Wireless LAN Security. Gabriel Clothier

Similar documents
Authentication and Security: IEEE 802.1x and protocols EAP based

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL

FAQ on Cisco Aironet Wireless Security

What is Eavedropping?

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

Csci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802.

Standard For IIUM Wireless Networking

Security in IEEE Networks

Configuring WEP and WEP Features

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

05 - WLAN Encryption and Data Integrity Protocols

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Network Security 1. Module 7 Configure Trust and Identity at Layer 2

Securing a Wireless LAN

Network Access Flows APPENDIXB

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Securing Your Wireless LAN

Configuring Cipher Suites and WEP

ClearPass QuickConnect 2.0

Appendix E Wireless Networking Basics

Chapter 24 Wireless Network Security

ECHONET Lite SPECIFICATION. ECHONET Lite System Design Guidelines 2011 (2012) ECHONET CONSORTIUM ALL RIGHTS RESERVED

802.1x. ACSAC 2002 Las Vegas

TestsDumps. Latest Test Dumps for IT Exam Certification

Exam Questions CWSP-205

D. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

Exam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ]

Exam : PW Title : Certified wireless security professional(cwsp) Version : DEMO

Wireless Network Security Spring 2015

Authentication and Security: IEEE 802.1x and protocols EAP based

Configure Network Access Manager

Wireless Network Security Spring 2016

Wireless technology Principles of Security

A Comparison of Data-Link and Network Layer Security for IEEE Networks

Attacking Networks. Joshua Wright LightReading LIVE! October 1, 2003

Using PEAP and WPA PEAP Authentication Security on a Zebra Wireless Tabletop Printer

Configuring the Client Adapter through Windows CE.NET

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities

HW/Lab 4: IPSec and Wireless Security. CS 336/536: Computer Network Security DUE 11 am on 12/01/2014 (Monday)

LESSON 12: WI FI NETWORKS SECURITY

COPYRIGHTED MATERIAL. Contents

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Lab Configure Enterprise Security on AP

Wireless Security i. Lars Strand lars (at) unik no June 2004

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Basic Wireless Settings on the CVR100W VPN Router

Wireless Attacks and Countermeasures

Summary. Deployment Guide: Configuring the Cisco Wireless Security Suite 1 OL

A Comparitive Analysis of EAP Authentication Mechanism for WLAN

Chapter 1 Describing Regulatory Compliance

Protected EAP (PEAP) Application Note

Configuring Wireless Security Settings on the RV130W

Configuring a VAP on the WAP351, WAP131, and WAP371

Configuring the WMIC for the First Time

Configuring the Client Adapter through the Windows XP Operating System

Network Encryption 3 4/20/17

Wireless Network Security

802.1X: Deployment Experiences and Obstacles to Widespread Adoption

ipad in Business Security Overview

Configuring Authentication Types

Chapter 17. Wireless Network Security

Selection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach

Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE

Cisco Exam Questions and Answers (PDF) Cisco Exam Questions BrainDumps

COSC 301 Network Management. Lecture 15: SSL/TLS and HTTPS

802.1x Port Based Authentication

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

Cisco Desktop Collaboration Experience DX650 Security Overview

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Securing Wireless LANs with Certificate Services

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov.

Network Systems. Bibliography. Outline. General principles about Radius server. Radius Protocol

Using EAP-TTLS and WPA EAP-TTLS Authentication Security on a Wireless Zebra Tabletop Printer

CUA-854 Wireless-G Long Range USB Adapter with Antenna. User s Guide

Configuring a Wireless LAN Connection

CSCE 715: Network Systems Security

Cisco Wireless LAN Controller Module

EXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product.

