Wireless Communications and Mobile Computing

Size: px
Start display at page:

Download "Wireless Communications and Mobile Computing"

Transcription

1 WNMC-MPR-Sec 1 Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de Engenharia da Universidade do Porto

2 SECURITY - BASIC CONCEPTS WNMC-MPR-Sec 2

3 WNMC-MPR-Sec 3 Symmetric Cryptography Ex: RC4, AES 3

4 WNMC-MPR-Sec 4 Digest/Hash Input» variable length message Output» a fixed-length bit string (the hash) Used to guarantee message integrity and source identification Ex: MD5, SHA1 4

5 Public Key Cryptography Confidenciality WNMC-MPR-Sec 5 5

6 Public Key Cryptography - Authentication (digital signature) WNMC-MPR-Sec 6 6

7 WNMC-MPR-Sec 7 Public Key Distribution Problem Ataque MIM: (8) Kpriv Alice [Kpub Alice [ Logo pelas 19h ]]= Logo pelas 19h (3) Logo pelas 20h (1) Kpub Alice (2) Kpub Carol Alice Carol Bob (7) Kpub Alice [ Logo pelas 19h ] (4) Kpub Carol [ Logo pelas 20h ] (5) Kpriv Carol [Kpub Carol [ Logo pelas 20h ]]= Logo pelas 20h (6) Logo pelas 20h è Logo pelas 19h O que a Alice julga ter acontecido: (4) Kpriv Alice [Kpub Alice [ Logo pelas 19h ]]= Logo pelas 19h (2) Logo pelas 19h Alice (1) Kpub Alice (3) Kpub Alice [ Logo pelas 19h ] Bob 7

8 WNMC-MPR-Sec 8 Certification Authority 8

9 WNMC-MPR-Sec 9 SSL/TLS SSL (Secure Socket Layer) Developed by Netscape TLS 1.x (Transport Layer Security) IETF Transparent to application protocols Server/client can authenticate using certificates But, due to certificate costs» Servers è authenticated by certificates» Clients è authenticated at the application layer (e.g. passwords) 9

10 WNMC-MPR-Sec 10 SSL/TLS Typical Procedure Client:» connects to a TLS-enabled server requesting secure connection» presents a list of supported CipherSuites (ciphers, hash functions) Server:» picks the strongest CipherSuite; notifies the client about the decision Server:» sends back its identification as a Digital Certificate» Certificate: [server name, server's public encryption key, trusted certificate authority (CA)] Client:» Contacts CA and verifies if certificate is authentic Client:» encrypts a random number (RN) with the server's public key (PbK)» sends it to server Server» Decrypts RN using its private key (PvK) Client Server: generate key material for encryption/decryption Client: authenticates near the server

11 SECURITY WNMC-MPR-Sec 11

12 WNMC-MPR-Sec Security Minimum security WEP (Wired Equivalent Privacy) Station authentication» Open mode è no authentication» Shared Mode AP sends challenge è station returns the challenge encrypted with the WEP key Confidentiality è frames are encrypted with RC4 Integrity è CRC32 12

13 WNMC-MPR-Sec 13 WEP - Encryption IV WEP Key SDU WEP PRNG (RC4) XOR ICV (crc32) Header IV Cryptogram FCS Frame Keystream 13

14 WNMC-MPR-Sec 14 WEP - Decryption IV WEP Key SDU WEP PRNG (RC4) XOR ICV Check values ICV Header IV Cryptogram FCS Frame Keystream 14

15 WNMC-MPR-Sec 15 WEP Vulnerabilities Same IV and WEP key same keystream» IV too short (24 bits)» No mechanism for WEP key update Same keystream:» SDU2 SDU1 = cryptogram1 cryptogram2» If SDU1 is known (ICMP, TCP ack, ) then» SDU2 = cryptogram1 cryptogram2 SDU1 15

16 WNMC-MPR-Sec 16 WEP Vulnerabilities (2)» RC4 key = IV (3 bytes) + WEP key (5 or 13 bytes) Weak IVs help breaking the WEP key» Weak IVs: i:ff:x Ex: Weak IVs for WEP keys of 40 bits» 3:ff:X, 4:ff:X, 5:ff:X, 6:ff:X, 7:ff:X 16

17 WNMC-MPR-Sec 17 WEP Vulnerabilities (3) Integrity Check Value based on CRC32 (linear) WEP does not authenticate nor check the integrity of the frame header» Station can change the MAC address AP is not authenticated» Rogue AP WEP does not control the frame sequence» Replay attacks Same key for every station» Traffic can be eavesdropped or even changed by any station knowing the WEP key 17

18 WNMC-MPR-Sec 18 WEP Vulnerabilities (4) Manufacturers put additional barriers» Authentication by SSID Station monitors the medium and wait for another station to associate to see the SSID» Access control by MAC address Station sees the MAC address of allowed stations and clone their address 18

19 WNMC-MPR-Sec X Access Control Before the authentication Traffic 802.1X Other traffic (blocked) After the authentication Traffic 802.1X Other traffic (unblocked)

