  10. Making Association Each mobile device client in infrastructure mode sends all of its communications to a network device called an access point(AP).The AP acts as an ethernet bridge and forwards the communication to the appropriate network,either the wired local area network or another wireless network. Before the client can communicate data,mobile wireless clients and access points must establish a relationship called association.To establish a connection, the communicating parties exchange messages called management frames. 1.All access points transmit a beacon management frame at a fixed interval. 2.To associate with an access point and join a BSS, a mobile device client listens for beacon message to identify the access points within range. 3.The mobile device client selects the BSS to join in a vendor-independent manner. 4.The client may also send a probe request management frame to find an access point affiliated with a desired service set Identifier(SSID).An SSID is an identification value programmed into a wireless access point.

  11. 5.After identifying an access point,the client and the access point perform a mutual authentication by exchanging several management frames as a part of the process. 6.After successful authentication, the client moves into authenticated but unassociated state. 7.Moving from the second state to the third state, authenticated and associated, involves the client sending an association request frame and the access point responding with an association response frame. 8.The mobile device client becomes a peer on the wireless network, and can transmit data frames on the network.

  12. Wireless Threats Eavesdropping-Eavesdropping is used to gather information on the network under attack. Primary goals of the attacker are to understand who uses the network,what is accessible, what capabilities of the equipment on the network are, and what the coverage area is. Denial of service Jamming- The entire area including both base station and the clients, is flooded with interference so that no stations can communicate with each other.This attack shut down all the communication in the given area. Most of the wireless networking technologies utilize unlicensed frequencies.Therefore any device such as cordless phones,baby monitors and microwave ovens may interfere with wireless networking and effectively jam the wireless communications. Man-in-the-Middle Attacks -This attack is more sophisticated than most attack and require significant information about the network. When the victim initiates a connection,the attacker will intercept the connection and then complete the connection to the intended resource and proxy all communication to the resource. Now he can modify, eavesdrop, inject data on a session.

  13. IEEE 802.11b Security related services • Authentication :Used to establish the identity of stations to each other.IEEE 802.11 requires mutually acceptable ,successful authentication before a station can establish an association with an AP. • Open System authentication • Shared key authentication • Deauthentication: This service is invoked whenever an existing authentication is to be terminated. • Privacy:Used to prevent the contents of messages from being read by other than the intended recipient. • WEP Encryption

  14. Open System authentication • The default authentication service that simply announces the desire to associate with another station or access point. • One party sends a MAC control frame,known as authentication frame, to the other party.The frame indicates that it is an open system authentication type. • The other party responds with its own authentication frame and the process is complete • No security at all. Mobile station Access point Authentication request “Open system” Authentication response “open system”

  15. Shared Key authentication It requires that the two parties share a secret key not shared by any other party.Access is denied who does not have an assigned key. The shared key used to encrypt and decrypt the data frames is also used to authenticate the station,but this is considered a security risk. 1.A sends a MAC authentication frame with an authentication identification of “shared key” and with a station identifier that identifies the sending station. 2.B responds with an authentication frame that includes a 128-octet challenge text.The challenge text is generated using WEP PRNG.The Key and IV is also used to generate this challenge text. 3.A uses the shared key and initialization vector to encrypt the challenge text, and generates an integrity check value(ICV).This frame is sent to the AP with the IV and ICV. 4.B receives the encrypted frame and decrypts it using WEP and the secret key shared with A.If decryption is successful, then B compares the incoming challenge text with the challenge text that is sent in the second message.B then sends an authentication message to A with a status code indicating success or failure

  16. Shared key authentication Mobile station(A) Access point(B) Authentication request “shared key” Challenge text “shared key” Challenge Response (Encrypted challenge Text) “shared key” Authentication result “shared key”

  17. WEP Encryption Since eavesdropping is a major concern in wireless transmission, IEEE 802.11 incorporates WEP to provide modest level of security.WEP uses encryption algorithm based on the RC4 encryption algorithm.

