1 / 16

Wireless Technology and Security

Wireless Technology and Security. April 9, 2003. Justin Mencl CIS 492. Overview. Current Wireless Technology Infrared, Bluetooth, Wi-Fi Security Issues Concerns Problem with WEP Resources. IrDA. Infrared (IrDA) Uses beams of light  line of sight communication

erika
Download Presentation

Wireless Technology and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Wireless Technology and Security April 9, 2003 Justin Mencl CIS 492

  2. Overview • Current Wireless Technology • Infrared, Bluetooth, Wi-Fi • Security Issues • Concerns • Problem with WEP • Resources

  3. IrDA • Infrared (IrDA) • Uses beams of light  line of sight communication • Data broadcast in straight line, 30° cone • User intervention required

  4. Bluetooth • Short range wireless technology • Operates on unlicensed 2.4GHz radio frequency • Uses Frequency Hopping Spread Spectrum (FHSS) • Supported by more than 50 major companies • 3COM • Microsoft • Ericsson • Nokia

  5. Bluetooth (cont.) • Devices • Access Points • Keyboard/Mice • Car Stereos, Hands Free Kits • Advantages • Inexpensive – small radio module • Ease of use – automatic connection between device

  6. Wi-Fi • Most popular wireless LAN solution • Specified by IEEE 802.11 • Includes 802.11a, 802.11b, 802.11g • Also uses radio frequencies – 2.4GHz and 5Ghz • Uses Direct Sequence Spread Spectrum (DSSS)

  7. Wi-Fi Flavors • IEEE 802.11b • Most popular flavor • Uses 2.4Ghz, 11 Mbps, Range of 1000 ft • IEEE 802.11a • Uses 5GHz frequency, 54 Mbps • Reduced range  More access points needed • IEEE 802.11g • Uses 2.4GHz – backward compatible with 802.11b • 54 Mbps

  8. Wireless Security • IrDA – minimal security concerns • Bluetooth • Uses stream cipher E0, more secure than Wi-Fi • Uses different keys for encryption and authentication • Wi-Fi • Uses stream cipher RC4(v, k) • Uses same keys for encryption and authentication

  9. Wi-Fi Security Concerns • Wired Equivalency Protocol (WEP) • Used to encrypt data • WEP implementation • Secret key to encrypt packets before sending • Integrity Check before receiving packets

  10. WEP Algorithm* • Sender and receiver share secret key k • Compute checksum c(M) • Pick Init Vector v, generate keystream RC4(v, k) • XOR <M, c(M) > and keystream  ciphertext • Transmit ciphertext • Use transmitted v and shared k to get keystream RC4(v, k) • XOR ciphertext with RC4(v, k) to get <M’, c’> • Check if c’=c(M’) • If so, accept M’ as message transmitted * Taken from “Security Of The WEP Algorithm”, UC Berkeley

  11. WEP Pictorially

  12. Problems With WEP • Uses cipher stream – RC4(v, k) • Inherit security risk when using cipher streams: • You must NEVER encrypt two messages with same keystream • Keystream is RC4(v, k) which depends only on v, k • k is fixed shared secret that changes rarely, if ever • v is 24 bit value  only 2^24 values == 16 million • So after 16 million packets, you have to repeat a v value • Repeated v, same k  repeated keystream

  13. Other Problems… • Passive attacks to decrypt traffic based on statistical analysis. • Active attack to inject new traffic from unauthorized mobile stations, based on known plaintext. • Active attacks to decrypt traffic, based on tricking the access point. • Dictionary-building attack that, after analysis of about a day's worth of traffic, allows real-time automated decryption of all traffic

  14. WEP Fixes • Need both of the following: • Long Init Vector v that never repeats for the lifetime of the shared secret • Stong Message Authentication Code in replace of the CRC which depends on key k and Init Vector v • Again, BOTH need to be done!

  15. Is WEP Secure??? • Don’t rely solely on WEP for security • KSU CNS does!!! • CIS Department does not • Wireless Best Practices • Treat wireless network as a public network • Put wireless network OUTSIDE your firewall • Use VPN, IPSec, ssh

  16. Resources • Wireless Technology • http://www.bluetooth.org • http://www.acsac.org/2002/case/wed-c-330-Innella.pdf • http://www.ieee802.org • Security of the WEP Algorithm, UC Berkeley • Nikita Borisov, Ian Goldberg, and David Wagner • http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html • http://www.cypherpunks.ca/bh2001

More Related