WPA Passive Dictionary Attack Overview

Wireless Network Security

Ju-A A Lee and Jae-Hyun Kim

WarDriving. related fixed line attacks war dialing port scanning

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer

FIPS Security Policy for Cisco Aironet Lightweight AP1131, AP1142, AP1242, AP1252, AP1262, CAP3502e, and CAP3502i Wireless LAN Access Points

Wireless Networking Basics. Ed Crowley

WLAN Roaming and Fast-Secure Roaming on CUWN

Wi-Fi Security for Next Generation Connectivity. Perry Correll Aerohive, Wi-Fi Alliance member October 2018

Seamless Yet Secure -Hotspot Roaming

Implementing X Security Solutions for Wired and Wireless Networks

Advanced Security and Mobile Networks

N_Max Wireless USB Adapter

CS 393/682 Network Security

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

IEEE 802.1X workshop. Networkshop 34, 4 April Josh Howlett, JRS Technical Support, University of Bristol. Copyright JNT Association

Wireless# Guide to Wireless Communications. Objectives

Hacking Air Wireless State of the Nation. Presented By Adam Boileau

Wi-Fi Scanner. Glossary. LizardSystems

Aruba PEAP-GTC Supplicant Plug-In Guide

Designing AirPort Extreme n Networks

The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0. Xirrus, Inc.

Transcription:

Wireless LAN Security Gabriel Clothier

Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group formed

Objectives of WLAN Security 1 Preserve Confidentiality

Objectives of WLAN Security 2 Preserve Integrity

Objectives of WLAN Security 3 Preserve Availability of Service

Types of Attacks 1 Monitor packets to access data. Monitor or modify authentication data. Monitor a stream of packets to uncover encryption keys. Denial of service. Man-in-the-middle: trick user into thinking they are on a different network.

Types of Attacks 2 Attempt to gain access via brute force/dictionary attack. Replay attack: gathering a set of packets which handles authentication for a valid user and resending that sequence of packets in order to gain access by an attacker.

WLAN Security Steps Authentication/Authorization User should possess certain credentials to access the network. Data Encryption Need to encrypt data so that those with wireless sniffer tools cannot make use of the payload data.

WLAN Security Standards 1 802.11: WEP (Wired Equivalent Privacy) Authentication is via the user having the correct key. Two modes of data encryption using RC4 stream cipher: 64-bit: 40 bit key + 24 bit initialization vector (IV) 128-bit: 104 bit key + 24 bit IV Because there are a limited IV size, the algorithm can be easily attacked given sufficient number of packets.

Source: J. Hong, R. Lemhachheche, WEP Protocol Weaknesses and Vulnerabilities: http://oregonstate.edu/~lemhachr/ece578/report.htm

WLAN Security Standards 2 IEEE 802.1X Used for any network, including wired networks. Standard for authentication based on thirdparty such as a RADIUS server. Uses EAP (Extensible Authentication Protocol).

IEEE 802.1X Standard

WLAN Security Standards 3 WPA (Wi-Fi Protected Access) Two modes of Authentication: Pre-Shared Key (WPA Personal) 802.1X Server (WPA Enterprise) Data Encryption uses 128-bit RC4 stream cipher. Enforces regular key updates via Temporal Key Integrity Protocol (TKIP).

IEEE 802.11i Standard

WLAN Security Standards 4 802.11i/WPA2 Authentication has two modes as in WPA, but extended with four-way handshake between device and access point. Data encryption is via AES (Advanced Encryption Standard) in CCM mode (cipher block chaining with message authentication code) using 128-bit keys. The AES method is very secure. It would take trillions of years to attempt a brute force attack on a 128-bit AES secured system.

IEEE 802.11i Standard

Extensible Authentication Protocols EAP is a framework around which there are built many methods. Defined in RFC 2284. After link established, authenticator requests identity, challenge, etc. from peer (user/client). Peer sends response of appropriate type. Authenticator returns success or failure.

EAP Method Requirements A set of mandatory and optional requirements for an EAP method is defined in RFC 4017.

EAP Mandatory Requirements Generation of Keys Need to exchange keys for use in data encryption of payload traffic using symmetric key algorithm. Mutual authentication Access point should be able to authenticate device, as well as device should be able to authenticate AP.

