Link Security A Tutorial

Similar documents
05 - WLAN Encryption and Data Integrity Protocols

Chapter 24 Wireless Network Security

Wireless Network Security

Chapter 17. Wireless Network Security

(2½ hours) Total Marks: 75

Network Encryption 3 4/20/17

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

COSC4377. Chapter 8 roadmap

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection

Wireless Networked Systems

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Security in IEEE Networks

Wireless Network Security Spring 2015

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

Wireless Network Security Spring 2016

Wireless LAN Security. Gabriel Clothier

Wireless Network Security

Wireless Security i. Lars Strand lars (at) unik no June 2004

Securing Your Wireless LAN

Summary on Crypto Primitives and Protocols

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Encryption. INST 346, Section 0201 April 3, 2018

Lecture 1 Applied Cryptography (Part 1)

David Wetherall, with some slides from Radia Perlman s security lectures.

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

CSCE 715: Network Systems Security

KALASALINGAM UNIVERSITY

Meru Networks. Security Gateway SG1000 Cryptographic Module Security Policy Document Version 1.2. Revision Date: June 24, 2009

Csci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802.

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

D. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

WPA-GPG: Wireless authentication using GPG Key

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

DataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.

The security of existing wireless networks

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Security Enhancements

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

CSE 713: Wireless Networks Security Principles and Practices. Ad hoc networks security and sensor networks security (1 hour)

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Symmetric, Asymmetric, and One Way Technologies

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Lecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.

Cryptography MIS

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

IEEE i and wireless security

CS Computer Networks 1: Authentication

Table of Contents 1 WLAN Security Configuration Commands 1-1

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

14. Internet Security (J. Kurose)

Cryptographic Concepts

VPN Overview. VPN Types

FIPS Security Policy for Cisco Aironet Lightweight AP1131, AP1142, AP1242, AP1252, AP1262, CAP3502e, and CAP3502i Wireless LAN Access Points

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

What is Eavedropping?

EEC-682/782 Computer Networks I

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

Sample excerpt. Virtual Private Networks. Contents

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities

The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0. Xirrus, Inc.

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Mathy CCS 2017, 1 October 2017

APNIC elearning: Cryptography Basics

Security. Communication security. System Security

IP Security IK2218/EP2120

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Wireless Security Security problems in Wireless Networks

CSC 8560 Computer Networks: Network Security

FAQ on Cisco Aironet Wireless Security

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 8

Stream Ciphers. Stream Ciphers 1

Security and Authentication for Wireless Networks

Key Encryption as per T10/06-103

Computer Networks. Wenzhong Li. Nanjing University

Chapter 6/8. IP Security

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Network Security Chapter 8

From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005

Computer Security 3/23/18

1. Diffie-Hellman Key Exchange

8. Network Layer Contents

EXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product.

CIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm

CSC 774 Network Security

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Kurose & Ross, Chapters (5 th ed.)

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

CS 161 Computer Security

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

CIS 4360 Secure Computer Systems Symmetric Cryptography

Transcription:

Link Security A Tutorial Fortress Technologies, Inc. Slide 1

Five basic security services Data confidentiality Data integrity Access control and access rights Authentication/Roaming Non-repudiation These services provide assurance against the security threats of unauthorized resource use, masquerade, unauthorized data disclosure, unauthorized data modification, and repudiation, respectively. Slide 2

Part 1: What is Link Level Security? We need to define what is link level security and why we need it? Slide 3

Link Layer Security? A method of securing a packet and its information above the MAC layer on a point-to-point connection: 1. hide the data contents and upper layer (above layer two) protocol information. 2. protect a packet from having its contents changed. 3. limit who or what is allowed to gain access to the overall network through the point-to-point connection. 4. limit denial of service attacks on a point-to-point segment. 5. eliminate denial of service attacks being perpetrated further in the network. Slide 4

Link Layer and Upper Layer IPSec/ SSL End-to-end Security Laptop Router Router Point to Point Security IEEE 802.10 wlls MAC Layer and Upper Layer IPSec/ SSL Server IEEE 802.11 End-to-end Security Laptop Point to Point Security Access Point Router Router Server WEP CCMP Slide 5

Why is it Needed? Many forms of data link technologies are vulnerable to compromise: WLAN WPAN (Bluetooth) Fixed Wireless Any Public Segment Two Rules of Thumb: It s the responsibility of the network provider that every link in the network is protected (i.e. Link Level Security). It s the responsibility of the user and application provider that the application is secure (i.e. SSL, IPSec, Application Security). Slide 6

