Chapter 24 Wireless Network Security

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Chapter 24 Wireless Network Security"

Transcription

1 Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically involves broadcast communications, which is far more susceptible to eavesdropping and jamming than wired networks Wireless networks are also more vulnerable to active attacks that exploit vulnerabilities in communications protocols o Mobility Wireless devices are far more portable and mobile, thus resulting in a number of risks o Resources Some wireless devices, such as smartphones and tablets, have sophisticated operating systems but limited memory and processing resources with which to counter threats, including denial of service and malware o Accessibility Some wireless devices, such as sensors and robots, may be left unattended in remote and/or hostile locations, thus greatly increasing their vulnerability to physical attacks 1

2 Endpoint Access point Figure 24.1 Wireless Networking Components Wireless Network Threats Accidental association Malicious association Ad hoc networks Nontraditional networks Identity theft (MAC spoofing) Man-in-the middle attacks Denial of service (DoS) Network injection Securing Wireless Transmissions Principal threats are eavesdropping, altering or inserting messages, and disruption Countermeasures for eavesdropping: o Signal-hiding techniques o Encryption The use of encryption and authentication protocols is the standard method of countering attempts to alter or insert transmissions 2

3 Securing Wireless Networks The main threat involving wireless access points is unauthorized access to the network Principal approach for preventing such access is the IEEE 802.1X standard for port-based network access control o The standard provides an authentication mechanism for devices wishing to attach to a LAN or wireless network Use of 802.1X can prevent rogue access points and other unauthorized devices from becoming insecure backdoors Wireless Network Security Techniques Use encryption Allow only specific computers to access your wireless network Use anti-virus and anti-spyware software and a firewall Change your router s pre-set password for administration Turn off identifier broadcasting Change the identifier on your router from the default Mobile Device Security An organization s networks must accommodate: o Growing use of new devices Significant growth in employee s use of mobile devices o Cloud-based applications Applications no longer run solely on physical servers in corporate data centers o De-perimeterization There are a multitude of network perimeters around devices, applications, users, and data o External business requirements The enterprise must also provide guests, third-party contractors, and business partners network access using various devices from a multitude of locations 3

4 Security Threats Lack of physical security controls Use of untrusted networks Use of untrusted mobile devices Use of applications created by unknown parties Interaction with other systems Use of untrusted content Use of location services Mobile device is configured with security mechanisms and parameters to conform to organization security policy Traffic is encrypted; uses SSL or IPsec VPN tunnel Application/ database server Mobile device configuration server Authentication/ access control server Firewall Firewall limtts scope of data and application access Authentication and access control protocols used to verify device and user and establish limits on access Figure 24.2 Mobile Device Security Elements 4

5 Wireless Fidelity (Wi-Fi) Alliance b o First standard to gain broad industry acceptance Wireless Ethernet Compatibility Alliance (WECA) o Industry consortium formed in 1999 to address the concern of products from different vendors successfully interoperating o Later renamed the Wi-Fi Alliance Term used for certified b products is Wi-Fi o Has been extended to g products Wi-Fi Protected Access (WPA) o Wi-Fi Alliance certification procedures for IEEE security standards o WPA2 incorporates all of the features of the IEEE802.11i WLAN security specification General IEEE 802 functions Specific IEEE functions Logical Link Control Flow control Error control Medium Access Control Physical Assemble data into frame Addressing Error detection Medium access Encoding/decoding of signals Bit transmission/ reception Transmission medium Reliable data delivery Wireless access control protocols Frequency band definition Wireless signal encoding Figure 24.3 IEEE Protocol Stack MAC Control Destination MAC Address Source MAC Address MAC Service Data Unit (MSDU) CRC MAC header MAC trailer Figure 24.4 General IEEE 802 MPDU Format 5

6 Distribution System AP 2 AP 1 Basic Service Set (BSS) STA 1 Basic Service Set (BSS) STA 8 STA 2 STA4 STA 6 STA 7 STA 3 Figure 24.5 IEEE Extended Service Set Distribution of Messages Within a DS The two services involved with the distribution of messages within a DS are: o Distribution o Integration Distribution The primary service used by stations to exchange MPDUs when the MPDUs must traverse the DS to get from a station in one BSS to a station in another BSS Integration Enables transfer of data between a station on an IEEE LAN and a station on an integrated IEEE 802x LAN Service enables transfer of data between a station on an IEEE LAN and a station on an integrated IEEE 802.x LAN 6

7 Association-Related Services Transition types, based on mobility: o No transition A station of this type is either stationary or moves only within the direct communication range of the communicating stations of a single BSS o BSS transition Station movement from one BSS to another BSS within the same ESS; delivery of data to the station requires that the addressing capability be able to recognize the new location of the station o ESS transition Station movement from a BSS in one ESS to a BSS within another ESS; maintenance of upper-layer connections supported by cannot be guaranteed Services Association Establishes an initial association between a station and an AP Reassociation Enables an established association to be transferred from one AP to another, allowing a mobile station to move from one BSS to another Disassociation A notification from either a station or an AP that an existing association is terminated Wireless LAN Security Wired Equivalent Privacy (WEP) algorithm o privacy Wi-Fi Protected Access (WPA) o Set of security mechanisms that eliminates most security issues and was based on the current state of the i standard Robust Security Network (RSN) o Final form of the i standard Wi-Fi Alliance certifies vendors in compliance with the full i specification under the WPA2 program 7