20 EAP Extensible Authentication Protocol WNMC-MPR-Sec 20» Encapsulates authentication» Runs over any link layer but thought for PPP» Messages Requests, Responses Methods Links TLS EAP AKA/ SIM Token Card PPP bytes variable Code Identifier Length Type Type-Data STA EAP Identity Request EAP Identity Response EAP Auth Request EAP Auth Response EAP-Success Authenticator

21 WNMC-MPR-Sec X with Radius 21

22 WNMC-MPR-Sec 22 Dynamic WEP Uses 802.1X User authentication» Support of multiple authentication methods» Centralized database with users credentials, independent of APs Enables also AP authentication Authenticaton keys encryption keys Periodic update of WEP keys 22

23 WNMC-MPR-Sec 23 Dynamic WEP (2) 1. Authentication through an 802.1X EAP method 2. Generation of MPPE key 6. Station decrypts the WEP key with the MPPE key 7. Station applies the WEP key 4. Generation of WEP key 5. AP encrypts the WEP key with the MPPE key and sends it over EAPOL-KEY 8. AP applies the WEP key 3. MPPE key encrypted with RADIUS key 2. Generation of MPPE key (Microsoft Point-to-Point Encryption) data frames are unblocked and encrypted with WEP 23

24 WNMC-MPR-Sec i WEP failure IEEE i Authentication/Access Control» Pre-shared key (PSK)» With Authentication Server, using 802.1X Key Management» Temporary Keys» Authentication keys Encryption keys Data encryption» CCMP (Counter mode Cipher block Chaining MAC protocol) Based on the AES cipher algorithm» TKIP (Temporal Key Integrity Protocol) Based on the RC4 cipher algorithm (same as WEP) Infraestructured and ad-hoc modes 24

25 WNMC-MPR-Sec 25 Wi-Fi Protected Access WPA» Based on Draft 3.0 of i (2002)» Short term solution for legacy equipments» No support for CCMP nor ad-hoc mode» TKIP reuses the WEP HW (RC4 cipher algorithm) Firmware upgrade WPA2» Supports i» Long term solution 25

26 WNMC-MPR-Sec 26 Authentication methods (802.1X) Requires Authentication Server Most popular Wi-Fi authentication methods» EAP-TLS» EAP-TTLS» PEAP 26

27 WNMC-MPR-Sec 27 EAP-TLS Uses TLS to authenticate both server and user through certificates Mandatory in WPA Cons:» Certificates are expensive» User identity goes in clear in the user s certificate TLS (authentication of server and user) EAP 802.1X (EAPoL) RADIUS ST AP UDP/IP AS 27

28 WNMC-MPR-Sec 28 Tunneled authentication Two phase authentication» TLS tunnel authenticates the Authentication Server» User is autenticated over the TLS tunel Support of weaker methods for user s authentication Certificates are optional User s identity goes encrypted EAP-TTLS, PEAP 28

29 WNMC-MPR-Sec 29 EAP-TTLS EAP- Tunneled TLS MS-CHAP PAP, CHAP, EAP, (User authentication) TLS (Server authentication) EAP 802.1X (EAPoL) RADIUS ST AP UDP/IP AS 29

30 WNMC-MPR-Sec 30 PEAP Protected Extensible Authentication Protocol v0 Microsoft, v1 Cisco PEAPv0/EAP-MSCHAPv2 the most popular MSCHAPv2, TLS, (user authentication) EAP TLS (server authentication) EAP 802.1X (EAPoL) RADIUS ST AP UDP/IP AS 30

31 WNMC-MPR-Sec 31 Key Management Master Key (MK) generated by Authentication Server Pairwise Master Key (PMK) generated from MK PMK sent to the AP through the AAA protocol (RADIUS) Generation of the Pairwise Transient Key (PTK) through the 4-way handshake Group key handshake (GTK) generated by the AP and sent though the Group key handshake Group key handshake 31

32 WNMC-MPR-Sec 32 Key Management (2) Encrypted with PTK PTK = Hash(PMK, Anonce, Snonce, MACaddr STA, MACaddr AP ) 32

33 WNMC-MPR-Sec 33 TKIP Key Encryption generation» Diminui correlação entre a keystream e a chave de cifragem 33

34 WNMC-MPR-Sec 34 Data frames WEP, TKIP, and CCMP Authenticated Encrypted Header IV / KeyID Data ICV 4octets >=0 octets 4 octets Authenticated Authenticated Encrypted Header IV / KeyID Extented IV Data MIC ICV 4octets 4 octets >=0 octets 8 octets 4 octets Encrypted Authenticated Authenticated Header IV / KeyID 4octets Extented IV 4 octets Data >=0 octets MIC 8 octets 34

35 WNMC-MPR-Sec 35 Integridade das mensagens ICV = CRC32 not really a signature MIC signature/hash 35

36 GSM WNMC-MPR-Sec 36

37 WNMC-MPR-Sec 37 Security in GSM Security services» access control/authentication user èsim (Subscriber Identity Module)èsecret PIN (Personal Identification Number) SIM è contains Ki (subscriber secret authentication key)» confidentiality voice and signaling encrypted on the wireless link (after authentication)» anonymity TMSI - Temporary Mobile Subscriber Identity newly assigned at each new location update encrypted transmission 3 algorithms specified in GSM» A3 for authentication» A5 for encryption» A8 for key generation