Packet Layouts Regular Packet DLC Hdr IP Hdr TCP/ UDP Session Hdr Data Trl Encrypted Payload Session Security Protocol DLC Hdr IP Hdr TCP/ UDP Sec Hdr Sec Hdr Session Hdr Data Trl Trl Encrypted Payload IPSec DLC Hdr IP Hdr Sec Hdr Sec Hdr TCP/ UDP Session Hdr Data Trl Trl Encrypted Payload Link DLC Hdr Sec Hdr Sec Hdr IP Hdr TCP/ UDP Session Hdr Data Trl Trl Slide 7

Part 1 Conclusion Answered what link layer security is and why it is needed. Cannot view IP or other upper layer header information (such as IP addresses): With IP addresses exposed, hackers can easily compromise a network. ARP poisoning Denial-of-Service attacks can be launched if IP header information is not protected You can t fool with my packet and cause damage. If no end-to-end security protocol (like IPSec) is used, it will guarantee that, at least on that segment, no one will view or compromise by message. A hacker cannot attach to that segment to steal valuable network bandwidth. Control who enters and where they go. Slide 8

Part 2: The Mechanics What are the protocols, technologies and methods that make up link level security? Slide 9

Data confidentiality Encryption Key Management Data integrity Hashing Replay Protection Access Control/Rights Port Components 802.1x Authentication/Roaming EAP Radius Roaming Non-repudiation Here they are! Slide 10

Encryption Encryption technology converts network messages into formats that are speciallydesigned to prevent third parties from accessing their contents. There are two types of encryption protocol: Stream Cipher Block Cipher Slide 11

Encryption Encryption Key Memo Memo Date Date To To From From Subject Subject &*%$%^^ &*%$%^^ &&^*%$# &&^*%$# @ Plain Text Encryption Engine Encrypted Text Slide 12

Stream Cipher A stream cipher is a method of encrypting text (to produce cipher text) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time. Encryption is accomplished by combining the key stream with the plaintext, usually with the bitwise XOR operation. Types RC-4 (Used in WEP) Slide 13

Example: WEP (RC4) Initia liza tion Ve ctor (IV) Secret Key Plaintext PDU Data seed CRC-32 RC4 PRNG Key Sequence Inte grity Che ck Va lue (ICV) IV Ciphertext Message a. Transmit WEP Key IV Ciphertext Seed RC4 PRNG Key stream Plaintext Integrity Algorithm ICV ICV ICV' = ICV? Message b. Receive Slide 14

Block Cipher A block cipher is a method of encrypting text (to produce cipher text) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time. Types DES Triple DES AES Slide 15

Modes of Operation The modes specify how data will be encrypted (cryptographically protected) and decrypted (returned to original form). Encryption algorithms are seldom used directly, cryptographic mode is used instead. A cryptographic mode usually combines: the basic cipher some sort of feedback some simple operations Ensures that an identical block of text produces different encrypted data. Slide 16

Some Modes Some modes of operation for use with an underlying symmetric key block cipher algorithm: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), Counter (CTR). Counter with Cipher Block Chaining Message Authentication Code (CCM), Slide 17

Example: IEEE 802.11i Mode Defines the CCMP protocol. Based on AES using the CCM mode of operation. The CCM mode combines: Counter (CTR) mode privacy and; Cipher Block Chaining Message Authentication Code (CBC-MAC) authentication. Slide 18

Example: CCMP Encapsulation PN TA DLEN Increment PN Construct Initialization Block MIC_IV PN=Packet Number TA=Transmitter Address DLEN=MPDU Data Length MPDU=MAC Protocol Data Unit Temporal Key=Crypto and Integrity Key PN TA Construct Counter Counter Plaintext MPDU PN Encode PN Plaintext MPDU with PN Compute MIC using CBC-MAC and append to MPDU Plaintext MPDU with MIC AES CTRmode encrypt data Cipher Text Temporal Key Slide 19

Example: CCMP Decapsulation DLEN TA PN Construct Initialization Block TA PN Construct Counter MIC_IV Ciphertext MPDU Previous PN Extract PN & DLen Ciphertext MPDU PN PN Good? Counter AES CTRmode decrypt data Plaintext MPDU with MIC MIC Compute MIC using CBC-MAC and append to MPDU Plaintext MPDU MIC MIC = MIC? MIC OK Temporal Key Discard MPDU Slide 20

Key Management This is how you come up with the keys that will be used for encryption and authentication. Two kinds: Shared Static Keys Dynamic Keys Generally-speaking, there are three types of dynamic key establishment techniques: 1. techniques based on asymmetric (public key) algorithms, 2. techniques based on symmetric (secret key) algorithms. 3. hybrid techniques are also commonly used, whereby public key techniques are used to establish symmetric (secret) key encryption keys, which are then used to establish other symmetric (secret) keys. Slide 21

