1 / 21

Evolution of Wireless LAN Security Standards

Evolution of Wireless LAN Security Standards Bo Li Daniel Menchaca Harold Lee Narendra Kamat Outline Why security? Demo (hopefully answers the above) Wired Equivalent Privacy and flaws VPN 802.1x and design flaws 802.11i (anticipated) Conclusions and recommendations

johana
Download Presentation

Evolution of Wireless LAN Security Standards

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Evolution of Wireless LAN Security Standards Bo Li Daniel Menchaca Harold Lee Narendra Kamat

  2. Outline • Why security? • Demo (hopefully answers the above) • Wired Equivalent Privacy and flaws • VPN • 802.1x and design flaws • 802.11i (anticipated) • Conclusions and recommendations

  3. Purposes of network security • Four main purposes: • Secrecy (or confidentiality): Encryption of information • Secrecy of the cryptographic algorithm (restricted algorithm) • The cryptographic algorithm is not a secret, but the key is. • Authentication: Verification of identity of participants • Message integrity: Assurance that message received was not altered • Non-repudiation: Deniable sending of a message not possible

  4. Security… • “Somebody else’s job!” • “But only people with a UT EID can connect to this Wireless LAN” • “Isn’t there some sort of… encryption?”

  5. A Demo • The Cast: • Typical wireless Laptop User (you?) • Typical unskilled hacker (me, for this demo!) • Typical unprotected WLAN (ENS) • Attacking wireless laptop* :promiscuous mode * Courtesy Network Engineering Lab (Prof. Bill Bard)

  6. The Next Step…WEP • Encryption. • Initial idea: Wired Equivalent Privacy (WEP) • An implementation of RC4: a commercial stream-cipher • C = (M+c(M)) XOR RC4(IV,k) • Integrity: • 32-bit integrity check vector (CRC) • Authentication: • Open System (!) • Shared Key (40-bit challenge/response)

  7. Secure? Not quite… • k is 40 (recently, 104 bits), infrequently changed • IV can be seen by everyone • IV space is small (24 bits) • C1 = P1 XOR RC4(IV, k) • C2 = P2 XOR RC4(IV, k) • C1 XOR C2 = P1 XOR P2. • IV changed on per-packet basis. • IV collision: 24-bit IV, exhausted in a few hours.

  8. IEEE 802.1x • Provides an architecture for authenticity methods • Simplicity • Simple transport for EAP messages • Runs over all 802 LANs • Inherits EAP (Extensible Authentication Protocol) architecture • Provides port-based network access control • Network port: An association between a Station and an AP • Provides dynamic key management

  9. 802.1x Set Up

  10. IEEE 802.1x Check List • Improvement over WEP • Authentication • Dynamic key management • MAC access control • 802.1x issue • No encryption specification, vendors may keep WEP

  11. Authentication Server Access Point LAN 802.11 Access Point 802.11 Supplicant Known Design Flaw- MITM Attack • An attacker acts as an AP to supplicant and as client to the AP (authenticator) • Reason: lack of mutual authentication • One way authentication of the supplicant to AP • An attacker can get all network traffic from supplicant to pass through it

  12. Other Known Design Flaws • Session Hijacking • Lack of clear communication between RSN and 802.1x state machines and message authentication • Denial of Service • 802.1x enables per-user session keys, but no keyed message integrity check in 802.11

  13. Solutions • Per-packet authentication • Authentication and integrity of EAP messages • Peer-to-peer authentication • Symmetric authentication • Scalable authentication • Adopt strong encryption algorithms • Luckily, 802.11i modified 802.1x

  14. Upper Layer Authentication (ULA) EAP-TLS, PEAP, EAP-TTLS, LEAP 802.1x authentication TKIP (Temporal Key Integrity Protocol) CCMP (Counter mode CBC-MAC Protocol) Encryption Algorithms IEEE 802.11i • 802.11i proposed architecture • 802.1x • Robust authentication • Key distribution • TKIP (upgrade path) • Fixes WEP issues • Backward compatible • CCMP (Mandatory) • Advanced Encryption Standard (AES) • Privacy, integrity

  15. 802.11i Data Transfer Requirements • Never send or receive unprotected data • Message origin authenticity-prevent forgeries • Sequence packets-detect replays • Protect source and destination addresses • Use one strong cryptographic primitive for both confidentiality and integrity

  16. More 802.11i Features • Pre-authentication and roaming • PEAP and legacy authentication support • Pre-shared key without authentication • Ad hoc networks • Home networks • Password-to-Key mapping • Home networks • Random number generation • High quality pseudo-random number generator is required of cryptographic applications

  17. IEEE 802.11i Checklist • New 802.11i data protocols provide confidentiality, data origin authenticity, replay protection • Fresh key is generated on every session • Key management delivers keys used as authorization tokens, proving channel access in authorized • Architecture ties keys to authentication

  18. Is 802.11i Our Final Solution? • Time will prove it !!

  19. Conclusions • No solution/protocol is completely secure, at least not for long • Hacking techniques improved, standards have to keep pace, and evolve continuously • Lessons from previous standards • Wired solutions implemented in a wireless environment • Partial solution cannot work

  20. Recommendations • Use of strong cryptographic primitives • Tradeoff between speed and security • Hardware support for encryption • Dynamic key management • Mutual authentication • Complexity vs. manageability

  21. Q & A

More Related