38 WNMC-MPR-Sec 38 GSM - Authentication mobile network SIM K i RAND RAND RAND K i AuC 128 bit 128 bit 128 bit 128 bit A3 SRES* 32 bit SRES A3 32 bit SIM MSC SRES* =? SRES SRES 32 bit SRES K i : individual subscriber authentication key SRES: signed response

39 WNMC-MPR-Sec 39 GSM - Key Generation and Encryption mobile network (BTS) MS with SIM K i RAND RAND RAND K i AuC 128 bit 128 bit 128 bit 128 bit SIM A8 A8 cipher key K c 64 bit K c 64 bit BTS A5 data encrypted data SRES data A5 MS

40 WNMC-MPR-Sec 40 Security in GPRS and UMTS (3GPP TS , 3GPP TS )

41 WNMC-MPR-Sec 41 Security Function Authentication of the MS by the network User identity anonymity» Temporary identification, ciphering Data and signalling confidentiality» Ciphering In UMTS (Iu mode)» also authentication of the network by the MS

42 WNMC-MPR-Sec 42 Authentication Two types of authentication» GSM authentication» UMTS authentication» Independent of the RAN modes GSM authentication» Based on SIM» Authentication of the MS by the network» Establishment of GSM ciphering key (Kc) between the SGSN and the MS UMTS authentication» Based on USIM» Requires authentication quintets» Implies mutual authentication» Agreement between SGSN and MS on Ciphering Key (CK) and Integrity Key (IK)

43 WNMC-MPR-Sec 43 GSM Authentication MS RAN SGSN HLR 1. Send Authentication Info 1. Send Authentication Info Ack 2. Authentication and Ciphering Request 2. Authentication and Ciphering Response 1. SGSN requests Authentication-Info (IMSI); HLR responds 2. SGSN» sends Authentication-Ciphering(RAND, CKSN, Ciphering Algorithm)» MS responds with Ciphering-Response (SRES) GPRS: MS starts ciphering after sending Response message UMTS: SGSN / MS shall generate CK and IK from the GSM Kc

44 WNMC-MPR-Sec 44 MS VLR/SGSN HE/HLR UMTS Authentication Authentication data request Distribution of authentication vectors from HE to SN Authentication data response AV(1..n) Generate authentication vectors AV(1..n) Store authentication vectors Select authentication vector AV(i) User authentication request RAND(i) AUTN(i) Verify AUTN(i) Compute RES(i) User authentication response RES(i) Authentication and key establishment Compare RES(i) and XRES(i) Compute CK(i) and IK(i) Select CK(i) and IK(i)

45 WNMC-MPR-Sec 45 Generation of an Authentication Vector by HE/AuC Generate SQN Generate RAND SQN AMF RAND K f1 f2 f3 f4 f5 MAC XRES CK IK AK AUTN := SQN AK AMF MAC AV := RAND XRES CK IK AUTN

46 User authentication function in the USIM WNMC-MPR-Sec 46 RAND AUTN f5 SQN AK AMF MAC AK K SQN f1 f2 f3 f4 XMAC RES CK IK Verify MAC = XMAC Verify that SQN is in the correct range

47 WNMC-MPR-Sec 47 Scope of Ciphering MS BSS/UTRAN SGSN Scope of GPRS ciphering Scope of UMTS ciphering Ciphering Algorithm» A/Gb mode: GPRS Encryption Algorithm (GEA) Kc is an input to the algorithm» Iu mode: UMTS Encryption Algorithm (UEA) CK is an input to the algorithm

48 Release 99+ HLR/AuC Quintets CK, IK Kc RES SRES Triplets WNMC-MPR-Sec 48 Release 99+ VLR/SGSN Release 98- VLR/SGSN CK, IK Kc CK, IK Kc RES SRES CK IK [Kc] [Kc] [Kc] UTRAN GSM BSS RAND AUTN RES RAND AUTN RES RAND [AUTN] SRES RAND SRES ME capable of UMTS AKA ME not capable of UMTS AKA ME CK, IK Kc CK, IK Kc Kc Kc CK, IK Kc CK, IK Kc CK, IK Kc RES SRES CK, IK Kc RES SRES USIM UMTS security GSM security

The security of existing wireless networks

The security of existing wireless networks Security and Cooperation in Wireless Networks Cellular networks o o GSM UMTS WiFi LANs Bluetooth Security in Wireless Networks Wireless networks are more vulnerable to security issues: Broadcast communications

More information

City Research Online. Permanent City Research Online URL:

City Research Online. Permanent City Research Online URL: Komninos, N. & Dimitriou, T. (2006). Adaptive authentication and key agreement mechanism for future cellular systems. Paper presented at the 15th IST Mobile & Wireless Communications Summit, 04-08 June

More information

ETSI TS V3.5.0 ( )

ETSI TS V3.5.0 ( ) TS 133 102 V3.5.0 (2000-07) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Security Architecture (3G TS 33.102 version 3.5.0 Release 1999) 1 TS 133 102 V3.5.0 (2000-07)

More information

Security functions in mobile communication systems

Security functions in mobile communication systems Security functions in mobile communication systems Dr. Hannes Federrath University of Technology Dresden Security demands Security functions of GSM Known attacks on GSM Security functions of UMTS Concepts