  18. WEP encryption • At the sending station,the WEP encipherment first runs the unencrypted data located in the MAC frame through an integrity algorithm. This algorithm is simply 32-bit CRC that is appended to the end of the MAC frame. • For encryption process, 40 bit secret key is shared by the two participants in the exchange. • An initialization vector(IV) is concatenated to the secret key. • The resulting block forms the seed that is input to the pseudorandom number generator(PRNG) • The PRNG generates a bit sequence of the same length as the MAC frame plus its CRC. • A bit-by-bit exclusive OR between the MAC frame and the PRNG sequence produces the ciphertext. • IV is attached to the ciphertext and the resulting block is transmitted. IV is changed periodically for every transmission

  19. WEP decryption • At the receiving end,the receiver retrieves the IV from the data block and concatenates this with the shared secret key to generate the same key sequence used by the sender. • The key sequence is then XOR it with the incoming block to recover the plain text. • A+B+B=A • Finally the receiver compares the incoming CRC with the CRC calculated at the receiver to validate integrity.

  20. 802.11 vulnerabilities Service Set Identifier Problem : SSID is an identification value programmed in the access point or group of access points to identify the local wireless subnet. If the mobile station does not know the value of SSID,access is denied to the associated access point. The SSID is advertised in plain-text in the access point beacon messages.Although beacon messages are transparent to users, an eavesdropper can easily determine the SSID with the use of an 802.11 wireless LAN packet analyzer and gain access to the network.

  21. Eavesdropping:Wireless technology is vulnerable to eavesdropping,especially because intruders do not have to physically tap into a network.The intruder with a WLAN card can passively sniff the network traffic without gaining physical access. Though 802.11b standards specify that the broadcast range is only 150 to 300 feet,in reality the signal travels much farther.Intrusive parties can eavesdrop on network traffic from wherever they can set up a laptop to intercept the signals. Eavesdropping is very easy in the radio environment. 802.11 uses FHSS or DSSS or infra red transmission types.Anyone with the suitable transceiver in the range of transmission can listen in.Further 802.11 protocol leaves the physical layer header unencrypted, providing critical information to the attacker.

  22. Vulnerability of Shared Key Authentication

  23. Shared key authentication requires the client use a preshared WEP key to encrypt challenge text sent from the access point. The access point authenticates the client by decrypting the shared key response and validating that the challenge text is the same. • The process of exchanging the challenge text occurs over the wireless link and is vulnerable to a man-in-the-middle attack. • An eavesdropper can capture both the plain-text challenge text and the cipher-text response. • WEP encryption is done by performing an exclusive OR (XOR) function on the plain-text with the key stream to produce the cipher-text. It is important to note that if the XOR function is performed on the plain-text and cipher-text are XORed, the result is the key stream. Therefore, an eavesdropper can easily derive the key stream just by sniffing the shared key authentication process with a protocol analyzer.

  24. Published WEP vulnerabilities http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html -Berkley http://www.cs.umd.edu/~waa/wireless.pdf -Maryland http://www.cs.rice.edu/~astubble/wep/ -AT&T labs

  25. Weak IV attack When a Secret key is used to encrypt and decrypt transmitted data, each packet includes an initialization vector(IV), which ia a 24-bit field that changes with each packet. The RC4 key scheduling Algorithm creates the IV from the secret key. A flaw in the WEP implementation of RC4 allows the creation of “weak” Ivs that give insight into the secret key. TKIP It has key hashing or per-packet keying. When key hashing algorithm is implemented on both the AP and all associated client devices, the transmitter of data hashes the base key with the IV to create a new key for each packet. This key hashing removes the predictability that an intruder relies on to determine the WEP key by exploiting IVs

  26. Dynamic WEP Keys The secret key resides in each station’s management information database. IEEE 802.11 does not specify how to distribute the keys to each station. Having a separate key for each user helps reduce the chance of cryptographic attacks, but enforcing a reasonable key period remains a problem,because the keys can only be changed manually and distributing the keys becomes more difficult as the number of stations increases. Cisco Aironet (LEAP) solution creates per-user ,per-session dynamic WEP keys tied to the network logon, thereby addressing the limitations of shared key system.

