Wireless security
1 / 23

Wireless Security - PowerPoint PPT Presentation

  • Uploaded on

Wireless Security. Chapter 6 – Wireless Network Security. Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized at the same time, as if the two were holding a conversation

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Wireless Security' - cisco

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Chapter 6 wireless network security
Chapter 6 – Wireless Network Security

Investigators have published numerous reports of birds taking turns vocalizing; the bird spoken to gave its full attention to the speaker and never vocalized at the same time, as if the two were holding a conversation

Researchers and scholars who have studied the data on avian communication carefully write the (a) the communication code of birds such has crows has not been broken by any means; (b) probably all birds have wider vocabularies than anyone realizes; and (c) greater complexity and depth are recognized in avian communication as research progresses.

—The Human Nature of Birds, Theodore Barber

Ieee 802 11
IEEE 802.11

  • IEEE 802 committee for LAN standards

  • IEEE 802.11 formed in 1990’s

    • charter to develop a protocol & transmission specifications for wireless LANs (WLANs)

  • since then demand for WLANs, at different frequencies and data rates, has exploded

  • hence seen ever-expanding list of standards issued

Wi fi alliance
Wi-Fi Alliance

  • 802.11b first broadly accepted standard

  • Wireless Ethernet Compatibility Alliance (WECA) industry consortium formed 1999

    • to assist interoperability of products

    • renamed Wi-Fi (Wireless Fidelity) Alliance

    • created a test suite to certify interoperability

    • initially for 802.11b, later extended to 802.11g

    • concerned with a range of WLANs markets, including enterprise, home, and hot spots

802 11 wireless lan security
802.11 Wireless LAN Security

  • wireless traffic can be monitored by any radio in range, not physically connected

  • original 802.11 spec had security features

    • Wired Equivalent Privacy (WEP) algorithm

    • but found this contained major weaknesses

  • 802.11i task group developed capabilities to address WLAN security issues

    • Wi-Fi Alliance Wi-Fi Protected Access (WPA)

    • final 802.11i Robust Security Network (RSN)

Wep design goals
WEP Design Goals

  • Symmetric key crypto

    • Confidentiality

    • Station authorization

    • Data integrity

  • Self synchronizing: each packet separately encrypted

    • Given encrypted packet and key, can decrypt; can continue to decrypt packets when preceding packet was lost

    • Unlike Cipher Block Chaining (CBC) in block ciphers

  • Efficient

    • Can be implemented in hardware or software

Review symmetric stream ciphers





Review: Symmetric Stream Ciphers

  • Combine each byte of keystream with byte of plaintext to get ciphertext

  • m(i) = ith unit of message

  • ks(i) = ith unit of keystream

  • c(i) = ith unit of ciphertext

  • c(i) = ks(i)  m(i) ( = exclusive or)

  • m(i) = ks(i)  c(i)

  • WEP uses RC4

Stream cipher and packet independence
Stream cipher and packet independence

  • Recall design goal: each packet separately encrypted

  • If for frame n+1, use keystream from where we left off for frame n, then each frame is not separately encrypted

    • Need to know where we left off for packet n

  • WEP approach: initialize keystream with key + new IV for each packet:





Wep encryption 1






MAC payload

WEP encryption (1)

  • Sender calculates Integrity Check Value (ICV) over data

    • four-byte hash/CRC for data integrity

  • Each side has 104-bit shared key

  • Sender creates 24-bit initialization vector (IV), appends to key: gives 128-bit key

  • Sender also appends keyID (in 8-bit field)

  • 128-bit key inputted into pseudo random number generator to get keystream

  • data in frame + ICV is encrypted with RC4:

    • Bytes of keystream are XORed with bytes of data & ICV

    • IV & keyID are appended to encrypted data to create payload

    • Payload inserted into 802.11 frame

Wep encryption 2
WEP encryption (2)

New IV for each frame

Wep decryption overview






MAC payload

WEP decryption overview

  • Receiver extracts IV

  • Inputs IV and shared secret key into pseudo random generator, gets keystream

  • XORs keystream with encrypted data to decrypt data + ICV

  • Verifies integrity of data with ICV

    • Note that message integrity approach used here is different from the MAC (message authentication code) and signatures (using PKI).

End point authentication w nonce

K (R)


End-point authentication w/ nonce

Nonce:number (R) used only once –in-a-lifetime

How:to prove Alice “live”, Bob sends Alice nonce, R. Alice

must return R, encrypted with shared secret key

“I am Alice”


Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice!

Wep authentication


authentication request

nonce (128 bytes)

nonce encrypted shared key

success if decrypted value equals nonce

WEP Authentication

Not all APs do it, even if WEP

is being used. AP indicates

if authentication is necessary

in beacon frame. Done before association.

Breaking 802 11 wep encryption
Breaking 802.11 WEP encryption

security hole:

  • 24-bit IV, one IV per frame, -> IV’s eventually reused

  • IV transmitted in plaintext -> IV reuse detected

  • attack:

    • Trudy causes Alice to encrypt known plaintext d1 d2 d3 d4 …

    • Trudy sees: ci = diXORkiIV

    • Trudy knows cidi, so can compute kiIV

    • Trudy knows encrypting key sequence k1IV k2IV k3IV …

    • Next time IV is used, Trudy can decrypt!

802 11i improved security
802.11i: improved security

  • numerous (stronger) forms of encryption possible

  • provides key distribution

  • uses authentication server separate from access point

802 11i four phases of operation

1 Discovery of

security capabilities





STA, AP use PMK to derive

Temporal Key (TK) used for message

encryption, integrity

802.11i: four phases of operation

AP: access point


client station






STA and AS mutually authenticate, together

generate Master Key (MK). AP servers as “pass through”

STA derives

Pairwise Master

Key (PMK)

AS derives

same PMK,

sends to AP

Eap extensible authentication protocol
EAP: extensible authentication protocol

  • EAP: end-end client (mobile) to authentication server protocol

  • EAP sent over separate “links”

    • mobile-to-AP (EAP over LAN)

    • AP to authentication server (RADIUS over UDP)






EAP over LAN (EAPoL)

IEEE 802.11