8 Robust Security Network (RSN) Services Access Control Authentication and Key Generation Confidentiality, Data Origin Authentication and Integrity and Replay Protection Protocols IEEE Port-based Access Control Extensible Authentication Protocol (EAP) TKIP CCMP (a) Services and Protocols Robust Security Network (RSN) Services Confidentiality Integrity and Data Origin Authentication Key Generation Algorithms TKIP (RC4) NIST Key Wrap CCM (AES- CTR) CCM TKIP HMAC- HMAC- (AES- (Michael SHA-1 MD5 CBC- MIC) MAC) HMAC- RFC SHA (b) Cryptographic Algorithms CBC-MAC = Cipher Block Block Chaining Message Authentication Code (MAC) CCM Counter Mode with Cipher Block Chaining Message Authentication Code CCMP Counter Mode with Cipher Block Chaining MAC Protocol TKIP = Temporal Key Integrity Protocol Figure 24.6 Elements of IEEE i STA AP AS End Station Phase 1 - Discovery Phase 2 - Authentication Phase 3 - Key Management Phase 4 - Protected Data Transfer Phase 5 - Connection Termination Figure 24.7 IEEE i Phases of Operation STA AP AS Station sends a request Probe request to join network AP sends possible Probe response security parameter (security capabilties set Open system per the security policy) Station sends a authentication request request to perform null authentication Open system authentication response AP performs null authentication Station sends a request to Association request associate with AP with security parameters Association response AP sends the associated security parameters Station sets selected security parameters 802.1X controlled port blocked 802.1x EAP request 802.1x EAP response Access request (EAP request) Extensible Authentication Protocol Exchange Accept/EAP-success key material 802.1x EAP success 802.1X controlled port blocked Figure 24.8 IEEE i Phases of Operation: Capability Discovery, Authentication, and Association 8

9 Uncontrolled port Authentication server Access point Station Controlled port Controlled port To other wireless stations on this BSS To DS Figure X Access Control MPDU Exchange Authentication phase consists of three phases: o Connect to AS The STA sends a request to its AP that it has an association with for connection to the AS; the AP acknowledges this request and sends an access request to the AS o EAP exchange Authenticates the STA and AS to each other o Secure key delivery Once authentication is established, the AS generates a master session key and sends it to the STA Out-of-band path EAP method path PSK AAAK or MSK Pre-shared key AAA key 256 bits User-defined 256 bits EAP cryptoid authentication Legend PMK No modification Pairwise master key Possible truncation 256 bits following EAP authentication PRF (pseudo-random or PSK function) using HMAC-SHA-1 PTK Pairwise transient key 384 bits (CCMP) During 4-way handshake 512 bits (TKIP) KCK KEK TK EAPOL key confirmation key EAPOL key encryption key Temporal key 128 bits 128 bits 128 bits (CCMP) 256 bits (TKIP) These keys are components of the PTK (a) Pairwise key hierarchy GMK (generated by AS) Group master key 256 bits Changes periodically or if compromised GTK Group temporal key 40 bits, 104 bits (WEP) 128 bits (CCMP) 256 bits (TKIP) Changes based on policy (disassociation, deauthentication) (b) Group key hierarchy Figure IEEE i Key Hierarchies 9

10 (Table can be found on page 757 in the textbook.) STA AP AP s 802.1X controlled port blocked Message 2 delivers another nonce to the AP so that it can also generate the PTK. It demonstrates to the AP that the STA is alive, ensures that the PTK is fresh (new) and that there is no man-in-the-middle Message 4 serves as an acknowledgement to Message 3. It serves no cryptographic function. This message also ensures the reliable start of the group key handshake. Message 1 EAPOL-key (Anonce, Unicast) Message 1 delivers a nonce to the STA so that it can generate the PTK. Message 2 EAPOL-key (Snonce, Unicast, MIC) Message 3 EAPOL-key (Install PTK, Unicast, MIC) Message 3 demonstrates to the STA that the authenticator is alive, ensures that the PTK is fresh (new) and that there is no Message 4 man-in-the-middle. EAPOL-key (Unicast, MIC) AP s 802.1X controlled port unblocked for unicast traffic The STA decrypts the GTK and installs it for use. Message 2 is delivered to the AP. This frame serves only as an acknowledgment to the AP. Message 1 EAPOL-key (GTK, MIC) Message 2 EAPOL-key (MIC) Message 1 delivers a new GTK to the STA. The GTK is encrypted before it is sent and the entire message is integrity protected The AP installs the GTK. Figure IEEE i Phases of Operation: Four-Way Handshake and Group Key Handshake Temporal Key Integrity Protocol (TKIP) Designed to require only software changes to devices that are implemented with the older wireless LAN security approach called WEP Provides two services: Message integrity Adds a message integrity code to the MAC frame after the data field Data confidentiality Provided by encrypting the MPDU 10

