1 / 17

Link-Layer Protection in 802.11i WLANs With Dummy Authentication Will Mooney, Robin Jha

Link-Layer Protection in 802.11i WLANs With Dummy Authentication Will Mooney, Robin Jha. WLAN Overview. Basic security Vulnerability WPA & WPA-PSK WEP 802.11 standards Issues with 802.11i Dummy Authentication Performance Conclusion. Wireless LAN components.

jedwin
Download Presentation

Link-Layer Protection in 802.11i WLANs With Dummy Authentication Will Mooney, Robin Jha

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Link-Layer Protection in 802.11i WLANs With Dummy Authentication Will Mooney, Robin Jha

  2. WLAN Overview Basic security Vulnerability WPA & WPA-PSK WEP 802.11 standards Issues with 802.11i Dummy Authentication Performance Conclusion

  3. Wireless LAN components Access point (AP) = bridge between wireless (802.11) and wired (802.3) networks Wireless station (STA) = PC or other device with a wireless network interface card (NIC) RADIUS = Authentication Server EAP= Extensible Authentication Protocol CCMP= Encryption based on AES counter mode with CBC-MAC

  4. WLANs WLANs are vulnerable to specialized attacks. Many of these attacks exploit technology weaknesses since 802.11 WLAN security is relatively new. There are also many configuration weaknesses since some companies are not using the security features of WLANs on all their equipment.

  5. Vulnerability Some of the known wireless attack methods : Access attack Denial of Service (DoS) - logical attacks with spoofed signaling, signal jamming SSID(network name) sniffing WEP encryption key recovery attacks MAC address spoofing Rogue AP attacks- unauthorized ingress routes may bypass firewall

  6. Open-Access Network Open to everyone Requires no authentication Provides no protection Vulnerable to fingerprinting, traffic analysis and eavesdropping

  7. WEP WEP is “Wired Equivalent Privacy” or “Wireless Encryption Protocol” It is the original wireless security protocol for the 802.11 standard Based on the use of the same shared private encryption key (or limited set of rotating keys) among all stations on a WLAN. Discovered recently that it is easy to decrypt if part of the key is known

  8. WPA The Wi-Fi Alliance released WPA (Wi-Fi Protected Access) intended to address some of the flaws. The WPA solution addressed two critical shortfalls of the original WEP-based security standard: Design weakness in the WEP protocol Lack of an effective key distribution method

  9. WPA Uses 802.1x (EAP) for authentication Adds MIC (Message integrity check) and frame counter Two modes: PSK and Enterprise PSK (Pre-Shared Key) suffers from similar key-management difficulties to WEP Enterprise Mode requires a RADIUS server

  10. What is 802.11? Refers to the family of specifications developed by the IEEE for wireless LAN technology. It specifies an interface between a wireless client and a base station or between two clients connected wirelessly.

  11. Dummy Authentication 1. The STA sends a request with its MAC address 2. The AP creates a ticket containing the STA's MAC address, a time stamp, a validity period, and a hash of those three things using its private key. This is sent with the AP's MAC address, a status code, and certificate.

  12. Dummy Authentication (Cont.) 3. The computer validates the certificate and stores the ticket with AP's public key. Computer generates a random number and pre-session key, encrypts with AP's public key, and sends the AP its MAC address, ticket, random number, and the pre-session key encrypted with the random number. 4. AP verifies the ticket by the MAC address and checks that it is still in the validity period. If so, it sends back its MAC address, status code, and an encrypted pre-session key.

  13. Dummy Authentication (Concluded) 5. If successful, then the pre-session key is used in communications. Otherwise, the process begins again.

  14. Purpose of the Ticket Reusable within validity period Does not require storage resources of AP Allows for a symmetric operation Binds to the MAC address and prevents replay attacks

  15. Results There seemed to be a lack of testing The “quantifiable” results: • Spoke of different attacks (flooding the AP at different points) and said they “believed our method can resist this attack”

  16. What We Learned Link layer protection in wireless networks Basic information on wireless security we often use How different attacks are performed on a wireless network How NOT to test your project

  17. Sources • Yang, Zhimin, Adam C. Champion, Boxuan Gu, Xiaole Bai, and Dong Xuan. "Link-Layer Protection in 802.11i WLANs with Dummy Authentication." WiSEC (2009): 1-8. Print.

More Related