1 / 61

WIRELESS LAN SECURITY

WIRELESS LAN SECURITY. Clément Dupuis,CD CISSP, GCFW, GCIA, CCSA (NG), CCSE (NG),ACE Groupe CGI, Montreal, Canada / CCCure.Org. Overview of Presentation. Introduction The Jargon The 802.11 family of standards Security Defend yourself Deployment Counter Measures Conclusion.

harley
Download Presentation

WIRELESS LAN SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WIRELESS LAN SECURITY Clément Dupuis,CDCISSP, GCFW, GCIA, CCSA (NG), CCSE (NG),ACEGroupe CGI, Montreal, Canada / CCCure.Org

  2. Overview of Presentation • Introduction • The Jargon • The 802.11 family of standards • Security • Defend yourself • Deployment • Counter Measures • Conclusion

  3. Introduction • Roller Coaster Ride • What or Who to believe? • Most talk about technology • Most hyped technology (Reminds me of bluetooth) • Most controversial LAN technology right now • A challenge to secure • Different standards and access control methods • Does not respect the typical security defences • It is being deployed in large numbers right now • Now, lets take a look at some number…

  4. Introduction - WLAN Penetration Statistics provided by WECA

  5. Introduction - WLAN Depth of Penetration Statistics provided by WECA

  6. Introduction - WLAN Top Drivers Statistics provided by WECA

  7. Introduction - WLAN Top Barriers Authentication/Security Concerns Budget Resources forDeployment and Support Speed Statistics provided by WECA

  8. Overview of Presentation • Introduction • The Jargon • The 802.11 family of standards • Security • The Threats • Defend yourself • Deployment • Counter Measures • Conclusion

  9. The Jargon - WarXing A new series of words have come into play as the world Wireless LAN and methods of attacks have evolved. They are derived from the term WarDialing that was used to described someone attempting all phone number in series to find modems or other devices. • WarDriving • WarFlying • WarBoating • WarCycling • WarWalking • WarChalking • WarPlugging (i:e Tell Joes Pizza and get 10% Off) Plug (noun)a piece of favorable publicity or a favorable mention usually incorporated in general matter -  Merriam-Webster

  10. The Jargon - WarChalking A marking method is only as good as the number of people that knows it. There is a common standard being developed amongst warchalkers to offer a common marking scheme. Bumper Sticker www.warchalking.org

  11. The Jargon - Acronyms • IEEE Institute of Electrical and Electronics Engineers • 802.11 Specifications for Wireless Standards • Wi-Fi Wireless Fidelity, often used in lieu of 802.11b • WECA Wireless Ethernet Compatibility Alliance • WLAN Wireless Local Area Network • AP Access Point • FHSS Frequency Hoping Spread Spectrum • DSS Direct Sequence Spread Spectrum • OFDM Orthogonal Frequency Division Multiplexing • WEP Wired Equivalent Privacy • EAP Extensible Authentication Protocol • CRC Cyclic Redundancy Check • HotSpot Area where wireless access is offered

  12. The Jargon - Hotspots • Some airport are not offering HotSpots but there is also businesses that have taken opportunities of this by offering Internet Access while people grab lunch. ))) ))) In Austin, Texax, 11 stores with HotSpots

  13. Overview of Presentation • Introduction • The Jargon • The 802.11 family of standards • Security • Defend yourself • Deployment • Counter Measures • Conclusion

  14. 802.11 Standard and it’s annexes • 802.11 represents Wireless LAN standards and annexes • The original standard was 802.11, which was a standard which defined wireless LAN using Infrared • First annex was 802.11b • Second annex was 802.11a • Then a series of 802.11x followed • It is a “shared” medium • It makes use of CSMA-CA • 802.11a and 802.11b are radio systems

  15. 802.11Whatever – What does it mean

  16. What is a WLAN Picture from: www.smarthomeforum.com

  17. Hardware – WLAN Hardware • WLAN Network Adaptor Chipsets • Cisco Aironet Based Series (Hermes Chipset) • Lucent Orinoco (Agere) Series • Prism II Chipset (Linksys, Compaq, Dlink) • Format • USB External Card • PCI Card • PCI Adaptor with PCMCIA Card • PCMCIA Card • Antennas • After all we are talking Radio Frequency and Signal here • Some have connector for external antenna and some don’t

  18. What does it looks like in real life!

  19. What does it looks like in real life! Pictures from: www.hdcom.com

  20. Overview of Presentation • Introduction • The Jargon • The 802.11 family of standards • Security • Defend yourself • Deployment • Counter Measures • Conclusion

  21. Security – A few more terms A few more terms: • Station Describe any device on a wireless network, either a client or an access point • Ad Hoc Refers to a network between two clients • Access Used by client to communicate with other Point clients, either wireless or wired clients. This is also referred to as Infrastructure Networks • BSS Basic Service Set – An access point with all it’s clients that form a network • SSID Service Set Identifier – The name given to a BSS network, also called Network Name

  22. Security - WEP • From ANSI/IEEE Std. 802.11: “3.49 wired equivalent privacy (WEP): The optional cryptographic confidentiality algorithm specified by IEEE 802.11 used to provide data confidentiality that is subjectively equivalent to the confidentiality of a wired local area network (LAN) medium that does not employ cryptographic techniques to enhance privacy.”