11 Counter Mode-CBC MAC Protocol (CCMP) Intended for newer IEEE devices that are equipped with the hardware to support this scheme Provides two services: Message integrity Data confidentiality Uses the cipherblock-chaining message authentication code (CBC-MAC) Uses the CTR block cipher mode of operation with AES for encryption A 0 B i + 1 K HMAC-SHA-1 R = HMAC-SHA-1(K, A 0 B i) Figure IEEE i Pseudorandom Function Summary Wireless Security o Wireless network threats o Wireless security measures Mobile device security o Security threats o Mobile device security strategy IEEE wireless LAN overview o The Wi-Fi alliance o IEEE 802 protocol o IEEE network components and architectural model o IEEE services IEEE i wireless LAN security IEEE i services IEEE i phases of operation Discovery phase Authentication phase Key management phase Protected data transfer phase The IEEE i pseudorandom function 11

Chapter 17. Wireless Network Security

Chapter 17. Wireless Network Security Chapter 17 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s, to develop a protocol & transmission specifications for wireless LANs (WLANs) Demand

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Outline Network Security EECE 412 Link & end-to-end protocols SSL/TLS WPA Copyright 2004 Konstantin Beznosov 2 Networks Link and End-to-End Protocols

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content

More information

Chapter - 6 WIRELESS NETWORK SECURITY

Chapter - 6 WIRELESS NETWORK SECURITY Chapter - 6 WIRELESS NETWORK SECURITY Bhargavi H Goswami Assistant Professor Sunshine Group of Institutes Rajkot, Gujarat, India. Mob: 9426669020 Email: bhargavigoswami@gmail.com Topic List 1. IEEE 802.11

More information

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder. Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/

More information

Network Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2012

Network Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2012 Network Security: WLAN Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2012 Outline Wireless LAN technology Threats against WLANs Weak security mechanisms and historical WEP

More information

WPA-GPG: Wireless authentication using GPG Key

WPA-GPG: Wireless authentication using GPG Key Università degli Studi di Bologna DEIS WPA-GPG: Wireless authentication using GPG Key Gabriele Monti December 9, 2009 DEIS Technical Report no. DEIS-LIA-007-09 LIA Series no. 97 WPA-GPG: Wireless authentication

More information

Network Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2014

Network Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2014 Network Security: WLAN Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2014 Outline Wireless LAN technology Threats against WLANs (Weak security mechanisms and historical WEP)

More information

Configuring Layer2 Security

Configuring Layer2 Security Prerequisites for Layer 2 Security, page 1 Configuring Static WEP Keys (CLI), page 2 Configuring Dynamic 802.1X Keys and Authorization (CLI), page 2 Configuring 802.11r BSS Fast Transition, page 3 Configuring

More information

WLAN The Wireless Local Area Network Consortium

WLAN The Wireless Local Area Network Consortium WLAN The Wireless Local Area Network Consortium WPA Station MAC Layer Test Suite Version 2.5 Technical Document Last Updated: February 18, 2013 Wireless LAN Consortium 121 Technology Drive, Suite 2 Durham,

More information

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake.

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake. Five components of WLAN Security 1. Data Privacy 1. Privacy is important because transmission occurs over the air in freely licensed bands. The Data can be sniffed by anyone within range. 2. Eavesdropping

More information

Troubleshooting WLANs (Part 2)

Troubleshooting WLANs (Part 2) SharkFest 17 Europe Troubleshooting WLANs (Part 2) Troubleshooting WLANs using 802.11 Management & Control Frames 8. November 2017 Breaking News: Including KRACK!!! Rolf Leutert Leutert NetServices Switzerland

More information

Appendix E Wireless Networking Basics

Appendix E Wireless Networking Basics Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical

More information

EXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product.

EXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product. CWNP EXAM - PW0-204 Certified Wireless Security Professional (CWSP) Buy Full Product http://www.examskey.com/pw0-204.html Examskey CWNP PW0-204 exam demo product is here for you to test the quality of

More information

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005 Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks

More information

What is Eavedropping?

What is Eavedropping? WLAN Security What is Eavedropping? War Driving War Driving refers to someone driving around with a laptop and an 802.11 client card looking for an 802.11 system to exploit. War Walking Someone walks

More information

Wireless LAN Security. Gabriel Clothier

Wireless LAN Security. Gabriel Clothier Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group

More information

Wireless Networked Systems

Wireless Networked Systems Wireless Networked Systems CS 795/895 - Spring 2013 Lec #5: Medium Access Control High Throughput, Security Tamer Nadeem Dept. of Computer Science High Throughput Networks (802.11n) Slides adapted from

More information

Configuring a WLAN for Static WEP

Configuring a WLAN for Static WEP Restrictions for Configuring Static WEP, page 1 Information About WLAN for Static WEP, page 1 Configuring WPA1+WPA2, page 3 Restrictions for Configuring Static WEP The OEAP 600 series does not support

More information

Csci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802.