EAP Mandatory Requirements 2 Self-Protecting Eavesdropper should not be able to later impersonate AP or client. Synchronization of State Attributes such as protocol, credentials, keys, etc. should be able to be shared between user and authenticator.

EAP Mandatory Requirements 3 Resistance to Dictionary Attacks Should not be susceptible to a user trying a sequence of passwords/brute force attack. Protection against man-in-the-middle attacks Requires cryptographic binding to assure that only one authenticator has been used, integrity protection to assure that packets are authentic, replay protection, and session independence.

EAP Mandatory Requirements 4 Protected Cipher Suite Negotiation Should be able to negotiate with the client an encryption scheme to use to protect the EAP exchange packets. Produce Session Keys Produces keys that are unique to a session and used for authentication and confidentiality.

EAP Optional Requirements 1 Fragmentation Should be able to reassemble the payload if it exceeds the MTU. End-user identity hiding Should not make the end-user s identity available in the EAP procedure. Access Points Should be able to function with all equipment supporting 802.1X

EAP Optional Requirements 2 Authenticate User The user should be authenticated rather than the device to guard against the device being compromised. Minimum message exchange There should be a minimal number of message exchanges necessary as each one consumes time and computing resources.

EAP Optional Requirements 3 Channel Binding Should be able to align EAP data to that in the public space of the packet to assure that a consistent channel is used. Faster Reconnect Re-authentication should be fast in order to permit time-sensitive transactions such as handoff.

EAP Optional Requirements 4 Augments Legacy Methods Can coexist and strengthen existing methods so equipment replacement is not necessary. Low Maintenance Cost Convenient for Users

EAP Methods: EAP-MD5 EAP-MD5 Legacy method, uses MD5 hash of username and password passed to a RADIUS server. MD5 has been proven to not be secure. Only one-way authentication. Requires static keys.

EAP Methods: EAP-TLS EAP-Transport Layer Security Uses public key certificates on client and AP. Secure authentication, supports two-way authentication, and dynamic keys. Costly due to necessity of certificates on every client.

EAP Methods: EAP-TTLS Tunneled TLS Sets up a secure tunnel with the server as a first step so that the actual authentication can be done using a less secure method, such as MD5. Keeps user identity private, supports twoway authentication, and augments legacy methods.

EAP Methods: EAP-PEAP Protected EAP Similar to TTLS but only authenticates server to the client, so no certificate is needed at the client. Sets up encrypted tunnel between server and client then uses a legacy EAP method. Supports fragmentation and fast reconnect.

EAP Methods: LEAP Lightweight EAP Cisco proprietary protocol based on mutual authentication. Uses username/password for authentication with RADIUS server. Supports mutual authentication and session keys but leaves EAP exchanges unencrypted.

Analysis of EAP Methods Attribute MD5 TLS TTLS LEAP PEAP Generation of Keying Material No Not Req Mutual Authentication No Self-Protecting Resistance to Dictionary Attack Stron g Pwd No Protection Against MITM attack No Protected Cipher Suite Negotiation No Not Req

Analysis of EAP Methods 2 Attribute MD5 TLS TTLS LEAP PEAP Produce Session Keys No No User Identity Hiding No No No Access Point Compatibility No Authenticates User Small Pwd Not Req Not Req Not Req Reduced Message Exchange No No No Faster Reconnect No No

Conclusion With time, users of wireless LANs recognized the need for strong security. A number of methods have been developed to add this on to basic WLAN functionality. Some methods are flawed and vulnerable, but recent methods can be trusted.

Questions? Q&A

Questions For You What is the standard of wireless security that uses 128-bit AES? Which EAP should not be used as it is not secure? What is the vulnerability of WEP?

Answers 802.11i or WPA2 EAP-MD5 Initialization vector of only 24 bits in RC4 forces key reuse

References Building a Secure Wireless Network, http://www.atheros.com/pt/atheros_security_whitepaper.pdf IEEE 802.11i standard RFC 4017 RFC 2084 Pfleeger, S., Pfleeger, C. Security In Computing. Third Ed., Prentice-Hall. 2002.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback