802 11 wireless encryption from rc4 to aes
Download
1 / 26

802.11 Wireless Encryption: From RC4 to AES - PowerPoint PPT Presentation


  • 374 Views
  • Uploaded on

802.11 Wireless Encryption: From RC4 to AES. Michael Han. Overview: 802.11b. IEEE Infrastructure Description Medium Range for protocols such as Ethernet Not End to End, Node to Node (AP) Link Layer Security -> NIC Card. 802.11b: WEP . Goal: Wired Equivalency Protocol 3 Services

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about '802.11 Wireless Encryption: From RC4 to AES' - Faraday


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
802 11 wireless encryption from rc4 to aes l.jpg

802.11 Wireless Encryption:From RC4 to AES

Michael Han


Overview 802 11b l.jpg
Overview: 802.11b

  • IEEE Infrastructure Description

  • Medium Range for protocols such as Ethernet

  • Not End to End, Node to Node (AP)

  • Link Layer Security -> NIC Card


802 11b wep l.jpg
802.11b: WEP

  • Goal: Wired Equivalency Protocol

  • 3 Services

    • Authentication

    • Confidentiality

    • Integrity

      We want to focus on Confidentiality


Wep rc4 properties l.jpg
WEP : RC4 Properties

  • Symmetric key Algorithm

  • Stream Cipher Algorithm

  • 24-bit IV appended to 40-bit key

  • XOR Key stream with plaintext = Encrypted Text

  • Key stream is independent of plaintext


Rc4 algorithm l.jpg
RC4: Algorithm

  • An 8 * 8 S-Box (S0 S255), each of the entries is a permutation of the numbers 0 to 255, and the permutation is a function of the variable length key.

  • function cipher=rcfour(plain, key)

    format compact;

    szplain = size(plain);

    szplain = szplain(2);

    szkey = size(key);

    szkey = szkey(2);S = [0:255];

    i = 0;

    j = 0;

    for k = 1: szplain

    k

    i = i + 1

    modk = mod(k,szkey) + 1;

    Kc = key(modk);

    j = mod((S(i) + j + Kc), 256) + 1 t = S(i);

    S(i) = S(j); S(j) = t;

    Sc = mod((S(i)+S(j)), 256)

    Ck = S( Sc )

    cipher(k) = bitxor(Ck, plain(k)+0)end

    END;


Rc4 encryption l.jpg
RC4: Encryption

  • Integrity checksum- CRC 32

    • c(M) M = Message

  • Plan text: P = (M, c(M)) *P does not depend on key

  • Encryption

    • C =P XOR RC4(v,k)

  • Transmitted Data:

    • [v, C]



Rc4 encryption decryption view l.jpg
RC4: Encryption/Decryption View



Insecurity of rc4 l.jpg
Insecurity of RC4

  • Insecurities can be deduced from what we learned in CSCI 556

    • 40-bit key and Shared

    • Pseudorandom- IV based

    • Key stream reuse

    • XOR based

    • Weak Keys

  • System Level: WEP is optional!


Overview 802 11i l.jpg
Overview: 802.11i

  • Goal: Address 802.11b security flaws

  • Obstacle: 802.11b widely deployed

    • Temporal Key Integrity Protocol (TKIP)

  • Cipher Counter with Cipher Block Chaining Message Authentication Protocol (CCMP)

    • AES in counter mode


802 11i ccmp l.jpg
802.11i: CCMP

  • Authentication

    • CBC-MAC = 8 octets

    • Nonce size = 48 bits

    • AAD

  • Confidentiality

    • Default: 128-bit key

    • Block size = 128 bits

    • Encryption Algorithm = AES

      • Requires coprocessor to operate


Ccmp aes l.jpg
CCMP: AES

  • NIST Standard based of Rijndael

    • AES is NOT Rijndael

  • Variable Fixed Block Size = 128 bits

    • Rijndael has variable block size

  • Key Size = {128, 192, 256}

    • 128 for Secret ; 256 for Top Secret

    • No Known Weak keys

    • IV =48-bit for replay detection

  • Operates on State

    • 4 x 4 array of bytes




Aes key expansion l.jpg
AES: Key Expansion

  • Uses Cipher Key K to generate key Schedule

  • Sub-Key is 4-bytes applied to Round Key

  • Generates Nb(Nr+1) words

    • Based on encryption pre-requisites

    • Initial Nb words, Nr rounds require Nb words of key data



Aes stages l.jpg
AES: Stages

  • SubBytes

    • Array updated with 8-bit S-box

  • Shift Rows

    • Cyclically shirts bytes rows by offset

  • Mix Columns

    • 4 bytes of each column are combined using invertible linear transformation

  • Add Round Key

    • Sub key is combined with state

      *Final round omits Mix Columns Stage

      http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf




Energy analysis l.jpg
Energy Analysis

  • Security is not the only factor

  • Wireless connection does not mean connected devices

  • Locale of security is NIC card

  • AES vs. RC4

    • AES uses less energy for smaller packets

    • RC4 uses less energy for larger packets





Wireless security l.jpg
Wireless Security?

  • 802.11i address 802.11b flaws

  • Is 802.11i secure?

  • Current deployment of 802.11i


References l.jpg
References

  • Nikita Borisov, Ian Goldberg, and David Wagner. Intercepting mobile communications: The insecurity of 802.11. In Proceedings of MOBICOM 2001, 2001.

  • J. R. Walker. Unsafe at any key size; an analysis of the WEP encapsulation. IEEE Document 802.11-00/362, Oct. 2000.

  • Sultan Weatherspoon. Overview of IEEE 802.11b Security. Whitepaper, Network Communications Group, Intel Corporation\

  • Scott Fluhrer, Itsik Mantin, Adi Shamir. Weakness in Key Scheduling Algorithm for RC4. White Paper

  • Nikita Borisov, Ian Goldberg, and David Wagner. Security of WEP Algorithm. http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html

  • Cherita Corbett. Security for 802.11 Wireless Networks. Dept of Electrical and Computer Engineering, Georgia Institute of Technology.

  • Brandon Brown. 802.11: The Security Differences between b and i. IEEE 2003

  • William Burr: Selecting the Advanced Encryption Standard. IEEE Security & Privacy 2003.

  • http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

  • P. Prasithasanagre , P. Krishnamurthy. Analysis of Energy Consumption of RC4 and AES Algorithms in Wireless LANS. IEEE GLOBECOM 2003.


ad