More information

WPA-GPG: Wireless authentication using GPG Key

WPA-GPG: Wireless authentication using GPG Key Università degli Studi di Bologna DEIS WPA-GPG: Wireless authentication using GPG Key Gabriele Monti December 9, 2009 DEIS Technical Report no. DEIS-LIA-007-09 LIA Series no. 97 WPA-GPG: Wireless authentication

More information

ETSI TS V3.4.0 ( )

ETSI TS V3.4.0 ( ) TS 133 103 V3.4.0 (2000-10) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Integration Guidelines (3GPP TS 33.103 version 3.4.0 Release 1999) 1 TS 133 103 V3.4.0

More information

Chapter 24 Wireless Network Security

Chapter 24 Wireless Network Security Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

From wired internet to ubiquitous wireless internet

From wired internet to ubiquitous wireless internet WlanSmartcard.org Technical Committee Wireless LAN A primer guide. Paris, February 5 th Pascal.Urien@enst.fr From wired internet to ubiquitous wireless internet 1 Classical intranet. Network access is

More information

Security in IEEE Networks

Security in IEEE Networks Security in IEEE 802.11 Networks Mário Nunes, Rui Silva, António Grilo March 2013 Sumário 1 Introduction to the Security Services 2 Basic security mechanisms in IEEE 802.11 2.1 Hidden SSID (Service Set

More information

FAQ on Cisco Aironet Wireless Security

FAQ on Cisco Aironet Wireless Security FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most

More information

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer Managing and Securing Computer Networks Guy Leduc Chapter 7: Securing LANs Computer Networking: A Top Down Approach, 7 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2016. (section 8.8) Also

More information

Wireless Network Security Spring 2015

Wireless Network Security Spring 2015 Wireless Network Security Spring 2015 Patrick Tague Class #7 More WiFi Security 2015 Patrick Tague 1 Class #7 Continuation of WiFi security 2015 Patrick Tague 2 Device Private WiFi Networks AP Local AAA

More information

Contents. GSM and UMTS Security. Cellular Radio Network Architecture. Introduction to Mobile Telecommunications

Contents. GSM and UMTS Security. Cellular Radio Network Architecture. Introduction to Mobile Telecommunications Royal Holloway, University of London, IC3 Network Security, 13 November 2006 Contents GSM and UMTS Security Introduction to mobile telecommunications Second generation systems - GSM security Third generation

More information

Wireless Network Security Spring 2016

Wireless Network Security Spring 2016 Wireless Network Security Spring 2016 Patrick Tague Class #7 WiFi Security 1 Announcements Please do HW#2 in using the stable OMNET++ 4.6, not the beta version. Porting has proven difficult... Form project

More information

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Outline Network Security EECE 412 Link & end-to-end protocols SSL/TLS WPA Copyright 2004 Konstantin Beznosov 2 Networks Link and End-to-End Protocols

More information

Network Security: Cellular Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2013

Network Security: Cellular Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2013 Network Security: Cellular Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2013 Outline Cellular networks GSM security architecture and protocols Counters UMTS AKA and session

More information

COSC4377. Chapter 8 roadmap

COSC4377. Chapter 8 roadmap Lecture 28 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7

More information

Network Encryption 3 4/20/17

Network Encryption 3 4/20/17 The Network Layer Network Encryption 3 CSC362, Information Security most of the security mechanisms we have surveyed were developed for application- specific needs electronic mail: PGP, S/MIME client/server

More information

Authentication and Security: IEEE 802.1x and protocols EAP based

Authentication and Security: IEEE 802.1x and protocols EAP based Authentication and Security: IEEE 802.1x and protocols EAP based Pietro Nicoletti Piero[at]studioreti.it 802-1-X-EAP-Eng - 1 P. Nicoletti: see note pag. 2 Copyright note These slides are protected by copyright

More information

Chapter 17. Wireless Network Security

Chapter 17. Wireless Network Security Chapter 17 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s, to develop a protocol & transmission specifications for wireless LANs (WLANs) Demand

More information

Wireless LAN Security. Gabriel Clothier

Wireless LAN Security. Gabriel Clothier Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group

More information

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005 Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks

More information

Csci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802.

Csci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802. WEP Weakness Csci388 Wireless and Mobile Security Access Control:, EAP, and Xiuzhen Cheng cheng@gwu.edu 1. IV is too short and not protected from reuse 2. The per packet key is constructed from the IV,

More information

EXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product.

EXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product. CWNP EXAM - PW0-204 Certified Wireless Security Professional (CWSP) Buy Full Product http://www.examskey.com/pw0-204.html Examskey CWNP PW0-204 exam demo product is here for you to test the quality of

More information

Authentication and Security: IEEE 802.1x and protocols EAP based

Authentication and Security: IEEE 802.1x and protocols EAP based Authentication and Security: IEEE 802.1x and protocols EAP based Pietro Nicoletti piero[at]studioreti.it 802-1-X-2008-Eng - 1 P. Nicoletti: see note pag. 2 Copyright note These slides are protected by

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

05 - WLAN Encryption and Data Integrity Protocols

05 - WLAN Encryption and Data Integrity Protocols 05 - WLAN Encryption and Data Integrity Protocols Introduction 802.11i adds new encryption and data integrity methods. includes encryption algorithms to protect the data, cryptographic integrity checks