  23. Security – WEP Basic Security functions Network name (SSID), used as a network password, or key, or in some cases keys are derived from the SSID on AP (Authentication) • Must have same SSID to communicate • Use the same SSID on all devices • Protect from devices without the SSID • Authentication (Access Control) • Based on MAC Filtering • Encryption (Confidentiality) • Through the use of WEP • 40 Bits • 128 bits • CRC checksum (Integrity)

  24. Security – WEP Weaknesses • Key Management • Not define or included • Tend to provide long term or poor quality keys • Keys are manually keyed • Due to the manual labour involved, keys do not change often • Key Size • 40 bits defined in standard • Most have deployed 128 bits, which in fact is 104 bits + 24 Bits IV • WEP IV Size is too small • Provides for 16,777,216 different cipher stream • IV are being reused • WEP does not specify how IV are chosen or how often they rotate Primer from: http://www.nwfusion.com/research/2002/0909wepprimer.html

  25. Security – WEP ICV Weaknesses • The Integrity Check Value (ICV) Algorithm • Based on CRC-32 • Good for detecting errors in data transmission but not for hashes • MD5 or SHA1 would be a better choice • Message can be tampered and still produce same ICV • Allow M-I-M type of attacks, Simply capture an encrypted packet stream, modify the destination address of each packet to be the attacker's wired IP address, fix up the CRC-32, and retransmit the packets over the air to the access point • Key size does not matter with ICV and IV based attack, the attacks all take the same amount of effort regardless if it is 40 bits or 128 bits Primer from: http://www.nwfusion.com/research/2002/0909wepprimer.html

  26. Security – WEP usage of RC4 • RC4 in it’s implementation in WEP has weak keys • Too much correlation between the key and the output • First three bytes of the key are taken from the IV • They are sent unencrypted in each packet • It is easy to exploit as it is a passive attack • All that is needed is to collect enough data to derive the key • About 100 megs of data is necessary • Once 100 megs is collected, encryption can be broken in seconds Primer from: http://www.nwfusion.com/research/2002/0909wepprimer.html

  27. Security – WEP Authentication • Two forms of authentication • Open System – No authentication • Shared Key Authentication • Shared key is in fact weaker • Knowledge of a shared key is demonstrated by encrypting a challenge • Challenge and Response can be monitored by attacker • From this, the attacker can derive the RC4 steam that was used • The attacker can then use this RC4 stream to reply to any challenge that he receives in the future • Advantage of Shared Key • Reduce the ability of an attacker to launch a Dos Attack by sending bogus packet encrypted with the wrong key on the network • Shared key should be turned off and 802.1x used instead Primer from: http://www.nwfusion.com/research/2002/0909wepprimer.html

  28. Security – 802.1x • Based on EAP – As per RFC 2284 • Allow the use of Radius, Active Directory, SecurID, Certificates Primer from: http://www.nwfusion.com/research/2002/0909wepprimer.html

  29. Security – WEP – XOR Operations • XOR () operation • Given two bits, if exactly one of them is a one, the result is one. • Otherwise, it is zero. • Sample XOR () Operation • Value A: 1 1 0 0Value B: 0 1 1 0A  B: 1 0 1 0 • XOR () has the properties such that: If A  B = C, then C  B = A, and C  A = B A special mention to Ted Ipsen for sharing with the community his WEP research on which the info on XOR operations is based

  30. Security – WEP – XOR Operation • XOR as a symmetric cipherMessage: 10011011101 Key:  01101010110 Ciphertext: 11110001011 Key:  01101010110 Message: 10011011101

  31. Security – WEP – Operation The CRC-32 ICVA 4 byte CRC-32 Integrity Check Value (ICV) is computed for the data payload of the packet and appended to it.The UNIQUE seed The shared secret “key” (k) is static, a 24-bit Initialization Vector (IV) is concatenated with the key (k), to form a “unique” seed. Plaintext Message (M) ICV [s(M)] IV Shared Key (k)

  32. Security – WEP – Operation RC4 IV Shared Key (k) 000100101011100010110100101011110101010111011… Keystream • THE KEYSTREAM This seed is input into the stream cipher RC4, which outputs a “keystream” of arbitrary length.