Csci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802. WEP Weakness Csci388 Wireless and Mobile Security Access Control:, EAP, and Xiuzhen Cheng cheng@gwu.edu 1. IV is too short and not protected from reuse 2. The per packet key is constructed from the IV,

More information

Cisco Wireless LAN Controller Module

Cisco Wireless LAN Controller Module Cisco Wireless LAN Controller Modules Simple and secure wireless deployment and management for small and medium-sized businesses (SMBs) and enterprise branch offices Product Overview Cisco Wireless LAN

More information

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities Wireless Security Comp Sci 3600 Security Outline 1 2 3 Wired versus wireless Endpoint Access point Figure 24.1 Wireless Networking Components Locations and types of attack Outline 1 2 3 Wired Equivalent

More information

WLAN Roaming and Fast-Secure Roaming on CUWN

WLAN Roaming and Fast-Secure Roaming on CUWN 802.11 WLAN Roaming and Fast-Secure Roaming on CUWN Contents Introduction Prerequisites Requirements Components Used Background Information Roaming with Higher-Level Security WPA/WPA2-PSK WPA/WPA2-EAP

More information

Chapter 1 Describing Regulatory Compliance

Chapter 1 Describing Regulatory Compliance [ 2 ] Chapter 1 Describing Regulatory Compliance Failure to secure a WLAN makes it vulnerable to attack. To properly secure your network, you must be able to identify common threats to wireless and know

More information

FAQ on Cisco Aironet Wireless Security

FAQ on Cisco Aironet Wireless Security FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most

More information

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE

More information

Wireless Security K. Raghunandan and Geoff Smith. Technology September 21, 2013

Wireless Security K. Raghunandan and Geoff Smith. Technology September 21, 2013 Wireless Security K. Raghunandan and Geoff Smith Stevens Institute t of Technology September 21, 2013 Topics Cyber Security hacking community Familiarity with IP networks What is the security yprocess

More information

ECHONET Lite SPECIFICATION. ECHONET Lite System Design Guidelines 2011 (2012) ECHONET CONSORTIUM ALL RIGHTS RESERVED

ECHONET Lite SPECIFICATION. ECHONET Lite System Design Guidelines 2011 (2012) ECHONET CONSORTIUM ALL RIGHTS RESERVED Part V ECHONET Lite System Design Guidelines i 2011 (2012) ALL RIGHTS RESERVED The specifications published by the ECHONET Consortium are established without regard to industrial property rights (e.g.,

More information

Fast and Secure Roaming in WLAN

Fast and Secure Roaming in WLAN Final thesis Fast and Secure Roaming in WLAN Performed for Ericsson AB by Magnus Falk LITH-IDA-EX--04/116--SE 2004-12-22 i Final thesis Fast and Secure Roaming in WLAN by Magnus Falk LiTH-IDA-EX--04/116--SE

More information

Hooray, w Is Ratified... So, What Does it Mean for Your WLAN?

Hooray, w Is Ratified... So, What Does it Mean for Your WLAN? Global Leader in Wireless Security Hooray, 802.11w Is Ratified... So, What Does it Mean for Your WLAN? A Brief Tutorial on IEEE 802.11w Gopinath K N and Hemant Chaskar AirTight Networks www.airtightnetworks.com

More information

Securing a Wireless LAN

Securing a Wireless LAN Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access

More information

The security of existing wireless networks

The security of existing wireless networks Security and Cooperation in Wireless Networks Cellular networks o o GSM UMTS WiFi LANs Bluetooth Security in Wireless Networks Wireless networks are more vulnerable to security issues: Broadcast communications

More information

Frequently Asked Questions WPA2 Vulnerability (KRACK)

Frequently Asked Questions WPA2 Vulnerability (KRACK) Frequently Asked Questions WPA2 Vulnerability (KRACK) Release Date: October 20, 2017 Document version: 1.0 What is the issue? A research paper disclosed serious vulnerabilities in the WPA and WPA2 key

More information

CHAPTER SECURITY IN WIRELESS LOCAL AREA NETWORKS

CHAPTER SECURITY IN WIRELESS LOCAL AREA NETWORKS CHAPTER SECURITY IN WIRELESS LOCAL AREA NETWORKS Mohammad O. Pervaiz, Mihaela Cardei, and Jie Wu Department of Computer Science &Engineering, Florida Atlantic University 777 Glades Road, Boca Raton, Florida

More information

Status of P Sub-Specification

Status of P Sub-Specification Status of P1451.5 802.11 Sub-Specification June 7, 2004 Ryon Coleman Senior Systems Engineer 802.11 Subgroup rcoleman@3eti.com Agenda 1. IEEE 802.11 Architecture 2. Scope within the 1451 Reference Model

