aj mancini iv paul schiffgens jack o hara n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Wireless Security PowerPoint Presentation
Download Presentation
Wireless Security

Loading in 2 Seconds...

play fullscreen
1 / 13

Wireless Security - PowerPoint PPT Presentation


  • 172 Views
  • Uploaded on

AJ Mancini IV Paul Schiffgens Jack O’Hara. Wireless Security. WIRELESS SECURITY. Brief history of Wi-Fi Wireless encryption standards WEP/WPA The problem with WEP WPA/WPA2 Recommend use of WPA on home networks. WIRELESS SECURITY. First wireless local area network (WLAN) ALOHAnet

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Wireless Security' - edythe


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
aj mancini iv paul schiffgens jack o hara
AJ Mancini IV

Paul Schiffgens

Jack O’Hara

Wireless Security

wireless security
WIRELESS SECURITY
  • Brief history of Wi-Fi
  • Wireless encryption standards
    • WEP/WPA
  • The problem with WEP
  • WPA/WPA2
  • Recommend use of WPA on home networks
wireless security1
WIRELESS SECURITY
  • First wireless local area network (WLAN)
      • ALOHAnet
      • University of Hawaii – 1970
      • Norman Abramson
      • Seven Computers, Four Islands
  • More publications to IEEE
      • ~ 1980
      • Including infrared and CDMA
wireless security2
WIRELESS SECURITY
  • 802.11 Committee
    • Institute of Electrical and Electronic Engineers (IEEE)
    • IEEE 802.11-1997 – First Industry Standard
    • Followed by 802.11a/b/g
wireless security3
WIRELESS SECURITY
  • WEP
    • Wired Equivalent Privacy
    • Part of original 802.11 standard
    • Deprecated in 2004
    • Still included in standard
wireless security4
WIRELESS SECURITY
  • Problems with WEP
    • 40-bit or 104-bit key with 24-bit Initialization Vector (IV)
      • Government restriction on cryptography
    • WEP uses an RC4 stream cipher
      • Paramount that the same IV never be used twice
      • Problem: 50% chance that an IV will repeat after 5000 packets
wireless security5
WIRELESS SECURITY
  • Published attacks on WEP encryption
    • Scott Fluhrer, Itsik Mantin, Adi Shamir published crpytanalysis of RC4
    • aircrack-ng – crack any WEP key in minutes, regardless of size or complexity
wireless security6
WIRELESS SECURITY
  • Published attacks on WEP encryption
    • 2005 – FBI demonstration
    • Andreas Klein expands on previous work, exposing more weaknesses in the RC4 cipher.
wireless security7
WIRELESS SECURITY
  • Published attacks on WEP encryption
    • Erik Tews, Andrei Pychkine, Ralf-Philipp Weinmann extend Klein’s work and apply RC4 weaknesses to WEP key recovery , develop new attack
    • 104-bit key
      • 40,000 packets – 50% recovery
      • 60,000 packets – 80% recovery
      • 85,000 packets – 95% recovery
    • Using packet injection, 40k packets can be generated in under 1 minute
wireless security8
WIRELESS SECURITY
  • Problems with WEP identified
    • WEP deprecated in 2004
    • 802.11i – Standard introduced Wi-Fi Protected Access (WPA)
    • Problem:
      • WEP is still included for compatibility with older equipment, is often the default form of security on consumer-level wireless equipment
      • Further problem: most equipment comes without any form of security enabled by default
wireless security9
WIRELESS SECURITY
  • WPA2
    • Can utilize Advanced Encryption Standard (AES) encryption
      • Government-qualified for Top Secret
    • Cipher has no known vulnerabilities
      • Only successful exploits are cross-channel attacks
        • Attacks made against implementation, not cipher
    • Disadvantage – requires hardware support
wireless security10
WIRELESS SECURITY
  • Recap
    • WEP 64/128 – 24 bit IV + 40/104 bit key
      • IVs must be unique – vulnerability
      • 5000 IVs before repeat
    • WPA2 w/ AES
      • Top Secret-grade encryption
      • No vulnerabilities in the cipher
      • Authenticated and Encrypted
wireless security11
WIRELESS SECURITY
  • Recommend immediate adoption of WPA2 over WEP, unsecured networks