Shared Static Key Common Session Key Encryption Key Common Session Key Encryption Key Memo Memo Date Date To To From From Subject Subject Plain Text &*%$%^^ &*%$%^^ &&^*%$# &&^*%$# @ Encrypted Text Memo Memo Date Date To To From From Subject Subject &*%$%^^ &*%$%^^ &&^*%$# &&^*%$# @ Encryption Engine Plain Text Encrypted Text Encryption Engine &*%$%^^ &*%$%^^ &&^*% &&^*% $# $# @ Encrypted Text Bob Slide 22 Many

Public Key Algorithms Different key on each side RSA Knapsack El-Gamal Elliptic Curve Cryptosystems Slide 23

Public Key Public Key Distribution Center Mary s Public Key Bob s Private Key Bob s Public Key Encryption Key Mary s Private Key Encryption Key Memo Memo Date Date To To From From Subject Subject Plain Text &*%$%^^ &*%$%^^ &&^*%$# &&^*%$# @ Encrypted Text Memo Memo Date Date To To From From Subject Subject &*%$%^^ &*%$%^^ &&^*%$# &&^*%$# @ Encryption Engine Plain Text Encrypted Text Encryption Engine &*%$%^^ &*%$%^^ &&^*% &&^*% $# $# @ Encrypted Text Bob Slide 24 Mary

DES Triple DES AES Secret Key Algorithms Same key on each side. Slide 25

Agreeing on a Secret Key Diffie-Hellman Pick a Secret Number Secret Key Select a large prime number p. Select g, a primitive root of p. K Common Crypto Key Xa Ya = gxa mod p Ya K=YaXb mod p K Common Crypto Key Yb Xb K=YbXa mod p Yb = gxb mod p Pick a Secret Number Secret Key Slide 26

Data Integrity The integrity of a packet is checked by using a secure hash algorithm. Hash functions take a message as input and produce an output referred to as a hashcode, hash-result, hash-value, or simply hash. Hash functions are used for data integrity in conjunction with digital signature schemes, where for several reasons a message is typically hashed first, and then the hash-value, as a representative of the message, is signed in place of the original message. Unkeyed or a keyed hash function. Slide 27

Hash Data Hash Slide 28

Unkeyed Hash Algorithms Hash functions based on: block ciphers, customized hash functions, hash functions, modular arithmetic. Slide 29

Keyed Hash (MAC/MIC) A distinct class of hash functions, called message authentication codes (MACs) or message integrity code (MICs), allows message authentication by symmetric techniques. MAC algorithms may be viewed as hash functions which take two functionally distinct inputs, a message and a secret key, and produce a fixed-size (say n-bit) output, with the design intent that it be infeasible in practice to produce the same output without knowledge of the key. Slide 30

Anti-Replay Anti-replay ensures packet security by making it impossible for a hacker to intercept message packets and insert changed packets into the data stream between a source computer and a destination computer. By detecting packets that match the sequence numbers of those that have already arrived, the anti-replay mechanism helps to ensure that invalid packets are discarded. Slide 31

Access Control/Access Rights Access Control is any mechanism by which a system grants or revokes the right to access a network. Access Control can be performed by allowing or denying access base on: a user requiring to submit a Login and Password that will be sent to an authentication server for approval. The user has a particular device that would be approved by an access control server. The user contacts an administrator, the administrator configures packet filters. Access Rights is any mechanism that limit where in a network or on a devices a user can access. Slide 32

Authentication System 802.1x Model Slide 33

RADIUS Servers RADIUS (Remote Authentication Dial-In User Service) An IETF-defined protocol for administering and securing remote access to a network. User Login and Password information is forwarded to a RADIUS authentication server that validates the user and returns the information necessary for the access server to initiate a session with the user. A dictionary file kept in the RADIUS database determines the types of attributes that can be included in the user profile. The user repeats this process to initiate every session. Slide 34

Forms of Authentication Device Authentication Used to allow a particular device onto a network (My PDA can go on a network). User Authentication Used to allow a particular user onto a network (Bill is allowed on the engineering network). Hybrid A user has access to a network with a particular device. Slide 35

Roaming Three types of roaming: Roam between authenticator gateways on the same IP subnet without requiring new user and password input. Roam between authenticator gateways on different IP subnets without requiring new user and password input. Roam between authenticator gateways on different IP subnets while perserving IP addressing and state information. Slide 36

Roaming same Subnet Server Router Authentication Server Bridge or Access Point Bridge or Access Point Laptop User Authenticates to Bridge or Access Point Laptop Slide 37