More information

Wireless Security i. Lars Strand lars (at) unik no June 2004

Wireless Security i. Lars Strand lars (at) unik no June 2004 Wireless Security - 802.11i Lars Strand lars (at) unik no June 2004 802.11 Working Group 11 of IEEE 802 'Task Groups' within the WG enhance portions of the standard: 802.11 1997: The IEEE standard for

More information

Private Identification, Authentication and Key Agreement Protocol with Security Mode Setup

Private Identification, Authentication and Key Agreement Protocol with Security Mode Setup Private Identification, Authentication and Key Agreement Protocol with Security Mode Setup Farshid Farhat, Somayeh Salimi, Ahmad Salahi ICT Security Faculty Iran Telecommunication Research Centre Tehran,

More information

Network Systems. Bibliography. Outline. General principles about Radius server. Radius Protocol

Network Systems. Bibliography. Outline. General principles about Radius server. Radius Protocol Bibliography General principles about Radius server Bibliography Network System Radius Protocol Claude Duvallet University of Le Havre Faculty of Sciences and Technology 25 rue Philippe Lebon - BP 540

More information

Secure 3G user authentication in ad-hoc serving networks

Secure 3G user authentication in ad-hoc serving networks Louisiana State University LSU Digital Commons LSU Master's Theses Graduate School 2005 Secure 3G user authentication in ad-hoc serving networks Lyn L. Evans Louisiana State University and Agricultural

More information

Configuring the Client Adapter through the Windows XP Operating System

Configuring the Client Adapter through the Windows XP Operating System APPENDIX E Configuring the Client Adapter through the Windows XP Operating System This appendix explains how to configure and use the client adapter with Windows XP. The following topics are covered in

More information

Configuring the Client Adapter through Windows CE.NET

Configuring the Client Adapter through Windows CE.NET APPENDIX E Configuring the Client Adapter through Windows CE.NET This appendix explains how to configure and use the client adapter with Windows CE.NET. The following topics are covered in this appendix:

More information

Wireless Security Security problems in Wireless Networks

Wireless Security Security problems in Wireless Networks Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security

More information

WLAN Roaming and Fast-Secure Roaming on CUWN

WLAN Roaming and Fast-Secure Roaming on CUWN 802.11 WLAN Roaming and Fast-Secure Roaming on CUWN Contents Introduction Prerequisites Requirements Components Used Background Information Roaming with Higher-Level Security WPA/WPA2-PSK WPA/WPA2-EAP

More information

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities Wireless Security Comp Sci 3600 Security Outline 1 2 3 Wired versus wireless Endpoint Access point Figure 24.1 Wireless Networking Components Locations and types of attack Outline 1 2 3 Wired Equivalent

More information

ETSI TS V3.1.0 ( )

ETSI TS V3.1.0 ( ) ETSI TS 133 103 V3.1.0 (2000-01) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Integration Guidelines (3G TS 33.103 version 3.1.0 Release 1999) (3G TS 33.103 version

More information

Wireless Security K. Raghunandan and Geoff Smith. Technology September 21, 2013

Wireless Security K. Raghunandan and Geoff Smith. Technology September 21, 2013 Wireless Security K. Raghunandan and Geoff Smith Stevens Institute t of Technology September 21, 2013 Topics Cyber Security hacking community Familiarity with IP networks What is the security yprocess

More information

Configuring the Client Adapter through the Windows XP Operating System

Configuring the Client Adapter through the Windows XP Operating System APPENDIX E through the Windows XP Operating System This appendix explains how to configure and use the client adapter with Windows XP. The following topics are covered in this appendix: Overview, page

More information

Securing a Wireless LAN

Securing a Wireless LAN Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access

More information

Exam Questions CWSP-205

Exam Questions CWSP-205 Exam Questions CWSP-205 Certified Wireless Security Professional https://www.2passeasy.com/dumps/cwsp-205/ 1.. What is one advantage of using EAP-TTLS instead of EAP-TLS as an authentication mechanism

More information

Key Management Protocol for Roaming in Wireless Interworking System

Key Management Protocol for Roaming in Wireless Interworking System IJCSNS International Journal of Computer Science and Network Security, VOL.7 No.8, August 2007 59 Key Management Protocol for Roaming in Wireless Interworking System Taenam Cho, Jin-Hee Han and Sung-Ik

More information

Secure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography.

Secure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography. Secure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography T K Mohanta 1, R K Samantaray 2, S Panda 3 1. Dept.of Electronics & Communication.Engg, Sudhananda Engg & Research

More information

GPRS Security for Smart Meters

GPRS Security for Smart Meters GPRS Security for Smart Meters Martin Gilje Jaatun 1, Inger Anne Tøndel 1, and Geir M. Køien 2 1 Department of Software Engineering, Safety and Security SINTEF ICT NO-7465 Trondheim, Norway {martin.g.jaatun,inger.a.tondel}@sintef.no

More information

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE

More information

ETSI TR V ( )

ETSI TR V ( ) TR 131 900 V14.0.0 (2017-04) TECHNICAL REPORT Universal Mobile Telecommunications System (UMTS); LTE; SIM/USIM internal and external interworking aspects (3GPP TR 31.900 version 14.0.0 Release 14) 1 TR

