Evolution of Wireless LAN Security Standards - PowerPoint PPT Presentation

johana
evolution of wireless lan security standards l.
Skip this Video
Loading SlideShow in 5 Seconds..
Evolution of Wireless LAN Security Standards PowerPoint Presentation
Download Presentation
Evolution of Wireless LAN Security Standards

play fullscreen
1 / 21
Download Presentation
Evolution of Wireless LAN Security Standards
808 Views
Download Presentation

Evolution of Wireless LAN Security Standards

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Evolution of Wireless LAN Security Standards Bo Li Daniel Menchaca Harold Lee Narendra Kamat

  2. Outline • Why security? • Demo (hopefully answers the above) • Wired Equivalent Privacy and flaws • VPN • 802.1x and design flaws • 802.11i (anticipated) • Conclusions and recommendations

  3. Purposes of network security • Four main purposes: • Secrecy (or confidentiality): Encryption of information • Secrecy of the cryptographic algorithm (restricted algorithm) • The cryptographic algorithm is not a secret, but the key is. • Authentication: Verification of identity of participants • Message integrity: Assurance that message received was not altered • Non-repudiation: Deniable sending of a message not possible

  4. Security… • “Somebody else’s job!” • “But only people with a UT EID can connect to this Wireless LAN” • “Isn’t there some sort of… encryption?”

  5. A Demo • The Cast: • Typical wireless Laptop User (you?) • Typical unskilled hacker (me, for this demo!) • Typical unprotected WLAN (ENS) • Attacking wireless laptop* :promiscuous mode * Courtesy Network Engineering Lab (Prof. Bill Bard)

  6. The Next Step…WEP • Encryption. • Initial idea: Wired Equivalent Privacy (WEP) • An implementation of RC4: a commercial stream-cipher • C = (M+c(M)) XOR RC4(IV,k) • Integrity: • 32-bit integrity check vector (CRC) • Authentication: • Open System (!) • Shared Key (40-bit challenge/response)

  7. Secure? Not quite… • k is 40 (recently, 104 bits), infrequently changed • IV can be seen by everyone • IV space is small (24 bits) • C1 = P1 XOR RC4(IV, k) • C2 = P2 XOR RC4(IV, k) • C1 XOR C2 = P1 XOR P2. • IV changed on per-packet basis. • IV collision: 24-bit IV, exhausted in a few hours.

  8. IEEE 802.1x • Provides an architecture for authenticity methods • Simplicity • Simple transport for EAP messages • Runs over all 802 LANs • Inherits EAP (Extensible Authentication Protocol) architecture • Provides port-based network access control • Network port: An association between a Station and an AP • Provides dynamic key management

  9. 802.1x Set Up

  10. IEEE 802.1x Check List • Improvement over WEP • Authentication • Dynamic key management • MAC access control • 802.1x issue • No encryption specification, vendors may keep WEP

  11. Authentication Server Access Point LAN 802.11 Access Point 802.11 Supplicant Known Design Flaw- MITM Attack • An attacker acts as an AP to supplicant and as client to the AP (authenticator) • Reason: lack of mutual authentication • One way authentication of the supplicant to AP • An attacker can get all network traffic from supplicant to pass through it

  12. Other Known Design Flaws • Session Hijacking • Lack of clear communication between RSN and 802.1x state machines and message authentication • Denial of Service • 802.1x enables per-user session keys, but no keyed message integrity check in 802.11

  13. Solutions • Per-packet authentication • Authentication and integrity of EAP messages • Peer-to-peer authentication • Symmetric authentication • Scalable authentication • Adopt strong encryption algorithms • Luckily, 802.11i modified 802.1x

  14. Upper Layer Authentication (ULA) EAP-TLS, PEAP, EAP-TTLS, LEAP 802.1x authentication TKIP (Temporal Key Integrity Protocol) CCMP (Counter mode CBC-MAC Protocol) Encryption Algorithms IEEE 802.11i • 802.11i proposed architecture • 802.1x • Robust authentication • Key distribution • TKIP (upgrade path) • Fixes WEP issues • Backward compatible • CCMP (Mandatory) • Advanced Encryption Standard (AES) • Privacy, integrity

  15. 802.11i Data Transfer Requirements • Never send or receive unprotected data • Message origin authenticity-prevent forgeries • Sequence packets-detect replays • Protect source and destination addresses • Use one strong cryptographic primitive for both confidentiality and integrity

  16. More 802.11i Features • Pre-authentication and roaming • PEAP and legacy authentication support • Pre-shared key without authentication • Ad hoc networks • Home networks • Password-to-Key mapping • Home networks • Random number generation • High quality pseudo-random number generator is required of cryptographic applications

  17. IEEE 802.11i Checklist • New 802.11i data protocols provide confidentiality, data origin authenticity, replay protection • Fresh key is generated on every session • Key management delivers keys used as authorization tokens, proving channel access in authorized • Architecture ties keys to authentication

  18. Is 802.11i Our Final Solution? • Time will prove it !!

  19. Conclusions • No solution/protocol is completely secure, at least not for long • Hacking techniques improved, standards have to keep pace, and evolve continuously • Lessons from previous standards • Wired solutions implemented in a wireless environment • Partial solution cannot work

  20. Recommendations • Use of strong cryptographic primitives • Tradeoff between speed and security • Hardware support for encryption • Dynamic key management • Mutual authentication • Complexity vs. manageability

  21. Q & A