Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background...
-
Upload
delilah-nash -
Category
Documents
-
view
216 -
download
0
Transcript of Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background...
![Page 1: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/1.jpg)
Wireless Networking
![Page 2: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/2.jpg)
cs490ns - cotter 2
Outline
• Wireless Network Communications– Background– Security Issues– WEP / WPA
![Page 3: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/3.jpg)
cs490ns - cotter 3
Hardening Wireless Local Area Networks (WLAN)
• By 2007, >98% of all notebooks will be wireless-enabled
• Serious security vulnerabilities have also been created by wireless data technology:– Unauthorized users can access the wireless signal
from outside a building and connect to the network
– Attackers can capture and view transmitted data
– Employees in the office can install personal wireless equipment and defeat perimeter security measures
– Attackers can crack wireless security with kiddie scripts
![Page 4: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/4.jpg)
cs490ns - cotter 4
IEEE 802.11 Standards
• A WLAN shares same characteristics as a standard data-based LAN with the exception that network devices do not use cables to connect to the network
• RF is used to send and receive packets• In September 1999, a new 802.11b High Rate was
amended to the 802.11 standard. It added two higher speeds, 5.5 and 11 Mbps to original speeds of 1, 2 Mbps
• Communications distance varies with bandwidth to a maximum range of up to 300 ft.
• With faster data rates, 802.11b quickly became the standard for WLANs
![Page 5: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/5.jpg)
cs490ns - cotter 5
IEEE 802.11 Standards
• At same time, the 802.11a standard was released
• 802.11a has a maximum rated speed of 54 Mbps and also supports 48, 36, 24, 18, 12, 9, and 6 Mbps transmissions at 5 GHz
• 802.11g added in 2003. It adds transmission rates of 18, 36, and 54 Mbps to the rates available under 802.11b.
• 802.11n draft product in 2007, standardized in 2009. Added rates up to 600 mbps
![Page 6: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/6.jpg)
cs490ns - cotter 6
Data Rates / Range• 802.11b
• 1 Mbps / 90+ m.• 2 Mbps / 75 m.• 5.5 Mbps / 60 m.• 11 Mbps / 50 m.
• 802.11g
• All of 802.11b• 18 Mbps / 50 m.• 36 Mbps / 35 m.• 54 Mbps / 20 m.
• 802.11n – per stream• (4 streams max)
• 20 MHz band– 7.2, 14.4 … 72.2 Mbps
• 40 MHz band– 15, 30 … 150 Mbps
• “Twice the distance of 802.11g”
• Typical configurations 2 transmit / receive streams
• Can transmit on 2.4 or 5 GHz
![Page 7: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/7.jpg)
cs490ns - cotter 7
WLAN Components
• Each network device must have a wireless network interface card installed
• Wireless NICs are available in a variety of formats:– Type II PC card – Mini PCI– CompactFlash (CF) card – USB device– USB stick
![Page 8: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/8.jpg)
cs490ns - cotter 8
WLAN Components (cont)
• An access point (AP) consists of three major parts:– An antenna and a radio transmitter/receiver to
send and receive signals– An RJ-45 wired network interface that allows it
to connect by cable to a standard wired network
– Special bridging software
![Page 9: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/9.jpg)
cs490ns - cotter 9
Basic WLAN Security
• Two areas: – Basic WLAN security – Enterprise WLAN security
• Basic WLAN security uses two new wireless tools and one tool from the wired world:– Service Set Identifier (SSID) beaconing– MAC address filtering– Wired Equivalent Privacy (WEP)
![Page 10: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/10.jpg)
cs490ns - cotter 10
Service Set Identifier (SSID) Beaconing
• A service set is a technical term used to describe a WLAN network
• Three types of service sets:– Independent Basic Service Set (IBSS)– Basic Service Set (BSS)– Extended Service Set (ESS)
• Each WLAN is given a unique SSID
![Page 11: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/11.jpg)
cs490ns - cotter 11
MAC Address Filtering
• Another way to harden a WLAN is to filter MAC addresses
• The MAC address of approved wireless devices is entered on the AP
• A MAC address can be spoofed• When wireless device and AP first exchange
packets, the MAC address of the wireless device is sent in plaintext, allowing an attacker with a sniffer to see the MAC address of an approved device
![Page 12: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/12.jpg)
cs490ns - cotter 12
MAC Address Filtering
![Page 13: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/13.jpg)
cs490ns - cotter13
Wired Equivalent Privacy (WEP)
• Optional configuration for WLANs that encrypts packets during transmission to prevent attackers from viewing their contents
• Uses shared keys―the same key for encryption and decryption must be installed on the AP, as well as each wireless device
• Keys:– 40 bit (5 byte) key + 24 bit IV = 64 bits– 104 bit (13 byte) key + 24 bit IV = 128 bit
• No data integrity function
![Page 14: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/14.jpg)
WEP - Shared Key Authentication
cs490ns - cotter 14
Client Access Point
Authentication Request
Challenge Text
Encrypt Challenge w/key
Compare
AuthenticationFrame
![Page 15: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/15.jpg)
WEP Encryption
Text CRC Text ICV
ICV = Integrity Check Value
IV = initialization Vector
IVSecret Key
PRNG Keystream
XOR
CiphertextIV
+
=
=
1
2
34
5
![Page 16: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/16.jpg)
WEP Frame layout
IV Data >=1 ICV
encrypted
Inititialization Vector Key ID3 bytes 1 byte
ICV = Integrity check value (CRC)
4 bytes
![Page 17: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/17.jpg)
cs490ns - cotter 17
(WEP) (cont)
![Page 18: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/18.jpg)
WEP Weaknesses
• IV sent as cleartext. Since key never changes, once we know two packets share the same IV, we know their keys are identical– XOR the two ciphertext messages– XOR of plaintext will have same value as XOR of
ciphertext!– We will know some of the transmitted data
• ARP requests• DNS• Etc.