  33. Security – WEP – Operation  00010010101110001011010010101111010101 Ciphertext (C) The plaintext data, and the appended CRC-32 value are XORed against an equal number of bits from the keystream to create ciphertext. Plaintext Message (M) ICV [s(M)]

  34. Security – WEP – Operation 802.11 Hdr IV Ciphertext (C) 802.11 Hdr IV RC4 IV 000100101011100010110100101011110101010111011… The IV is put into the WEP Header in PLAINTEXT, and the encrypted packet sent to the receiver. The receiver uses the IV in the Header along with the shared key, k to reproduce the RC4 keystream. Ciphertext (C) Shared Key (k)

  35. Security – WEP – Operation  00010010101110001011010010101111010101 Plaintext Message (M) ICV [s(M)] The ciphertext is XORed against the RC4 keystream, and the plaintext recovered. Ciphertext (C)

  36. Security – WEP – Operation Match? CRC-32 ICV [s’(M)] The CRC-32 Integrity Check Value (ICV) is computed to verify the integrity of the data. Plaintext Message (M) ICV [ s(M)]

  37. Security – WEP CONFIDENTIALITY • Confidentiality is provided by the XOR operation • To be secure, the keystream must NEVER be reused. • In WEP you are guaranteed to reuse these inputs, and thus, the keystream! • The shared secret key k, whether 40 or 104 bits long, is essentially fixed. • Therefore, the only input into the RC4 stream that changes is the 24 bit IV (2^24 = 16,777,216) • So, about every 16 million packets, you get an IV “collision”. • This doesn’t take very long on a moderately busy network. Primer from: http://www.nwfusion.com/research/2002/0909wepprimer.html

  38. Security – WEP CONFIDENTIALITY Challenge (M) IV Ciphertext (C) • SCENARIO 1 • Send some known plaintext (like spam e-mail), and capture the encrypted packet with the cleartext IV. • XOR the plaintext against the ciphertext and recover the keystream. • SCENARIO 2 Consider the authentication scheme from the standpoint of an attacker. • You sniff the WLAN and capture the Challenge Message from the Access Point as it is sent in cleartext to the requesting station. • You then capture the encrypted reply that is sent back to the AP Primer from: http://www.nwfusion.com/research/2002/0909wepprimer.html

  39. Security – WEP CONFIDENTIALITY ICV  Ciphertext (C) 00010010101110001010 • SCENARIO 2 (Continued) • Compute the CRC-32 ICV for the Challenge, and append it. • XOR the Challenge and ICV against the CiphertextC  M = K • And get the keystream back !!! Challenge (M) Primer from: http://www.nwfusion.com/research/2002/0909wepprimer.html

  40. Overview of Presentation • Introduction • The Jargon • The 802.11 family of standards • Security • Defend yourself • Deployment • Counter Measures • Conclusion

  41. Defend Yourself – WLAN Assessment • Hacking yourself before someone else does • How to assess your WLAN • Home brew • Commercial products • How to hide amongst others in the crowd • If everyone is screaming loudly then who is screaming what you wish to hear. • How to fool the bad guys • More ways to fool the bad guys

  42. Defend Yourself – Home Brew • What is required • A card with a connector for an external antenna • Cisco Aironet 352, Agere Orinoco Gold, and the Compaq WL100 • Software • Lots of software available for assessment • No software does all of the functions • Not all software works with all cards • Not all cards works with all OS • Will need more than one piece of software, card, and OS • Laptops • With proper OS and Card drivers • External Antenna for better gain

  43. Defend Yourself – Home Brew toolkit • As easy as 1-2-3 • Free User Friendly sniffing and cracking software • Detect rogue networks that you may not know about NetStumblerKismetAPSniffSniffer Pro WirelessAiroPeekWepCrackAirSnort + + 165$ US

  44. Defend Yourself – WLAN Assessment Some of the functionality found in WLAN sniffer, cracker, protocol analyzer, and assessment software:

  45. Defend Yourself – WLAN assessment

  46. Defend Yourself – Commercial ToolKit

  47. Defend Yourself – Commercial ToolKit Verify Signal Strength and clients on AP

  48. Defend Yourself - Warfare In 1978 while deploying HF, VHF, and UHF radio stations for DOD, I would have never guessed that my antenna theory would come to use for WLAN one day. • Position of the AP • As far away as possible from the unfriendly zone • Move it toward the centre of coverage zone if possible • Diffusion, Diffraction, Reflexion • Shield between you and remote • Type of antenna • Use a shield if necessary to direct waves • Use a cone shape to direct waves upward

  49. Defend Yourself – Fake AP Tool • Hide in the crowd • Generates thousand of fake AP • RedHat only • Prism2/2.5/3 based 802.11b cards • Currently in development • Very promising • Available at:http://www.blackalchemy.to/Projects/fakeap/fake-ap.html

  50. Defend Yourself – Locate the enemy • Electronic Warfare Techniques • Ekahau Positioning Engine (www.ekahau.com) • Find a device within 1 meter • Need three points at least for accuracy • Marketing potential as well • Show ads to people close to a store for example • Disallow access to people outside your area • Available now

More Related