  27. Mac address Filtering • Some 802.11 access point devices have the capability to restrict access to only those devices • that are aware of a specific identification value, such as MAC address. • Some access point devices also contain a table of permitted and denied MAC addresses,which • enables a device administrator to specify the exact remote devices that are authorized to make • use of the wireless service. • If the client’s MAC address is not on this list,the network does not let the client associate • with the access point. • Problem: • It’s time consuming because the list of client MAC address must be entered manually • into each access point.So best suits for smaller network. • MAC spoofing: MAC address filtering is also not a reliable method because MAC address can be easily captured by the attacker using packet sniffer. After capturing an authorized MAC address, an intruder could easily program her own network card to have the same MAC address and gain access to the WLAN

  28. Network solutions802.1x • The 802.1x standard provides enhanced security for users of 802.11 WLAN with strong, mutual authentication between a client and an authentication server. • 802.1x uses extensible Authentication protocol(EAP) for communication between a client and an AP. • EAP authentication packets are send to the access point with user login information (username and password).The access point can authenticate the user through Remote Authentication Dial-in User Service (RADIUS) server. • The RADIUS server and client then derive a client-specific WEP secret key to be used by the client for the current logon session. User passwords and session keys are never transmitted in the clear, over the wireless link • Cisco has developed an 802.1x authentication type called EAP Cisco Wireless or Cisco LEAP.

  29. LEAP authentication process

  30. When these features are implemented, a wireless client that associates with an AP cannot gain access to the network until the user performs a network logon. When the user enters a username and password into a network logon dialog box or its equivalent, the client and a RADIUS server perform a mutual authentication, with the client authenticated by the supplied username and password. The RADIUS server and client then derive a client-specific WEP key to be used by the client for the current logon session. User passwords and session keys are never transmitted in the clear, over the wireless link

  31. A wireless client associates with an access point • The access point blocks all attempts by the client to gain access to network resources until the client logs on to the network. • The user on the client supplies a username and password in a network logon dialog box or its equivalent. • Using 802.1X and EAP, the wireless client and a RADIUS server on the wired LAN perform a mutual authentication through the access point. One of several authentication methods or types can be used. With the Cisco authentication type LEAP, the RADIUS server sends an authentication challenge to the client. The client uses a one-way hash of the user-supplied password to fashion a response to the challenge and sends that response to the RADIUS server. Using information from its user database, the RADIUS server creates its own response and compares that to the response from the client. When the RADIUS server authenticates the client, the process repeats in reverse, enabling the client to authenticate the RADIUS server. • When mutual authentication is successfully completed, the RADIUS server and the client determine a WEP key that is distinct to the client. The client loads this key and prepares to use it for the logon session. • The RADIUS server sends the WEP key, called a session key, over the wired LAN to the access point. • The access point encrypts its broadcast key with the session key and sends the encrypted key to the client, which uses the session key to decrypt it. • The client and access point activate WEP and use the session and broadcast WEP keys for all communications during the remainder of the session. • Both the session key and broadcast key are changed at regular intervals as configured in the RADIUS server

  32. VPN solution

  33. VPN provides a secure and dedicated channel over an untrusted network,such as the Internet, and wireless networks. IPSec -It is a frame work of open standards for ensuring secure private communications over IP networks. IPSec client is placed on every PC connected to the wireless network and the user is required to establish an IPSec tunnel to route any traffic to the wired network. RADIUS-is a distributed client/server system wherein client send authentication requests to the central RADIUS server that contains all the user authentication and network service access information. It’s commonly recommended that access point be placed on their own segment or virtual LAN(VLAN)with a stateful IP filtering firewall separating the restricting wireless LAN and unrestricted wired LAN.By configuring the firewall to pass VPN traffic,all other network activity can be stopped, thus preventing unauthorized clients from gaining access to the main network.

  34. References http://www.cisco.com/warp/public/779/smbiz/wireless/wlan_security.shtml http://www.certicom.com/about/pr/wireless_basics.html#8 http://www.80211-planet.com/columns/article/0,4000,1781_928471,00.html http://www.cs.umd.edu/~waa/wireless.html(3,4,8) http://www.cisco.com/warp/public/cc/pd/witc/ao350ap/prodlit/1680_pp.htm Books Wireless communication and networks-William stallings Wireless Security- Merrit Maxim, David Pollino Wireless Security: Models, Threats, and SolutionsRandall K. Nichols

More Related