330 likes | 827 Views
WLAN SECURITY. TEAM NAME : Crypto_5 TEAM MEMBERS: Rajini Ananthoj Srimani Reddy Gatla Ishleen Kour Pallavi Murudkar Deepagandhi Vadivelu. Agenda. WLAN and architecture Security issues faced in WLAN Basic security of WLAN solutions for WLAN security 802.1X
E N D
WLAN SECURITY TEAM NAME : Crypto_5 TEAM MEMBERS: Rajini Ananthoj Srimani Reddy Gatla Ishleen Kour Pallavi Murudkar Deepagandhi Vadivelu
Agenda • WLAN and architecture • Security issues faced in WLAN • Basic security of WLAN • solutions for WLAN security 802.1X EAP Authentication methods TKIP CCMP Intrusion prevention system Hardware solutions • Things you can do to secure your wireless network • Conclusion • References
WLAN and Architecture • WLAN: Linking of two or more computers without using wires which uses spread spectrum technology based on radio waves.
Basic security in WLAN SSIDs, WEP, and MAC Address Authentication: Service Set Identifiers: Prevents access by any client device that does not have the SSID. Open or shared-key authentication, static WEP key: Access point sends the client device a challenge-text packet which client must encrypt Media Access Control authentication: clients MAC address matches an address in an authentication table
Issues of WLAN Security • Ad- hoc Networks • Policy violation • Identify theft • Man in the middle attack • Denial of service attack
WEP Issues… • Uses RC4, a synchronous stream cipher • Does not provide mechanism for sharing Keys • Changing the Initialization Vector (IV) with each packet is optional • CRC-32 checksum used for message integrity is linear • Concatenates IV directly to the Pre- shared key to produce a key for RC4
What is wrong with 802.11 security • Binds itself to cryptographic algorithm • No security support for handshake • Pre- shared keys • One –way authentication • Wired equivalent privacy (WEP)
Wi-Fi Protected Access(WPA) • Interim interoperable standard created by Wi-fi alliance in response to weaknesses in Wired Equivalent Privacy (WEP) • Intermediate measure to take the place of WEP while 802.11i was prepared • Designed to work with all wireless network interface cards, but not all first generation wireless access points. • Goals of WPA • To address the issues with WEP encryption through a software upgrade • To provide a secure wireless networking solution for small office/home office (SOHO) wireless users • To be forward-compatible with the upcoming IEEE 802.11i standard
Features of WPA • WPA Authentication • Pre-shared key (PSK) • every user given the same pass-phrase • less secure • preferred for Personal mode - homes, small offices • IEEE 802.1X authentication • server distributes different keys to each user • enhanced security and authentication • preferred for enterprise mode - business, government, education
Encryption • RC4 stream cipher using 128-bit key, 48-bit IV • larger IV defeats Key recovery attack • Key Management • Temporal Key Integrity Protocol (TKIP) - dynamically changes encryption keys for each packet. • Payload Integrity • 8 Byte Message integrity code( MIC) • Calculated by algorithm called Michael • Between the payload of the 802.11 frame and the 4-byte ICV • MIC includes a frame counter to prevent replay attacks
Thus, WPA makes breaking into a Wireless LAN difficult by • Increasing the size of the keys and IVs • Reducing the number of packets sent with related keys • Adding a secure message verification system
IEEE 802.11i / WPA2 • An amendment to the 802.11, specifying security mechanisms for wireless networks • The draft standard was ratified on 24 June 2004 • adds stronger encryption, authentication, and key management strategies • makes use of the Advanced Encryption Standard (AES) block cipher instead of RC4 stream cipher. • the use of WPA2 needs firmware or driver support of the wireless host (router or access point) and the wireless client (adapter).