Roaming between Subnets Application Connection Subnet 192.36.0.X Server Router Router Authentication Server Bridge or Access Point Bridge or Access Point Laptop User Authenticates to Bridge or Access Point on Subnet 192.32.8.x Roams Laptop User roams to Subnet 192.48.1.x Slide 38

Non-Repudiation Usually a higher layer function. "Non-repudiation with proof of origin" provides the recipient of data with evidence that proves the origin of the data, and thus protects the recipient against an attempt by the originator to falsely deny sending the data. This service can be viewed as a stronger version of a data origin authentication service, in that it proves authenticity to a third party. Slide 39

Part 2: Conclusion Five areas of security. Two type of encryption algorithm. Modes of Operation Data Integrity and Hash Anti-Replay Access Control/Rights/Authentication/Roaming Non-Repudiation Slide 40

Part 3: Some MAC/Link Protocols IEEE 802.11i IEEE 802.10 Wireless Link Level Security Protocol Slide 41

Problems with WEP 40-bit WEP key Weak IVs IV Replay Known packet attack Known packet start attack Bit Flipping attack Slide 42

IEEE 802.11i A Robust Security Network provides a number of security features to the IEEE 802.11 architecture. These features notably include: improvement specifically for legacy wlan equipment in TKIP. enhanced data security and encapsulation mechanism, called CCMP key management algorithms; dynamic cryptographic keys; enhanced authentication mechanisms for both APs and STAs; An RSN makes extensive use of IEEE 802.1X protocols with IEEE 802.11 to provide the authentication and key management. An RSN introduces several components into the IEEE 802.11architecture. These components are only present in RSN systems: The first new component is an IEEE 802.1X Port. A second component is the Authentication Server (AS). Slide 43

TKIP fixes WEP The Temporal Key Integrity Protocol (TKIP) is a cipher suite enhancing the WEP protocol on pre-rsn hardware. TKIP computes the MIC over the MSDU source address, destination address, priority, and data, and appends the computed MIC to the MSDU; TKIP discards any MIC padding prior to appending the MIC. TKIP fragments the MSDU into one or more MPDUs; TKIP assigns a monotonically incrementing TSC value to each MPDU it generates, taking care that all the MPDUs generated from the same MSDU use counter values from the same 16-bit counter space. For each MPDU, TKIP uses the key mixing function to compute the WEP seed. TKIP represents the WEP seed as a WEP IV and RC4 key, and passes these with each MPDU to WEP for encapsulation. WEP uses the WEP seed as a WEP default key, identified by a key id associated with the temporal key. Slide 44

A: Transmit Temporal Ke y TA TSC Phase 1 key mixing TTAK Key TKIP Phase 2 key mixing WEP seed(s) (represented as WEP IV + RC4 key) MIC Ke y SA + DA + priority Plaintext MSDU Data MIC Plaintext MSDU + MIC Fragment(s) Plaintext MPDU(s) WEP Encapsulation Ciphertext MPDU(s) Temporal Ke y TA B:Receive Phase 1 ke y mixing Ciphertext MPDU MIC Ke y TTAK Key TSC TKIP IV Unmix IV Ke y mixing In-sequence MP DU Out-of-sequence MP DU WEP Seed WEP Decapsulation Plaintext MP DU MPDU with failed WEP ICV Reassemble SA + DA + priority + Plaintext MS DU Micha e l MIC MIC MSDU with failed TKIP MIC Plaintext MSDU Countermeasures MIC = MIC? Slide 45

CCMP The CCMP protocol is based on AES using the CCM mode of operation. The CCM mode combines Counter (CTR) mode privacy and Cipher Block Chaining Message Authentication Code (CBC-MAC) authentication. CCM uses the same temporal key for both CTR mode and the CBC-MAC. CCM assumes a fresh temporal key for every session. Reuse of a temporal key and packet number voids all security guarantees. Slide 46

CCMP encapsulation block diagram PN Increment PN TA DLEN Construct Initialization Block MIC_IV PN TA Construct Counter Counter Plaintext MPDU PN Encode PN Plaintext MPDU with PN Compute MIC using CBC-MAC and append to MPDU Plaintext MPDU with MIC AES CTRmode encrypt data Cipher Text Temporal Key Slide 47

CCMP decapsulation block diagram DLEN TA PN Construct Initialization Block TA PN Construct Counter MIC_IV Ciphertext MPDU Previous PN Extract PN & DLen Ciphertext MPDU PN PN Good? Counter AES CTRmode decrypt data Plaintext MPDU with MIC MIC Compute MIC using CBC-MAC and append to MPDU Plaintext MPDU MIC MIC = MIC? MIC OK Temporal Key Discard MPDU Slide 48

