Wireless Network SecurityBy Patrick Yount and CIS 4360 Fall 2009
What is a Wireless Network? A group of connected devices that communicate through the air by means of electromagnetic waves, such as radio waves.
Types of Wireless Networks • WPAN’s dynamically connect devices within a relatively small area; maintain random network configurations. i.e. Bluetooth, ad-hoc networks • WLAN’s connect devices over a more broad area, known as a cell. Can be found in our homes, libraries, and coffee shops. i.e. Wi-Fi, laser bridges
Types of Wireless Networks • WMAN’s are the connection of multiple WLAN’s and may span an entire city or college campus. i.e. WiMAX • Mobile device networks which are used by our cell phones. i.e. GSM (2G), 3G cellular networks
Laptops Cellular phones Headphones Keyboards Printers Speakers Global Positioning Systems (GPS) Laser Bridges Emergency Services Robotics Biotechnology Nanotechnology Radio Frequency Identification (RFID) transponders Wireless Applications The possibilities are endless!
By means of a simple integrated circuit and an antenna, RFID tags can quickly and reliably identify nearly anything when scanned with an RFID reader. What is RFID?
Three types: Passive does not have a power supply. Active has a power supply that powers the transmission. Semi-passive has a power supply that powers the chip, but not the transmission. Radio Frequency Identification
We must understand and adequately address the inherent security risks involved with wireless networking. Physical theft Be aware of your surroundings. Secure your devices when they are not in use. Wireless medium Our Responsibility
Types of unauthorized access : • -Accidental association • -Malicious association • -Ad-hoc networks • -Non-traditional networks
-Identity theft (MAC spoofing) -Man-in-the-middle attacks - Denial of service -Network injection - Café Latte attack Types of unauthorized access :
All wireless LAN devices need to be secured All users of the wireless network need to be educated in wireless network security All wireless networks need to be actively monitored for weaknesses and breaches Counteracting security risks
There are some very good cryptographic tools that can be used to protect digital resources. • Many of these tools have proven security • The problem is usually bad implementations • The best cryptographic security is point-to-pointsecurity(such as VPN) The source & destination • are mutually authenticated (with public key cryptography) • exchange privately a fresh secret key (with public key cryptography) • use symmetric key encryption scheme to encrypt exchanged data (with symmetric key cryptography
Point-to-point security • Authentication usually involves certificates (a trusted third party certifies the public key of the entities) and a cryptographic handshake. • WIMAX uses the Extensible Authentication Protocol for this purpose. • For encryption it uses block ciphers such as DES3 or AES • This offers protection at the protocol layer • There are still problems at the physical layer, such as jamming attacks (Denial-of-Service), or flooding attacks • Security vs. functionality tradeoff • Rule of thumb: the more security the less functionality …