Components of WPA2 • 802.1X Port-Based Network Access Control – for authentication • Counter Mode with CBC-MAC Protocol (CCMP) – for confidentiality, integrity and origin authentication • Temporary Key Integrity Protocol (TKIP) (check) • 4-Way Handshake – for Encryption key distribution
IEEE 802.1X • 802.1X is an IEEE standard for port-based Network Access Control for LANs • For WLANs, it is based on the EAP, Extensible Authentication Protocol • Fullfills the security loopholes of access control, authentication and key management in 802.11 architecture • Contributes to a solution –RSN • The authentication is usually done by a third-party entity, such as a RADIUS server
802.1X Authentication and Access Control Client -Supplicant Access point -Authenticator
802.1X Key Management : Broadcast Key Rotation (BKR): • AP periodically broadcasts the WEP shared / root key • Mobiles creates session encryption keys by combining the IV with the broadcast root key • Larger key space: key-hopping cycles through IV space as well as the session key set • Message Integrity • A non-linear MIC prevents bit-flip attacks on encrypted packets. • Implemented on access point and client devices • Adds a few bytes to each packet to make the packets tamper-proof
EAP AUTHENTICATION METHODS • EAP-MD5: Requires username/password , does not provide dictionary attack resistance, mutual authentication, or key derivation • Lightweight EAP (LEAP): A username/password combination is sent to a Authentication Server (RADIUS) for authentication. • EAP-TLS: Creates a TLS session within EAP, between the Supplicant and the Authentication Server. Both the server and the client(s) need a valid (x509) certificate, and therefore a PKI. This method provides authentication both ways. • EAP-TTLS: Sets up a encrypted TLS-tunnel for safe transport of authentication data. Within the TLS tunnel, (any) other authentication methods may be used. • Protected EAP (PEAP): Uses, as EAP-TTLS, an encrypted TLS-tunnel. Supplicant certificates for both EAP-TTLS and EAP-PEAP are optional, but server (AS) certificates are required • EAP-MSCHAPv2: Requires username/password, and is basically an EAP encapsulation of MS-CHAP-v2 .Usually used inside of a PEAP-encrypted tunnel
TKIP - Temporal Key Integrity Protocol • RC4 stream cipher as in WEP • Keys used for encryption - 128-bit long • Keys used for authentication - 64 bit long • TKIP provides • Per-Packet Key Hashing to Mitigate "Weak IV" Attacks: Each time a wireless station associates to an access point, a new base key is created which is built by hashing base key with the IV. • Prevention of Collision attacks: Each packet transmitted using TKIP has a unique 48-bit serial number which incremented every time a packet is transmitted. This solves another problem in WEP, called "collision attacks," which can occur when the same key is used for two different packets.
CCMP (Counter Mode with CBC MAC Protocol) • CCMP uses the counter mode (CTR) for data confidentiality and the Cipher Block Chaining Message Authentication Code (CBC-MAC) for data integrity. • It uses the Advanced Encryption Standard (AES) algorithm with a 128-bit key and a 128-bit block size. • CCMP provides MIC protection over both the frame body and nearly the entire header in a MAC frame, which prevents an adversary from exploiting the MAC headers. • CCMP uses a 48-bit Packet Number (PN) to prevent replay attacks and construct a fresh nonce for each packet • Analysis suggests that once CCMP is implemented, an adversary will not able to break the data confidentiality and integrity without the knowledge of the key.
Dynamic Key Exchange and Management 802.11i - key derivation/management regime
IPS - Intrusion Prevention System • An intrusion prevention system is a computer security device that exercises access control to protect computers from exploitation. • IPS make access control decisions based on application content, rather than IP address or ports as traditional firewalls. • Access points acts as air monitors and data forwarding devices which allows access points to communicate real-time information about the wireless domain, including potential security threats to Wireless LAN controllers
Cisco Unified IDS/IPS • The Cisco Unified IDS/IPS is part of the Cisco Self-Defending Network and is the industry's first integrated wireline and wireless security solution. • When an associated client sends malicious traffic through the Unified Wireless network, the Cisco wireline IDS device detects the attack and sends shun requests to Unified WLAN controllers which will then disassociate the client device
Some other solutions • Smart cards • Beneficial in environments requiring authentication beyond simple username and password • User certificate and other information are stored on the cards • Portable - users can securely access their networks from various locations • VPN • Provides secure data transmission across public network infrastructures. • VPNs employ cryptographic techniques to protect IP information as it passes from one network to the next . • Use IPsec Protocol suite for ensuring private communications. • Biometrics • For agencies needing higher levels of security, biometrics such as fingerprint/palm-print scanners , optical scanner can be integrated with wireless smart cards
Things you can do to secure your wireless network. • Change the default Admin password on your Access Point • Check / Update the firmware for your Wireless Access Point and drivers for your Wireless Adapter. • Use the highest level of WEP/WPA (WPA2/802.11i strongly preferred) -- Use decent keys. • Authenticate wireless users with protocols like 802.1X, RADIUS, EAP (including EAP-PAX, EAP-PSK, EAP-TLS, EAP-TTLS, PEAP, and EAP-SIM). • Use strong encryption for all applications you use over the wireless network, e.g., use SSH and TLS/HTTPS. • Encrypt wireless traffic using a VPN (Virtual Private Network), e.g. using IPSEC or other VPN solutions.
Conclusion • The optimal security solution for WLAN involves a combination of security technologies. • A detailed threat risk assessment and analysis is essential to determine which security measures or combination of measures are the most effective.
References • en.wikipedia.org/wiki/Wi-Fi_Protected_Access • en.wikipedia.org/wiki/WPA2 • http://en.wikipedia.org/wiki/IEEE_802.1x • en.wikipedia.org/wiki/TKIP • http://www.networkworld.com/reviews/2004/1004wirelesstkip.html • http://tldp.org/HOWTO/html_single/8021X-HOWTO/#p8021x • www.wi-fiplanet.com/tutorials/article.php/953561 • www.drizzle.com/~aboba/IEEE/