evolution of wireless lan security standards l.
Skip this Video
Loading SlideShow in 5 Seconds..
Evolution of Wireless LAN Security Standards PowerPoint Presentation
Download Presentation
Evolution of Wireless LAN Security Standards

Loading in 2 Seconds...

play fullscreen
1 / 21

Evolution of Wireless LAN Security Standards - PowerPoint PPT Presentation

  • Uploaded on

Evolution of Wireless LAN Security Standards Bo Li Daniel Menchaca Harold Lee Narendra Kamat Outline Why security? Demo (hopefully answers the above) Wired Equivalent Privacy and flaws VPN 802.1x and design flaws 802.11i (anticipated) Conclusions and recommendations

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Evolution of Wireless LAN Security Standards' - johana

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
evolution of wireless lan security standards
Evolution of Wireless LAN Security Standards

Bo Li

Daniel Menchaca

Harold Lee

Narendra Kamat

  • Why security?
  • Demo (hopefully answers the above)
  • Wired Equivalent Privacy and flaws
  • VPN
  • 802.1x and design flaws
  • 802.11i (anticipated)
  • Conclusions and recommendations
purposes of network security
Purposes of network security
  • Four main purposes:
    • Secrecy (or confidentiality): Encryption of information
      • Secrecy of the cryptographic algorithm (restricted algorithm)
      • The cryptographic algorithm is not a secret, but the key is.
    • Authentication: Verification of identity of participants
    • Message integrity: Assurance that message received was not altered
    • Non-repudiation: Deniable sending of a message not possible
  • “Somebody else’s job!”
  • “But only people with a UT EID can connect to this Wireless LAN”
  • “Isn’t there some sort of… encryption?”
a demo
A Demo
  • The Cast:
    • Typical wireless Laptop User (you?)
    • Typical unskilled hacker (me, for this demo!)
    • Typical unprotected WLAN (ENS)
    • Attacking wireless laptop* :promiscuous mode

* Courtesy Network Engineering Lab (Prof. Bill Bard)

the next step wep
The Next Step…WEP
  • Encryption.
    • Initial idea: Wired Equivalent Privacy (WEP)
    • An implementation of RC4: a commercial stream-cipher
  • C = (M+c(M)) XOR RC4(IV,k)
  • Integrity:
    • 32-bit integrity check vector (CRC)
  • Authentication:
    • Open System (!)
    • Shared Key (40-bit challenge/response)
secure not quite
Secure? Not quite…
  • k is 40 (recently, 104 bits), infrequently changed
  • IV can be seen by everyone
  • IV space is small (24 bits)
    • C1 = P1 XOR RC4(IV, k)
    • C2 = P2 XOR RC4(IV, k)
    • C1 XOR C2 = P1 XOR P2.
  • IV changed on per-packet basis.
  • IV collision: 24-bit IV, exhausted in a few hours.
ieee 802 1x
IEEE 802.1x
  • Provides an architecture for authenticity methods
    • Simplicity
      • Simple transport for EAP messages
      • Runs over all 802 LANs
    • Inherits EAP (Extensible Authentication Protocol) architecture
  • Provides port-based network access control
    • Network port: An association between a Station and an AP
  • Provides dynamic key management
ieee 802 1x check list
IEEE 802.1x Check List
  • Improvement over WEP
    • Authentication
    • Dynamic key management
    • MAC access control
  • 802.1x issue
    • No encryption specification, vendors may keep WEP
known design flaw mitm attack

Authentication Server

Access Point



Access Point



Known Design Flaw- MITM Attack
  • An attacker acts as an AP to supplicant and as client to the AP (authenticator)
  • Reason: lack of mutual authentication
  • One way authentication of the supplicant to AP
  • An attacker can get all network traffic from supplicant to pass through it
other known design flaws
Other Known Design Flaws
  • Session Hijacking
    • Lack of clear communication between RSN and 802.1x state machines and message authentication
  • Denial of Service
    • 802.1x enables per-user session keys, but no keyed message integrity check in 802.11
  • Per-packet authentication
    • Authentication and integrity of EAP messages
  • Peer-to-peer authentication
    • Symmetric authentication
    • Scalable authentication
  • Adopt strong encryption algorithms
  • Luckily, 802.11i modified 802.1x
ieee 802 11i

Upper Layer Authentication (ULA)


802.1x authentication


(Temporal Key Integrity Protocol)


(Counter mode CBC-MAC Protocol)

Encryption Algorithms

IEEE 802.11i
  • 802.11i proposed architecture
    • 802.1x
      • Robust authentication
      • Key distribution
    • TKIP (upgrade path)
      • Fixes WEP issues
      • Backward compatible
    • CCMP (Mandatory)
      • Advanced Encryption Standard (AES)
      • Privacy, integrity
802 11i data transfer requirements
802.11i Data Transfer Requirements
  • Never send or receive unprotected data
  • Message origin authenticity-prevent forgeries
  • Sequence packets-detect replays
  • Protect source and destination addresses
  • Use one strong cryptographic primitive for both confidentiality and integrity
more 802 11i features
More 802.11i Features
  • Pre-authentication and roaming
  • PEAP and legacy authentication support
  • Pre-shared key without authentication
    • Ad hoc networks
    • Home networks
  • Password-to-Key mapping
    • Home networks
  • Random number generation
    • High quality pseudo-random number generator is required of cryptographic applications
ieee 802 11i checklist
IEEE 802.11i Checklist
  • New 802.11i data protocols provide confidentiality, data origin authenticity, replay protection
  • Fresh key is generated on every session
  • Key management delivers keys used as authorization tokens, proving channel access in authorized
  • Architecture ties keys to authentication
is 802 11i our final solution
Is 802.11i Our Final Solution?
  • Time will prove it !!
  • No solution/protocol is completely secure, at least not for long
  • Hacking techniques improved, standards have to keep pace, and evolve continuously
  • Lessons from previous standards
    • Wired solutions implemented in a wireless environment
    • Partial solution cannot work
  • Use of strong cryptographic primitives
    • Tradeoff between speed and security
    • Hardware support for encryption
  • Dynamic key management
  • Mutual authentication
  • Complexity vs. manageability