More information

COPYRIGHTED MATERIAL. Contents

COPYRIGHTED MATERIAL. Contents Contents Foreword Introduction xxv xxvii Assessment Test xxxviii Chapter 1 WLAN Security Overview 1 Standards Organizations 3 International Organization for Standardization (ISO) 3 Institute of Electrical

More information

Configuring Authentication Types

Configuring Authentication Types CHAPTER 11 This chapter describes how to configure authentication types on the access point. This chapter contains these sections: Understanding Authentication Types, page 11-2, page 11-10 Matching Access

More information

Wireless Networking Basics. Ed Crowley

Wireless Networking Basics. Ed Crowley Wireless Networking Basics Ed Crowley 2014 Today s Topics Wireless Networking Economic drivers and Vulnerabilities IEEE 802.11 Family WLAN Operational Modes Wired Equivalent Privacy (WEP) WPA and WPA2

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Wireless LAN Security Slide from 2 nd book 1 802.11 Wireless LAN Security Stations in LAN are connected physically while in WLAN any station in the radio range is connected, so

More information

Using EAP-TTLS and WPA EAP-TTLS Authentication Security on a Wireless Zebra Tabletop Printer

Using EAP-TTLS and WPA EAP-TTLS Authentication Security on a Wireless Zebra Tabletop Printer Using EAP-TTLS and WPA EAP-TTLS Authentication Security on a Wireless Zebra Tabletop Printer Q. What is EAP-TTLS? A. Extensible Authentication Protocol- Tunneled Transport Level Security is an IEEE 802.1x

More information

Using PEAP and WPA PEAP Authentication Security on a Zebra Wireless Tabletop Printer

Using PEAP and WPA PEAP Authentication Security on a Zebra Wireless Tabletop Printer Using PEAP and WPA PEAP Authentication Security on a Zebra Wireless Tabletop Printer Q. What is PEAP? A. Protected Extensible Authentication Protocol is an IEEE 802.1x EAP security method that uses an

More information

IEEE i and wireless security

IEEE i and wireless security Blog IEEE 802.11i and wireless security David Halasz 8/25/2004 10:00 PM EDT 0 comments post a comment Tweet Share 1 2 IEEE's wireless security amendment adds stronger encryption, authentication, and key

More information

Improved One-Pass IP Multimedia Subsystem Authentication for UMTS

Improved One-Pass IP Multimedia Subsystem Authentication for UMTS Improved One-Pass IP Multimedia Subsystem Authentication for UMTS Lili Gu RMIT University Melbourne, Australia l.gu@student.rmit.edu.au Abstract As defined in the 3GPP specifications, a UMTS user device

More information

WIRELESS LAN/PAN/BAN. Objectives: Readings: 1) Understanding the basic operations of WLANs. 2) WLAN security

WIRELESS LAN/PAN/BAN. Objectives: Readings: 1) Understanding the basic operations of WLANs. 2) WLAN security Objectives: 1) Understanding the basic operations of WLANs 2) WLAN security 3) Wireless body area networks (IEEE 802.15.6) Readings: 1. Kurose & Ross, Computer Networking: A Top-Down Approach (6th Edition),

More information

Securing Your Wireless LAN

Securing Your Wireless LAN Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP

More information

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake.

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake. Five components of WLAN Security 1. Data Privacy 1. Privacy is important because transmission occurs over the air in freely licensed bands. The Data can be sniffed by anyone within range. 2. Eavesdropping

More information

Network Security 1. Module 7 Configure Trust and Identity at Layer 2

Network Security 1. Module 7 Configure Trust and Identity at Layer 2 Network Security 1 Module 7 Configure Trust and Identity at Layer 2 1 Learning Objectives 7.1 Identity-Based Networking Services (IBNS) 7.2 Configuring 802.1x Port-Based Authentication 2 Module 7 Configure

More information

Wireless Networked Systems

Wireless Networked Systems Wireless Networked Systems CS 795/895 - Spring 2013 Lec #5: Medium Access Control High Throughput, Security Tamer Nadeem Dept. of Computer Science High Throughput Networks (802.11n) Slides adapted from

More information

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder. Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/

More information

Mobile WiMAX Security

Mobile WiMAX Security WHITE PAPER WHITE PAPER Makes Mobile WiMAX Simple Mobile WiMAX Security Glossary 3 Abstract 5 Introduction to Security in Wireless Networks 6 Data Link Layer Security 8 Authentication 8 Security Association

More information

Nomadic Communications Labs. Alessandro Villani

Nomadic Communications Labs. Alessandro Villani Nomadic Communications Labs Alessandro Villani avillani@science.unitn.it Security And Wireless Network Wireless Security: Overview Open network Open network+ MAC-authentication Open network+ web based

More information

Mobile Security Fall 2013

Mobile Security Fall 2013 Mobile Security 14-829 Fall 2013 Patrick Tague Class #3 Telecom Security from 1G to 4G Basics of Telecom Security Different players in the mobile ecosystem have different security concerns Security concerns

