Wireless Technology and Security

1. Wireless Technology and Security April 9, 2003 Justin Mencl CIS 492

2. Overview • Current Wireless Technology • Infrared, Bluetooth, Wi-Fi • Security Issues • Concerns • Problem with WEP • Resources

3. IrDA • Infrared (IrDA) • Uses beams of light  line of sight communication • Data broadcast in straight line, 30° cone • User intervention required

4. Bluetooth • Short range wireless technology • Operates on unlicensed 2.4GHz radio frequency • Uses Frequency Hopping Spread Spectrum (FHSS) • Supported by more than 50 major companies • 3COM • Microsoft • Ericsson • Nokia

5. Bluetooth (cont.) • Devices • Access Points • Keyboard/Mice • Car Stereos, Hands Free Kits • Advantages • Inexpensive – small radio module • Ease of use – automatic connection between device

6. Wi-Fi • Most popular wireless LAN solution • Specified by IEEE 802.11 • Includes 802.11a, 802.11b, 802.11g • Also uses radio frequencies – 2.4GHz and 5Ghz • Uses Direct Sequence Spread Spectrum (DSSS)

7. Wi-Fi Flavors • IEEE 802.11b • Most popular flavor • Uses 2.4Ghz, 11 Mbps, Range of 1000 ft • IEEE 802.11a • Uses 5GHz frequency, 54 Mbps • Reduced range  More access points needed • IEEE 802.11g • Uses 2.4GHz – backward compatible with 802.11b • 54 Mbps

8. Wireless Security • IrDA – minimal security concerns • Bluetooth • Uses stream cipher E0, more secure than Wi-Fi • Uses different keys for encryption and authentication • Wi-Fi • Uses stream cipher RC4(v, k) • Uses same keys for encryption and authentication

9. Wi-Fi Security Concerns • Wired Equivalency Protocol (WEP) • Used to encrypt data • WEP implementation • Secret key to encrypt packets before sending • Integrity Check before receiving packets

10. WEP Algorithm* • Sender and receiver share secret key k • Compute checksum c(M) • Pick Init Vector v, generate keystream RC4(v, k) • XOR <M, c(M) > and keystream  ciphertext • Transmit ciphertext • Use transmitted v and shared k to get keystream RC4(v, k) • XOR ciphertext with RC4(v, k) to get <M’, c’> • Check if c’=c(M’) • If so, accept M’ as message transmitted * Taken from “Security Of The WEP Algorithm”, UC Berkeley

11. WEP Pictorially

12. Problems With WEP • Uses cipher stream – RC4(v, k) • Inherit security risk when using cipher streams: • You must NEVER encrypt two messages with same keystream • Keystream is RC4(v, k) which depends only on v, k • k is fixed shared secret that changes rarely, if ever • v is 24 bit value  only 2^24 values == 16 million • So after 16 million packets, you have to repeat a v value • Repeated v, same k  repeated keystream

13. Other Problems… • Passive attacks to decrypt traffic based on statistical analysis. • Active attack to inject new traffic from unauthorized mobile stations, based on known plaintext. • Active attacks to decrypt traffic, based on tricking the access point. • Dictionary-building attack that, after analysis of about a day's worth of traffic, allows real-time automated decryption of all traffic

14. WEP Fixes • Need both of the following: • Long Init Vector v that never repeats for the lifetime of the shared secret • Stong Message Authentication Code in replace of the CRC which depends on key k and Init Vector v • Again, BOTH need to be done!

15. Is WEP Secure??? • Don’t rely solely on WEP for security • KSU CNS does!!! • CIS Department does not • Wireless Best Practices • Treat wireless network as a public network • Put wireless network OUTSIDE your firewall • Use VPN, IPSec, ssh

16. Resources • Wireless Technology • http://www.bluetooth.org • http://www.acsac.org/2002/case/wed-c-330-Innella.pdf • http://www.ieee802.org • Security of the WEP Algorithm, UC Berkeley • Nikita Borisov, Ian Goldberg, and David Wagner • http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html • http://www.cypherpunks.ca/bh2001