![Page 19: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/19.jpg)
cs490ns - cotter 19
Untrusted Network
• The basic WLAN security of SSID beaconing, MAC address filtering, and WEP encryption is not secure enough for an organization to use
• One approach to securing a WLAN is to treat it as an untrusted and unsecure network
• Requires that the WLAN be placed outside the secure perimeter of the trusted network
![Page 20: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/20.jpg)
cs490ns - cotter 20
Untrusted Network (continued)
![Page 21: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/21.jpg)
cs490ns - cotter 21
Trusted Network
• It is still possible to provide security for a WLAN and treat it as a trusted network
• Wi-Fi Protected Access (WPA) – Developed by WECA in 2002 as interim solution – Intended to be a software upgrade for WEP (use RC4)
• WPA-2 – 802.11 standard• Has two Domains:
– Personal Wireless Security– Enterprise Wireless Security
![Page 22: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/22.jpg)
Personal Wireless SecurityWPA -1
• Authentication – Based on Pre-Shared Key• Encryption – Temporal Key Integrity Protocol
– Mixes IV and Extended IV with secret key– EIV includes sequence counter– Adds 8 byte Message Integrity Check– Uses RC4 as encryption mechanism– Includes ICV for backward compatibility
IV Data >=1 ICV
encrypted
EIV MIC FCSMAC h.
![Page 23: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/23.jpg)
Personal Wireless SecurityWPA -2
• Authentication – Based on Pre-Shared Key• Encryption – AES – CCMP
– Counter mode-CBC MAC Protocol– Mixes IV and Extended IV with secret key– EIV includes sequence counter– Adds Message Integrity Check– Uses AES as encryption mechanism
IV Data >=1
encrypted
EIV MIC FCSMAC h.
![Page 24: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/24.jpg)
cs490ns - cotter 24
Enterprise Wireless Security
• Network supporting the 802.1x protocol consists of three elements:– Supplicant: client device, such as a desktop
computer or personal digital assistant (PDA), which requires secure network access
– Authenticator: serves as an intermediary device between supplicant and authentication server
– Authentication server: receives request from supplicant through authenticator
![Page 25: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/25.jpg)
cs490ns - cotter 25
IEEE 802.1x
![Page 26: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/26.jpg)
Enterprise Authentication
• Extensible Authentication Protocol – Used to pass information from supplicant to
AS
WN AP AS
Security Capabilities Discovery
Authentication
Key management Key Distribution
Data protection
![Page 27: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/27.jpg)
cs490ns - cotter 27
IEEE 802.1x (cont)
• Several variations of EAP can be used with 802.1x:– EAP-Transport Layer Security (EAP-TLS)– Lightweight EAP (LEAP)– EAP-Tunneled TLS (EAP-TTLS)– Protected EAP (PEAP)– Flexible Authentication via Secure Tunneling
(FAST)
![Page 28: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/28.jpg)
Enterprise Wireless Security
• Data Encryption – WPA 1– TKIP
• Data Encryption – WPA 2– AES - CCMP
![Page 29: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/29.jpg)
cs490ns - cotter 29
Wireless Security Summary
• Broadcast nature of Wireless LAN makes communication more vulnerable than wired networks
• Several mechanisms can be used to limit access
• Encryption used to protect data transmission (and access).
![Page 30: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/30.jpg)
cs490ns - cotter 30
References:
• Wireless Security– 802.1x - tldp.org/HOWTO/802.1X-HOWTO– IPSec – tldp.org/IPSec-HOWTO
![Page 31: Wireless Networking. cs490ns - cotter2 Outline Wireless Network Communications –Background –Security Issues –WEP / WPA.](https://reader033.fdocuments.in/reader033/viewer/2022051417/56649e375503460f94b27913/html5/thumbnails/31.jpg)
cs490ns - cotter 31
Summary
• Wireless Network Communications– Background– Security Issues– WEP / WPA