More information

LESSON 12: WI FI NETWORKS SECURITY

LESSON 12: WI FI NETWORKS SECURITY LESSON 12: WI FI NETWORKS SECURITY Raúl Siles raul@taddong.com Founder and Security Analyst at Taddong Introduction to Wi Fi Network Security Wireless networks or Wi Fi networks IEEE 802.11 Standards Information

More information

IPSec. Overview. Overview. Levente Buttyán

IPSec. Overview. Overview. Levente Buttyán IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet

More information

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy CCS 2017, 1 October 2017

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy CCS 2017, 1 October 2017 Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 Mathy Vanhoef @vanhoefm CCS 2017, 1 October 2017 Overview Key reinstalls in 4-way handshake Misconceptions Practical impact Lessons learned 2 Overview

More information

A Configuration Protocol for Embedded Devices on Secure Wireless Networks

A Configuration Protocol for Embedded Devices on Secure Wireless Networks A Configuration Protocol for Embedded Devices on Secure Wireless Networks Larry Sanders lsanders@ittc.ku.edu 6 May 2003 Introduction Wi-Fi Alliance Formally Wireless Ethernet Compatibility Alliance (WECA)

More information

802.11r Fast Transition Roaming

802.11r Fast Transition Roaming 802.11r, which is the IEEE standard for fast roaming, introduces a new concept of roaming where the initial handshake with the new AP is done even before the client roams to the target AP, which is called

More information

Securing Wireless LANs with Certificate Services

Securing Wireless LANs with Certificate Services 1 Securing Wireless LANs with Certificate Services PHILIP HUYNH University of Colorado at Colorado Springs Abstract Wireless Local Access Network (WLAN) is used popularly in almost everywhere from the

More information

Security and Authentication for Wireless Networks

Security and Authentication for Wireless Networks University of New Orleans ScholarWorks@UNO University of New Orleans Theses and Dissertations Dissertations and Theses 5-21-2004 Security and Authentication for 802.11 Wireless Networks Michel Getraide

More information

2013 Summer Camp: Wireless LAN Security Exercises JMU Cyber Defense Boot Camp

2013 Summer Camp: Wireless LAN Security Exercises JMU Cyber Defense Boot Camp 2013 Summer Camp: Wireless LAN Security Exercises 2013 JMU Cyber Defense Boot Camp Questions Have you used a wireless local area network before? At home? At work? Have you configured a wireless AP before?

More information

H3C WA Series WLAN Access Points. WLAN Configuration Guide. Hangzhou H3C Technologies Co., Ltd. Document Version: 6W

H3C WA Series WLAN Access Points. WLAN Configuration Guide. Hangzhou H3C Technologies Co., Ltd.  Document Version: 6W H3C WA Series WLAN Access Points WLAN Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 6W100-20100910 Copyright 2010, Hangzhou H3C Technologies Co., Ltd. and

More information

Configuring WEP and WEP Features

Configuring WEP and WEP Features CHAPTER 9 This chapter describes how to configure Wired Equivalent Privacy (WEP), Message Integrity Check (MIC), and Temporal Key Integrity Protocol (TKIP). This chapter contains these sections: Understanding

More information

Wireless KRACK attack client side workaround and detection

Wireless KRACK attack client side workaround and detection Wireless KRACK attack client side workaround and detection Contents Introduction Components used Requirements EAPoL Attack protections Why this works Possible impact How to identify if a client is deleted

More information

COSC4377. Chapter 8 roadmap

COSC4377. Chapter 8 roadmap Lecture 28 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7

More information

The IPsec protocols. Overview

The IPsec protocols. Overview The IPsec protocols -- components and services -- modes of operation -- Security Associations -- Authenticated Header (AH) -- Encapsulated Security Payload () (c) Levente Buttyán (buttyan@crysys.hu) Overview

More information

Numerics I N D E X. 3 DES (triple Data Encryption Standard), 18 4-way handshake, RM, Security.com, 399

Numerics I N D E X. 3 DES (triple Data Encryption Standard), 18 4-way handshake, RM, Security.com, 399 I N D E X Numerics A 3 DES (triple Data Encryption Standard), 18 4-way handshake, 222 802 RM, 61 802.11-Security.com, 399 AAA MAC-based authentication, 116 servers, 6 shared-key authentication, 118 access

More information

WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK

WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK S.DEEPTHI 1 G.MARY SWARNALATHA 2 PAPARAO NALAJALA 3 Assoc. Professor, Dept. of Electronics &Communication Engineering at Institute of Aeronautical Engineering,

More information

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology CSNT 180 Wireless Networking Chapter 7 WLAN Terminology and Technology Norman McEntire norman.mcentire@servin.com Founder, Servin Corporation, http://servin.com Technology Training for Technology Professionals

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Wireless network overview Slide from 2 nd book 1 IT352 Network Security Najwa AlGhamdi IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s charter to

