Ieee 802 11
Download
1 / 27

IEEE 802.11 - PowerPoint PPT Presentation


  • 82 Views
  • Uploaded on

IEEE 802.11. Wireless Local Area Networks (WLAN’s). Two modes of operation:. 1. Ad-Hoc Mode The clients communicate directly with each other. No mediation is needed. 2. Infrastructure Mode Clients and stations. Stations – Computers with NIC (Network Interface Cards) and Access Points (APs).

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'IEEE 802.11' - oya


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Ieee 802 11

IEEE 802.11

Wireless Local Area Networks(WLAN’s)


Two modes of operation
Two modes of operation:

1. Ad-Hoc Mode

The clients communicate directly with each other. No mediation is needed.

2. Infrastructure Mode

Clients and stations.

Stations – Computers with NIC (Network Interface Cards) and Access Points (APs)


Communication with aps
Communication With APs

3 stages:

1. Unauthenticated and Unassociated.

2. Authenticated and Unassociated.

3. Authenticated and Associated.


Wireless Protocols

IEEE 802.11

  • WEP for security

  • Challenge/Response with symmetric key for authentication

  • IEEE 802.1X

  • WEP for security

  • EAP for authentication


Wep wired equivalent privacy
WEP- Wired Equivalent Privacy

  • Link layer security protocol.

  • Secures IEEE 802.11 communications.

  • Based upon RC4 stream cipher encryption system, with symmetric key.


Wep protocol

IV clear

Encrypted text

WEP protocol

40 bits

64 bits

RC4

Shared

Secret key

Original

text

24bits

IV

Initialization vector

IV used

IV clear

Encrypted text

CRC32

IV used

IV

Initialization vector

40 bits

64 bits

Shared Secret key

Original text

CRC

RC4


Security problems in wep
Security problems in WEP

  • During the years, a lot of security problems have been discovered in WEP.

  • We will discuss the most important of those problems, which is known as the “IV Collisions” problem.


Iv collisions
IV Collisions

  • Every once in a while, an IV gets reused.

  • C1 = P1  RC4(v,k)

  • C2 = P2  RC4(v,k)


Iv collisions 2
IV Collisions (2)

We get the following equation: C1C2 = (P1RC4(v,k))(P2RC4(v,k))

XOR is associative, and therefore:

C1  C2 = P1  P2


Wep security is better than no security at all but not by much

The Bottom line

WEP security is better than no security at all, but not by much


The problem
The Problem

EAP assumes a secured connection to work with


Problems over an unsecured connection
Problems over an unsecured connection

  • Snooping the user ID

  • Forging / changing EAP packets

  • Denial of service

  • Offline dictionary attack

  • Man-in-the-middle

  • Authentication method downgrading attack

  • Breaking a weak key


Man in the middle

B

E

A

MD5 EAP Request <R>

MD5 EAP Request <R>

H(ID || KEY || R)

EAP Failure

H(ID || KEY || R)

EAP Success

Man-in-the-middle


Possible solutions
Possible Solutions

  • Mutual authentication

  • Cryptographic connection between authentication methods

  • Using a limited number of unsecured authentication methods

  • Preferring one strong method over a large number of weak ones.


Possible solutions 2
Possible Solutions (2)

  • Using authentication method that derives a symmetric key, prevents replay attack and promises message integrity

  • The authentication method should be safe against dictionary attack


One method has all the

above advantages:

TLS


Quick summary of tls

Application

Handshake protocol

Alert

CCS

Record Protocol

TCP

Quick summary of TLS


Quick summary of tls 2

TCP three-way handshake

Client Hello

<Client Random, Proposed algorithms>

Server Hello

<Server random, Selected algorithm>

CA Certificate

Server done

Client Key Exchange

Enc (Pub(s),<Pre-Master secret>)

Quick summary of TLS (2)

Server

Client

Both sides perform a known calculation to derive the Master Key


Quick summary of tls 3

CCS (ID)

FIN

MAC authentication of all former messages

CCS (ID)

FIN

MAC authentication of all former messages

Data transfer (encrypted by the Master Key)

Quick summary of TLS (3)

Server

Client


Eap tls

Code

Length

Identifier

TLS message length

Type

Flags

TLS message length

TLS Data

EAP - TLS


Eap tls 2

EAP Request

<Identity>

EAP Response

<Identity (MyID)>

EAP Request, type = EAP-TLS

<TLS Start>

EAP Response, type = EAP-TLS

<TLS Client Hello>

EAP Request, type = EAP-TLS

<TLS Server Hello, TLS Certificate, TLS Certificate Request, TLS Server Done>

EAP –TLS (2)

Authenticator

Peer


Eap tls 3

EAP Response, type = EAP-TLS

<TLS Certificate, TLS Client Key Exchange, TLS CCS, Certificate verify, TLS FIN>

EAP Request, type = EAP-TLS

<TLS CCS, TLS FIN>

EAP Response, type = EAP-TLS

EAP Success / EAP Failure

EAP-TLS (3)

Authenticator

Peer


Session resumption
Session resumption

  • The SessionID field in the TLS Client Hello Message should be the same as the ID of the session to return to.

  • The authenticator sends EAP request with TLS Server Hello, TLS CCS (using the former session CCS ID), and TLS FIN.

  • The peer sends EAP response with TLS CCS using the same ID, and TLS FIN.

  • The protocol continues as in the standard EAP-TLS.


Session resumption 2
Session resumption (2)

Advantages of session resumption:

  • Quick renewal of connections.

  • Handling roaming in WLAN.


Key derivation
Key Derivation

PRF1 = PRF (Master Secret, "Client EAP Encryption", Random)

PRF2 = PRF ("", "Client EAP Encryption", Random)

PRF1 is 128 bytes long.

PRF2 is 64 bytes long.


Key derivation 2
Key Derivation (2)

32

64

96

128

0

PRF1

Client’s ENC Key

Server’s ENC Key

Client’s Auth Key

Server’s Auth Key

32

64

0

PRF2

Server’s IV

Client’s IV


Fragmentation
Fragmentation

  • The first fragment raises the L, M and S flags. The total TLS message length is also included.

  • All other fragments, except the last, raise the M flag. The identification field in the EAP header increases by 1 with each fragment.

  • Every EAP with a TLS fragment is responded by an EAP packet with no data as an Ack.


ad