More information

EP B1 (19) (11) EP B1 (12) EUROPEAN PATENT SPECIFICATION

EP B1 (19) (11) EP B1 (12) EUROPEAN PATENT SPECIFICATION (19) (11) EP 1 432 271 B1 (12) EUROPEAN PATENT SPECIFICATION (4) Date of publication and mention of the grant of the patent:.06. Bulletin /26 (1) Int Cl.: H04W 12/06 (09.01) H04L 9/32 (06.01) H04W 12/02

More information

Appendix E Wireless Networking Basics

Appendix E Wireless Networking Basics Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical

More information

Nomadic Communications Labs

Nomadic Communications Labs Nomadic Communications Labs Alessandro Villani avillani@science.unitn.it Security And Wireless Network Wireless Security: Overview Open network Open network+ MAC-authentication Open network+ web based

More information

WPA Passive Dictionary Attack Overview

WPA Passive Dictionary Attack Overview WPA Passive Dictionary Attack Overview TakehiroTakahashi This short paper presents an attack against the Pre-Shared Key version of the WPA encryption platform and argues the need for replacement. What

More information

Authentication Across Heterogeneous Networks

Authentication Across Heterogeneous Networks Authentication Across Heterogeneous Networks Miroslav Živković, Milind M. Buddhikot, Ko Lagerberg, and Jeroen van Bemmel In the beyond third-generation (3G) vision, the convergence of different access

More information

Wireless technology Principles of Security

Wireless technology Principles of Security Wireless technology Principles of Security 1 Wireless technologies 2 Overview This module provides an introduction to the rapidly evolving technology of wireless LANs (WLANs). WLANs redefine the way the

More information

ClearPass QuickConnect 2.0

ClearPass QuickConnect 2.0 ClearPass QuickConnect 2.0 User Guide Copyright 2013 Aruba Networks, Inc. Aruba Networks trademarks include, Aruba Networks, Aruba Wireless Networks, the registered Aruba the Mobile Edge Company logo,

More information

Security analysis of WLAN roaming solutions

Security analysis of WLAN roaming solutions Security analysis of WLAN roaming solutions Jacob Ferm jacob.ferm@gmail.com Lunds Tekniska Högskola Advisor: Ben Smeets, ben.smeets@eit.lth.se Johan Almbladh, johan.almbladh@anyfinetworks.com August 19,

More information

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL Q&A PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL This document answers questions about Protected Extensible Authentication Protocol. OVERVIEW Q. What is Protected Extensible Authentication Protocol? A.

More information

The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0. Xirrus, Inc.

The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0. Xirrus, Inc. The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0 Xirrus, Inc. March 8, 2011 Copyright Xirrus, Inc. 2011. May be reproduced only in its original entirety [without revision]. Page 1 TABLE

More information

GPRS security. Helsinki University of Technology S Security of Communication Protocols

GPRS security. Helsinki University of Technology S Security of Communication Protocols GPRS security Helsinki University of Technology S-38.153 Security of Communication Protocols vrantala@cc.hut.fi 15.4.2003 Structure of the GPRS Network BSS GTP PLMN BSS-Base Station sub-system VLR - Visiting

More information

Link Security A Tutorial

Link Security A Tutorial Link Security A Tutorial Fortress Technologies, Inc. Slide 1 Five basic security services Data confidentiality Data integrity Access control and access rights Authentication/Roaming Non-repudiation These

More information

Efficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection

Efficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection Efficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection Author: Jing-Lin Wu, Wen-Shenq Juang and Sian-Teng Chen Department of Information Management, Shih Hsin University,

More information

4.4 IEEE MAC Layer Introduction Medium Access Control MAC Management Extensions

4.4 IEEE MAC Layer Introduction Medium Access Control MAC Management Extensions 4.4 IEEE 802.11 MAC Layer 4.4.1 Introduction 4.4.2 Medium Access Control 4.4.3 MAC Management 4.4.4 Extensions 4.4.3 802.11 - MAC management Synchronization try to find a LAN, try to stay within a LAN

More information

EXAM IN TTM4137 WIRELESS SECURITY

EXAM IN TTM4137 WIRELESS SECURITY English Norwegian University of Science and Technology Department of Telematics EXAM IN TTM4137 WIRELESS SECURITY Contact person: Professor Danilo Gligoroski. (Tel. 95089319). Date of exam: December 04,

More information

Understand iwag Solution for 3G Mobile Data

Understand iwag Solution for 3G Mobile Data Understand iwag Solution for 3G Mobile Data Contents Introduction Prerequisites Requirements Components Used Background Information Acronyms Explanation of Terminology Used Understand Mobility Services

More information

Defeating IMSI Catchers. Fabian van den Broek et al. CCS 2015

Defeating IMSI Catchers. Fabian van den Broek et al. CCS 2015 Defeating IMSI Catchers Fabian van den Broek et al. CCS 2015 Ren-Jay Wang CS598 - COMPUTER SECURITY IN THE PHYSICAL ckground 3GPP 3GPP 3 rd Generation Partnership Project Encompasses: GSM and related 2G

More information

NS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks

NS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks NS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks Neetesh Saxena, Narendra S. Chaudhari Abstract- In this paper, we propose an improved and efficient AKA protocol named NS-AKA to prevent

More information

Configuring Layer2 Security

Configuring Layer2 Security Prerequisites for Layer 2 Security, page 1 Configuring Static WEP Keys (CLI), page 2 Configuring Dynamic 802.1X Keys and Authorization (CLI), page 2 Configuring 802.11r BSS Fast Transition, page 3 Configuring