More information

Configuring Management Frame Protection

Configuring Management Frame Protection Information About Management Frame Protection, page 1 Restrictions for Management Frame Protection, page 3 (GUI), page 3 Viewing the Management Frame Protection Settings (GUI), page 3 (CLI), page 4 Viewing

More information

KRACKing WPA2 in Practice Using Key Reinstallation Attacks. Mathy BlueHat IL, 24 January 2018

KRACKing WPA2 in Practice Using Key Reinstallation Attacks. Mathy BlueHat IL, 24 January 2018 KRACKing WPA2 in Practice Using Key Reinstallation Attacks Mathy Vanhoef @vanhoefm BlueHat IL, 24 January 2018 Overview Key reinstalls in 4-way handshake Misconceptions Practical impact Lessons learned

More information

Wireless# Guide to Wireless Communications. Objectives

Wireless# Guide to Wireless Communications. Objectives Wireless# Guide to Wireless Communications Chapter 8 High-Speed WLANs and WLAN Security Objectives Describe how IEEE 802.11a networks function and how they differ from 802.11 networks Outline how 802.11g

More information

THOUGHTS ON TSN SECURITY

THOUGHTS ON TSN SECURITY THOUGHTS ON TSN SECURITY Contributed by Philippe Klein, PhD (philippe@broadcom.com) 1 METWORK SECURITY PROTOCOLS Description Complexity Performance Layer 4..7 Layer 3 Layer 2 SSL / TLS, IPsec MACsec Application

More information

Wireless Networking WiFi Standards 802.11a 5GHz 54MB 802.11b 2.4 GHz 11MB 802.11g 2.4GHz 52MB 802.11n 2.4/5GHz 108MB 802.11b The 802.11b standard has a maximum raw data rate of 11 Mbit/s, and uses

More information

Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE

Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE COURSE TITLE WIRELESS TECHNOLOGY SPECIALIST COURSE DURATION 13 Hours of Interactive Training COURSE OVERVIEW This course will teach you

More information

Cisco Exactexams Questions & Answers

Cisco Exactexams Questions & Answers Cisco Exactexams 642-737 Questions & Answers Number: 642-737 Passing Score: 800 Time Limit: 120 min File Version: 23.4 http://www.gratisexam.com/ Cisco 642-737 Questions & Answers Exam Name: Implementing

More information

802.11r or Fast Transition (FT) for fast secure Roaming

802.11r or Fast Transition (FT) for fast secure Roaming 802.11r or Fast Transition (FT) for fast secure Roaming Karthickeyan Prabanandhan is a Senior Test Engineer (CCNP, CWNP) in Wireless Engineering Team currently preparing for his CCIE Wireless lab. In this

More information

Wireless Networking Basics. Ed Crowley

Wireless Networking Basics. Ed Crowley Wireless Networking Basics Ed Crowley 2014 Today s Topics Wireless Networking Economic drivers and Vulnerabilities IEEE 802.11 Family WLAN Operational Modes Wired Equivalent Privacy (WEP) WPA and WPA2

More information

The RNS (Robust Secure Network) IE must be enabled with an AES Cipher.

The RNS (Robust Secure Network) IE must be enabled with an AES Cipher. Finding Feature Information, page 1 Prerequisites for 802.11w, page 1 Restrictions for 802.11w, page 2 Information About 802.11w, page 2 How to Configure 802.11w, page 3 Disabling 802.11w (CLI), page 5

More information

CHAPTER 11 WIRELESS LAN TECHNOLOGY AND THE IEEE WIRELESS LAN STANDARD

CHAPTER 11 WIRELESS LAN TECHNOLOGY AND THE IEEE WIRELESS LAN STANDARD CHAPTER 11 WIRELESS LAN TECHNOLOGY AND THE IEEE 802.11 WIRELESS LAN STANDARD These slides are made available to faculty in PowerPoint form. Slides can be freely added, modified, and deleted to suit student

More information

Securing Wireless LANs

Securing Wireless LANs Securing Wireless LANs Will Blake Consulting Systems Engineer #clmel Agenda Define terms and approach Enterprise WLANs Threats, Vulnerabilities and Mitigation strategies External threats Detection, Identification

More information

KRACKing WPA2 by Forcing Nonce Reuse. Mathy Nullcon, 2 March 2018

KRACKing WPA2 by Forcing Nonce Reuse. Mathy Nullcon, 2 March 2018 KRACKing WPA2 by Forcing Nonce Reuse Mathy Vanhoef @vanhoefm Nullcon, 2 March 2018 Introduction PhD Defense, July 2016: You recommend WPA2 with AES, but are you sure that s secure? Seems so! No attacks

More information

PRODUCT GUIDE Wireless Intrusion Prevention Systems

PRODUCT GUIDE Wireless Intrusion Prevention Systems PRODUCT GUIDE Wireless Intrusion Prevention Systems The Need for Wireless INTRUSION PREVENTION SYSTEMS A Wireless Intrusion Prevention System (WIPS) is designed to address two classes of challenges facing