RSN security association management IEEE 802.11 uses the notion of a security association to describe secure operation. Secure communications are possible only within the context of a security association, as this is the context providing the state cryptographic keys, counters, sequence spaces, etc. needed for correct operation of the IEEE 802.11 cipher suites. Slide 49

Establishing the IEEE 802.11 connection and negotiation STA AP Probe Request Probe Response + RSN IE (AP supports MCast/Ucast: CCMP, WRAP, TKIP, WEP and 802.1X EAP Authentication) IEEE 802.11 Open Authentication (request) IEEE 802.11 Open Authentication (response) Association Req + RSN IE (Client requests TKIP and 802.1X EAP Authentication) Association Response (success) 802.1X controlled port blocked for client AID Slide 50

IEEE 802.1X EAP authentication STA AP 802.1X/EAP-Request Identity 802.1X/EAP-Response Identity (EAP type specific) EAP Access Request/Identity EAP type specific mutual authentication Derive Pairwise Master Key (PMK) 802.1X/EAP-SUCCESS Derive Pairwise Master Key (PMK) EAP Accept (with PMK via MS- MPPE) 802.1X controlled port still blocked for client AID Slide 51

Establishing pairwise keys STA AP PMK Derive SNonce Derive PTK EAPoL-Key(Reply Required, Unicast, ANonce) EAPoL-Key(Unicast, SNonce, MIC, STA RSN IE) PMK Derive ANonce Derive PTK EAPoL-Key(Reply Required, Install PTK, Unicast, ANonce, MIC, AP RSN IE) Install Keys Install Keys EAPoL-Key(Unicast, ANonce, MIC) 802.1X controlled port still blocked for client AID Slide 52

Group key delivery STA AP GMK Derive GNonce & GTK Encrypt GTK field EAPoL-Key(All Keys Installed, Reply Required, Group Rx, Key Index, Group, GNonce, MIC, GTK) EAPoL-Key(Group, MIC) 802.1X controlled port still blocked for client AID Slide 53

IEEE 802.10 This entity provides services that permit the secure exchange of data at Layer 2. As part of the Logical Link Control (LLC) sublayer, the SDE entity provides a connectionless service immediately above the Medium Access Control (MAC) sublayer in IEEE 802 LANs and MANs. It provides security across the MAC sublayer using cryptographic mechanisms and security services provided transparently at the boundary to the LLC entity. Develop its own Key Management Protocol Slide 54

IEEE 802.10 Slide 55

Structure of the SDE PDU Slide 56

802.10 Key Management The key management model and protocol support three key distribution techniques: manual key distribution, center-based key distribution, certificate-based key distribution. Slide 57

Manual Distributed Key Slide 58

Center Based Key Distribution Slide 59

Center-based key translation Slide 60

Certificate-based key distribution Slide 61

Multicast key distribution Slide 62

wlls Link Level Security Protocol AES, 3DES Dual Diffie-Hellman Key Engine SHA-1 Packet Integrity Anti Replay Device Authentication User Authentication using EAP FIPS Slide 63

wlls Packet Slide 64

wlls Key Negotiation Slide 65

Threat Protection known-key attack. In this attack an adversary obtains some keys used previously and then uses this information to determine new keys. replay. In this attack an adversary records a communication session and replays the entire session, or a portion thereof, at some later point in time. impersonation. Here an adversary assumes the identity of one of the legitimate parties in a network. dictionary. This is usually an attack against passwords. Typically, a password is stored in a computer file as the image of an unkeyed hash function. When a user logs on and enters a password, it is hashed and the image is compared to the stored value. An adversary can take a list of probable passwords, hash all entries in this list, and then compare this to the list of true encrypted passwords with the hope of finding matches. Slide 66

Attacks on protocols forward search. This attack is similar in spirit to the dictionary attack and is used to decrypt messages. An example of this method was cited in Example 1.60. interleaving attack. This type of attack usually involves some form of impersonation in an authentication protocol. Slide 67

Part 3: Conclusion The new IEEE 802.11i recommendations: TKIP for legacy wlan products CCMP for highly secure networks IEEE 802.1x Port Control Authentication and Radius IEEE 802.10 wlls Threats Slide 68

Editorial Comment Proponent of using 802.11i. Millions of wireless devices will support 802.11i very soon. I believe there are only minor changes to make it a link level security protocol. The changes have to do with: embedded functions at the MAC layer; fragmentation. Our goal would be to secure a point-to-point connection from a gateway across access points and bridges to mobile devices Slide 69

Questions or Comments Slide 70

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback