802 11 wireless encryption from rc4 to aes
Download
Skip this Video
Download Presentation
802.11 Wireless Encryption: From RC4 to AES

Loading in 2 Seconds...

play fullscreen
1 / 26

802.11 Wireless Encryption: From RC4 to AES - PowerPoint PPT Presentation


  • 374 Views
  • Uploaded on

802.11 Wireless Encryption: From RC4 to AES. Michael Han. Overview: 802.11b. IEEE Infrastructure Description Medium Range for protocols such as Ethernet Not End to End, Node to Node (AP) Link Layer Security -> NIC Card. 802.11b: WEP . Goal: Wired Equivalency Protocol 3 Services

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about '802.11 Wireless Encryption: From RC4 to AES' - Faraday


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
overview 802 11b
Overview: 802.11b
  • IEEE Infrastructure Description
  • Medium Range for protocols such as Ethernet
  • Not End to End, Node to Node (AP)
  • Link Layer Security -> NIC Card
802 11b wep
802.11b: WEP
  • Goal: Wired Equivalency Protocol
  • 3 Services
    • Authentication
    • Confidentiality
    • Integrity

We want to focus on Confidentiality

wep rc4 properties
WEP : RC4 Properties
  • Symmetric key Algorithm
  • Stream Cipher Algorithm
  • 24-bit IV appended to 40-bit key
  • XOR Key stream with plaintext = Encrypted Text
  • Key stream is independent of plaintext
rc4 algorithm
RC4: Algorithm
  • An 8 * 8 S-Box (S0 S255), each of the entries is a permutation of the numbers 0 to 255, and the permutation is a function of the variable length key.
  • function cipher=rcfour(plain, key)

format compact;

szplain = size(plain);

szplain = szplain(2);

szkey = size(key);

szkey = szkey(2);S = [0:255];

i = 0;

j = 0;

for k = 1: szplain

k

i = i + 1

modk = mod(k,szkey) + 1;

Kc = key(modk);

j = mod((S(i) + j + Kc), 256) + 1 t = S(i);

S(i) = S(j); S(j) = t;

Sc = mod((S(i)+S(j)), 256)

Ck = S( Sc )

cipher(k) = bitxor(Ck, plain(k)+0)end

END;

rc4 encryption
RC4: Encryption
  • Integrity checksum- CRC 32
    • c(M) M = Message
  • Plan text: P = (M, c(M)) *P does not depend on key
  • Encryption
    • C =P XOR RC4(v,k)
  • Transmitted Data:
    • [v, C]
insecurity of rc4
Insecurity of RC4
  • Insecurities can be deduced from what we learned in CSCI 556
    • 40-bit key and Shared
    • Pseudorandom- IV based
    • Key stream reuse
    • XOR based
    • Weak Keys
  • System Level: WEP is optional!
overview 802 11i
Overview: 802.11i
  • Goal: Address 802.11b security flaws
  • Obstacle: 802.11b widely deployed
    • Temporal Key Integrity Protocol (TKIP)
  • Cipher Counter with Cipher Block Chaining Message Authentication Protocol (CCMP)
    • AES in counter mode
802 11i ccmp
802.11i: CCMP
  • Authentication
    • CBC-MAC = 8 octets
    • Nonce size = 48 bits
    • AAD
  • Confidentiality
    • Default: 128-bit key
    • Block size = 128 bits
    • Encryption Algorithm = AES
      • Requires coprocessor to operate
ccmp aes
CCMP: AES
  • NIST Standard based of Rijndael
    • AES is NOT Rijndael
  • Variable Fixed Block Size = 128 bits
    • Rijndael has variable block size
  • Key Size = {128, 192, 256}
    • 128 for Secret ; 256 for Top Secret
    • No Known Weak keys
    • IV =48-bit for replay detection
  • Operates on State
    • 4 x 4 array of bytes
aes key expansion
AES: Key Expansion
  • Uses Cipher Key K to generate key Schedule
  • Sub-Key is 4-bytes applied to Round Key
  • Generates Nb(Nr+1) words
    • Based on encryption pre-requisites
    • Initial Nb words, Nr rounds require Nb words of key data
aes stages
AES: Stages
  • SubBytes
    • Array updated with 8-bit S-box
  • Shift Rows
    • Cyclically shirts bytes rows by offset
  • Mix Columns
    • 4 bytes of each column are combined using invertible linear transformation
  • Add Round Key
    • Sub key is combined with state

*Final round omits Mix Columns Stage

http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf

energy analysis
Energy Analysis
  • Security is not the only factor
  • Wireless connection does not mean connected devices
  • Locale of security is NIC card
  • AES vs. RC4
    • AES uses less energy for smaller packets
    • RC4 uses less energy for larger packets
wireless security
Wireless Security?
  • 802.11i address 802.11b flaws
  • Is 802.11i secure?
  • Current deployment of 802.11i
references
References
  • Nikita Borisov, Ian Goldberg, and David Wagner. Intercepting mobile communications: The insecurity of 802.11. In Proceedings of MOBICOM 2001, 2001.
  • J. R. Walker. Unsafe at any key size; an analysis of the WEP encapsulation. IEEE Document 802.11-00/362, Oct. 2000.
  • Sultan Weatherspoon. Overview of IEEE 802.11b Security. Whitepaper, Network Communications Group, Intel Corporation\
  • Scott Fluhrer, Itsik Mantin, Adi Shamir. Weakness in Key Scheduling Algorithm for RC4. White Paper
  • Nikita Borisov, Ian Goldberg, and David Wagner. Security of WEP Algorithm. http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
  • Cherita Corbett. Security for 802.11 Wireless Networks. Dept of Electrical and Computer Engineering, Georgia Institute of Technology.
  • Brandon Brown. 802.11: The Security Differences between b and i. IEEE 2003
  • William Burr: Selecting the Advanced Encryption Standard. IEEE Security & Privacy 2003.
  • http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
  • P. Prasithasanagre , P. Krishnamurthy. Analysis of Energy Consumption of RC4 and AES Algorithms in Wireless LANS. IEEE GLOBECOM 2003.
ad