More information

Security in Data Link Protocols

Security in Data Link Protocols Security in 802.11 Data Link Protocols Gianluca Dini Dept. of Ingegneria dell Informazione University of Pisa, Italy Via Diotisalvi 2, 56100 Pisa gianluca.dini@ing.unipi.it If you believe that any security

More information

KRACKing WPA2 by Forcing Nonce Reuse. Mathy Chaos Communication Congress (CCC), 27 December 2017

KRACKing WPA2 by Forcing Nonce Reuse. Mathy Chaos Communication Congress (CCC), 27 December 2017 KRACKing WPA2 by Forcing Nonce Reuse Mathy Vanhoef @vanhoefm Chaos Communication Congress (CCC), 27 December 2017 Introduction PhD Defense, July 2016: You recommend WPA2 with AES, but are you sure that

More information

Discovering Logical Vulnerabilities in the Wi-Fi Handshake Using Model-Based Testing

Discovering Logical Vulnerabilities in the Wi-Fi Handshake Using Model-Based Testing Discovering Logical Vulnerabilities in the Wi-Fi Handshake Using Model-Based Testing Mathy Vanhoef imec-distrinet, KU Leuven Domien Schepers imec-distrinet, KU Leuven Frank Piessens imec-distrinet, KU

More information

Configuring Cipher Suites and WEP

Configuring Cipher Suites and WEP 10 CHAPTER This chapter describes how to configure the cipher suites required to use WPA authenticated key management, Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP), and broadcast

More information

Wireless LAN Consortium Wireless WPA AP MAC Test Suite v2.4 Report

Wireless LAN Consortium Wireless WPA AP MAC Test Suite v2.4 Report Wireless LAN Consortium Wireless WPA AP MAC Test Suite v2.4 Report UNH InterOperability Laboratory 121 Technology Drive, Suite 2 Durham, NH 03824 +1-603-862-0090 Joe Vendor Magic Wireless Company 52 OFDM

More information

Securing Wireless Communication Against Dictionary Attacks Without Using PKI

Securing Wireless Communication Against Dictionary Attacks Without Using PKI College of Technology College of Technology Masters Theses Purdue Libraries Year 2010 Securing Wireless Communication Against Dictionary Attacks Without Using PKI Sarath Geethakumar Purdue University -

More information

ISC2. Exam Questions CISSP. Certified Information Systems Security Professional (CISSP) Version:Demo

ISC2. Exam Questions CISSP. Certified Information Systems Security Professional (CISSP) Version:Demo ISC2 Exam Questions CISSP Certified Information Systems Security Professional (CISSP) Version:Demo 1. How can a forensic specialist exclude from examination a large percentage of operating system files

More information

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] s@lm@n Cisco Exam 642-737 Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] Cisco 642-737 : Practice Test Question No : 1 RADIUS is set up with multiple servers

More information

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography Principles of Information Security, Fourth Edition Chapter 8 Cryptography Learning Objectives Upon completion of this material, you should be able to: Chronicle the most significant events and discoveries

More information

FIPS Non-Proprietary Security Policy

FIPS Non-Proprietary Security Policy FIPS 140-2 Non-Proprietary Security Policy for Aruba AP-120 Series Wireless Access Points Version 1.9 April 22, 2011 Aruba Networks 1322 Crossman Ave. Sunnyvale, CA 94089-1113 1 1 INTRODUCTION... 3 1.1

More information

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Procedure: You can find the problem sheet on the Desktop of the lab PCs. University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Advance Networks Laboratory 907529 Lab.3 WLAN Security Objectives 1. Configure administrator accounts.

More information

Configuring WLANs CHAPTER

Configuring WLANs CHAPTER CHAPTER 6 This chapter describes how to configure up to 16 wireless LANs for your Cisco Wireless LAN Solution. This chapter contains these sections: Wireless LAN Overview, page 6-2 Configuring Wireless

More information

ZIGBEE. Erkan Ünal CSE 401 SPECIAL TOPICS IN COMPUTER NETWORKS

ZIGBEE. Erkan Ünal CSE 401 SPECIAL TOPICS IN COMPUTER NETWORKS ZIGBEE Erkan Ünal CSE 401 SPECIAL TOPICS IN COMPUTER NETWORKS OUTLINE ZIGBEE AND APPLICATIONS IEEE 802.15.4 PROTOCOL ZIGBEE PROTOCOL ZIGBEE ALLIANCE ZIGBEE APPLICATIONS PHYSICAL LAYER MAC LAYER ZIGBEE

More information

CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE i): A Comparison with DES and RSA

CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE i): A Comparison with DES and RSA Journal of Computer Science Original Research Paper CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE 802.11i): A Comparison with DES and RSA 1 Velayutham, R. and 2 D. Manimegalai

More information

Wireless LANs. ITS 413 Internet Technologies and Applications

Wireless LANs. ITS 413 Internet Technologies and Applications Wireless LANs ITS 413 Internet Technologies and Applications Aim: Aim and Contents Understand how IEEE 802.11 wireless LANs work Understand what influences the performance of wireless LANs Contents: IEEE

