1 / 13

Wireless security & privacy

Wireless security & privacy. Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005), 23-25 Jan. 2005, pp. 424 – 428 Reporter: Jung-wen Lo ( 駱榮問 ) Date: 2005/7/14. Outline. Introduction

kailey
Download Presentation

Wireless security & privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005), 23-25 Jan. 2005, pp. 424 – 428 Reporter: Jung-wen Lo (駱榮問) Date: 2005/7/14

  2. Outline • Introduction • WEP Format & Working of 64bits RC4 • WEP Encryption & Decryption • Weakness in WEP • Type of Attack • WEP Extensions • Appendix

  3. Introduction • WEP (Wired Equivalent Privacy) • 802.11 optional encryption standard • Implemented in the MAC layer • Relies on RC4 • Provide • User authentication • Data privacy • Data integrity

  4. WEP Format & Working of 64-bit RC4 ※ICV: Integrity check value = CRC32(Plain Text)

  5. WEP Encryption & Decryption

  6. Weakness in WEP (1/2) • Key management & Key size • Key management is not specified in WEP • One single WEP key shared between every node on the network • Key size • 40 bits in standard • Vendors extend up to 104 bits • IV (Initialization Vector) is too small • Size=24 bits  16,777,216 RC4 Cipher streams • If RC4 cipher stream found, attacker can decrypt packets with same IV • IV starts from 0 in incremental order • IV chooses randomly

  7. Weakness in WEP (2/2) • Integrity Check Value (ICV) algorithm is not appropriate • CRC32 is linear function of the message • Attacker can modify an encrypted message & easily fix the ICV • Weak of WEP using RC4 • 9000/16million weak keys • Reveal in 2000 – 4000 packets  Extend WEP key to 104 bits • Authentication messages can be easily forged • 802.11 define two forms authentication • Shared key authentication: Reduce DoS attack • Open system authentication: Give better network security

  8. Type of Attack • Passive attack • Attacker collects two same key stream cipher text packets  Reveal key • Active attack to insert traffic • Attacker knows plaintext & cipher text pair Generate key stream & new cipher text • Active attack from both ends • Attacker predicts both information & destination address Modify address • Table based attack • Attacker builds a table of IVs & corresponding key stream • Dictionary building attack • Allows real time automated decryption of all traffic

  9. WEP Extensions (1/3) • 802.1X • Entities • Supplicant (End user machine) • Authentication server • Grant or deny authentication by help of authenticator • Authenticator server • Compare credentials supplied by supplicant with information in its database • Drawbacks • No authenticity or integrity protection between access point & client

  10. WEP Extensions (2/3) • TKIP (Temporal Key Integrity Protocol) • Components • MIC (Message Integrity Check) • Protect Header & Payload • Packet sequencing • Employ packet sequencing number and synchronization to prevent replay attack • Per packet keying • Keys have fixed lifetime and replaced frequently • Phase 1: Create intermediate key • Phase 2: Encrypt the packet sequence number by intermediate key • Re-keying • Solve the problem of re-using IVs in WEP • Three key types • Temporal keys: 128-bit for encryption and 64-bit for data integrity • Key encryption keys: protect temporal keys • Master keys: secure for communication between client and AP

  11. WEP Extensions (3/3) • 802.11i • AES uses 128-bit temporal key & 48-bit IV in MIC calculation & encryption process • Other alternatives • VPN’s • VPN client associates to an AP the establishes an authenticated encrypted session with VPN server • SSL • Authenticate client & server via public key cryptography

  12. Apendix 1 • TKIP • Part of a draft standard from the IEEE 802.11i working group • RSN (Robust Secure Network) • Part of 802.11i standard • Cipher Suites • Code 1: WEP • Code 2: TKIP • Code 3: WRAP (Wireless Robust Authenticated Protocol) • Code 4: CCMP (Counter mode with Cipher block chaining Message authentication code Protocol) • Code 5: WEP-104

  13. Appendix 2 • WPA (Wi-Fi Protected Access) • 802.1x + TKIP • EAP: Extensible Authentication Protocol

More Related