More information

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Data Security and Privacy. Topic 14: Authentication and Key Establishment Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt

More information

Applications of Cryptography in Wireless Communication

Applications of Cryptography in Wireless Communication Applications of Cryptography in Wireless Communication Bergen 18th June 2003 Kaisa Nyberg Nokia Research Center 1 NOKIA Outline Mobile Networks GSM 3GPP UMTS Other RATs Bluetooth WLAN Key management If

More information

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy CCS 2017, 1 October 2017

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy CCS 2017, 1 October 2017 Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 Mathy Vanhoef @vanhoefm CCS 2017, 1 October 2017 Overview Key reinstalls in 4-way handshake Misconceptions Practical impact Lessons learned 2 Overview

More information

Information Security CS 526

Information Security CS 526 Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication Topic 14: Secure Communication 1 Readings for This Lecture On Wikipedia Needham-Schroeder protocol (only the symmetric

More information

USIM based Authentication Test-bed For UMTS-WLAN Handover 25 April, 2006

USIM based Authentication Test-bed For UMTS-WLAN Handover 25 April, 2006 USIM based Authentication Test-bed For UMTS-WLAN Handover 25 April, 2006 Hyeyeon Kwon, Kyung-yul Cheon, Kwang-hyun Roh, Aesoon Park Electronics and Telecommunications Research Institute 161, Gajeong-dong,

More information

02/21/08 TDC Branch Offices. Headquarters SOHO. Hot Spots. Home. Wireless LAN. Customer Sites. Convention Centers. Hotel

02/21/08 TDC Branch Offices. Headquarters SOHO. Hot Spots. Home. Wireless LAN. Customer Sites. Convention Centers. Hotel TDC 363 Introductions to LANs Lecture 7 Wireless LAN 1 Outline WLAN Markets and Business Cases WLAN Standards WLAN Physical Layer WLAN MAC Layer WLAN Security WLAN Design and Deployment 2 The Mobile Environment

More information

Cisco Wireless LAN Controller Module

Cisco Wireless LAN Controller Module Cisco Wireless LAN Controller Modules Simple and secure wireless deployment and management for small and medium-sized businesses (SMBs) and enterprise branch offices Product Overview Cisco Wireless LAN

More information

Chapter 8 Network Security

Chapter 8 Network Security Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and

More information

Questioning the Feasibility of UMTS GSM Interworking Attacks

Questioning the Feasibility of UMTS GSM Interworking Attacks Questioning the Feasibility of UMTS GSM Interworking Attacks Christoforos Ntantogian 1, Christos Xenakis 2 1 Department of Informatics and Telecommunications, University of Athens, Greece 2 Department

More information

802.1x Port Based Authentication

802.1x Port Based Authentication 802.1x Port Based Authentication Johan Loos Johan at accessdenied.be Who? Independent Information Security Consultant and Trainer Vulnerability Management and Assessment Wireless Security Next-Generation

More information

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2. P2 Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE 802.11i, IEEE 802.1X P2.2 IP Security IPsec transport mode (host-to-host), ESP and

More information

SE-WL-PCI-03-11G PCI CARD DRIVERS INSTALLATION. Table of Contents

SE-WL-PCI-03-11G PCI CARD DRIVERS INSTALLATION. Table of Contents SE-WL-PCI-03-11G PCI CARD DRIVERS INSTALLATION Table of Contents 1. Introduction...2 1.1 System Requirement...2 1.2 Objects Counting...2 2. Installation...2 2.1 Install Wireless PCI Adapter...3 2.2 Install

More information

CS 393/682 Network Security

CS 393/682 Network Security CS 393/682 Network Security Nasir Memon Polytechnic University Module 9 Wireless LAN Security Course Logistics Start working on HW 6 Final homework. To be posted today. HW6 - Points for defending and attacking.

More information

Security Setup CHAPTER

Security Setup CHAPTER CHAPTER 8 This chapter describes how to set up your bridge s security features. This chapter contains the following sections: Security Overview, page 8-2 Setting Up WEP, page 8-7 Enabling Additional WEP

More information

Cisco Desktop Collaboration Experience DX650 Security Overview

Cisco Desktop Collaboration Experience DX650 Security Overview White Paper Cisco Desktop Collaboration Experience DX650 Security Overview Cisco Desktop Collaboration Experience DX650 Security Overview The Cisco Desktop Collaboration Experience DX650 (Cisco DX650)

More information

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy Vanhoef, PhD Wi-Fi Alliance meeting Bucharest, 24 October 2017

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy Vanhoef, PhD Wi-Fi Alliance meeting Bucharest, 24 October 2017 Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 Mathy Vanhoef, PhD Wi-Fi Alliance meeting Bucharest, 24 October 2017 Overview 1. Key reinstallation in 4-way handshake 2. Misconceptions and remarks

More information

802.1x. ACSAC 2002 Las Vegas

802.1x. ACSAC 2002 Las Vegas 802.1x ACSAC 2002 Las Vegas Jeff.Hayes@alcatel.com 802.1 Projects The IEEE 802.1 Working Group is chartered to concern itself with and develop standards and recommended practices in the following areas:

More information