More information

Securing Your Wireless LAN

Securing Your Wireless LAN Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP

More information

Selection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach

Selection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach Selection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach David Gitonga Mwathi * William Okello-Odongo Elisha Opiyo Department of Computer Science and ICT

More information

Functions of physical layer:

Functions of physical layer: Chapter 14 Functions of physical layer: Encoding/decoding of signals Preamble generation/removal (for synchronization) Bit transmission/reception Includes specification of the transmission medium Functions

More information

Security of WiFi networks MARCIN TUNIA

Security of WiFi networks MARCIN TUNIA Security of WiFi networks MARCIN TUNIA Agenda 1. Wireless standards 2. Hidden network and MAC filtering protection bypassing 3. Encryption independent attacks 4. Attacks on WEP 5. Attacks on WPA/WPA2 6.

More information

Cisco Desktop Collaboration Experience DX650 Security Overview

Cisco Desktop Collaboration Experience DX650 Security Overview White Paper Cisco Desktop Collaboration Experience DX650 Security Overview Cisco Desktop Collaboration Experience DX650 Security Overview The Cisco Desktop Collaboration Experience DX650 (Cisco DX650)

More information

Submission for Technical Security Standard and High Level Architecture for Wireless Local Area Network Connectivity

Submission for Technical Security Standard and High Level Architecture for Wireless Local Area Network Connectivity Architecture and Standards Submission for Technical Security Standard and High Level Architecture for Wireless Local Area Network Connectivity November 6, 2008 DRAFT v0.2 ii Secure Wireless Local Area

More information

Advanced Security and Mobile Networks

Advanced Security and Mobile Networks Advanced Security and Mobile Networks W.Buchanan (1) 9. GSM/3G Unit 7: Mobile Networks. Wireless. Security. Mobile IP. Mobile Agents. Spread spectrum. Military/Emergency Networks 8. Ad-hoc 7. Mobile Networks

More information

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov.

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov. Wireless Networks Authors: Marius Popovici Daniel Crişan Zagham Abbas Technical University of Cluj-Napoca Group 3250 Cluj-Napoca, 24 Nov. 2003 Presentation Outline Wireless Technology overview The IEEE

More information

Wireless LAN Endpoint Security Fundamentals

Wireless LAN Endpoint Security Fundamentals Wireless LAN Endpoint Security Fundamentals BRKAGG-2014 1 Session Scope This session is intended to serve as an introduction to Wireless LAN Endpoint Security Fundamentals. The session briefly highlights:

More information

Payment Card Industry Data Security Standard (PCI DSS) Primer Version 1.1

Payment Card Industry Data Security Standard (PCI DSS) Primer Version 1.1 T E C H N O L O G Y W H I T E P A P E R Payment Card Industry Data Security Standard (PCI DSS) Primer Version 1.1 Applying PCI to wireless LANS and compliance requirements Credit card theft is costing

More information

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Wireless Networking 802.11 based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers topics Standards Technical Concepts Implementation Troubleshooting 802.11 timeline source: Anandtech

More information

What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne

What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne Introduction to Wireless Networking and Security Chino Information Technology Center Steve Siedschlag, Associate Professor What is a Wireless LAN? The wireless telegraph is not difficult to understand.

More information

Designing AirPort Extreme n Networks

Designing AirPort Extreme n Networks Designing AirPort Extreme 802.11n Networks 1 Contents Chapter 1 3 Getting Started 5 Configuring the AirPort Extreme Base Station for Internet Access Using AirPort Utility 6 Extending the Range of Your

More information

Wireless Security Security problems in Wireless Networks

Wireless Security Security problems in Wireless Networks Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security

More information

From wired internet to ubiquitous wireless internet

From wired internet to ubiquitous wireless internet WlanSmartcard.org Technical Committee Wireless LAN A primer guide. Paris, February 5 th Pascal.Urien@enst.fr From wired internet to ubiquitous wireless internet 1 Classical intranet. Network access is

More information

WPA SECURITY (Wi-Fi Protected Access) Presentation. Douglas Cheathem (csc Spring 2007)

WPA SECURITY (Wi-Fi Protected Access) Presentation. Douglas Cheathem (csc Spring 2007) WPA SECURITY (Wi-Fi Protected Access) Presentation By Douglas Cheathem (csc 650.01 Spring 2007) OUTLINE Introduction Security Risk Vulnerabilities Prevention Conclusion Live Demo Q & A INTRODUCTION! WPA

More information

1. INTRODUCTION. Wi-Fi 1

1. INTRODUCTION. Wi-Fi 1 Wi-Fi 1 1. INTRODUCTION Wi-Fi, or Wireless Fidelity, is freedom: it allows you to connect to the Internet from your home, a bed in a hotel room or at a conference room at work without wires. How? Wi-Fi

More information