1 / 24

Wireless Security Using WEP, WPA, and WPA2

Wireless Security Using WEP, WPA, and WPA2. By Johnathan Stump Marius Pettersen. Overview. RCA4 WEP Flaws WPA WPA2. RCA4-Description. Stream Cipher Used in SSL Simple Pseudorandom Key PRGA. PSGR.

mtannenbaum
Download Presentation

Wireless Security Using WEP, WPA, and WPA2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Wireless Security Using WEP, WPA, and WPA2 By Johnathan Stump Marius Pettersen

  2. Overview • RCA4 • WEP • Flaws • WPA • WPA2

  3. RCA4-Description • Stream Cipher • Used in SSL • Simple • Pseudorandom Key • PRGA

  4. PSGR • The lookup stage of RC4. The output byte is selected by looking up the values of S(i) and S(j), adding them together modulo 256, and then looking up the sum in S; S(S(i) + S(j)) is used as a byte of the key stream, K.

  5. RC4-Weaknesses • First bits in Keystream are biased • No Separate nonce • Possibly Hash to fix • Combinatorial Attack

  6. WEP-Description • Uses RC4 • 40 bit key with 24 bit initialization vector • Moved to 104 bit key with 24 bit IV • Standard from cryptography laws • Uses Hexadecimal format • 26 chars, 4x26 bits = 104 bits

  7. WEP-Encryption • Basic WEP Encryption: RC4 Keystream XORed with Plaintext

  8. WEP-Encryption

  9. WEP-Decryption

  10. WEP-Security Flaws • Key • 24 bit IV, repeated key • Single Shared Key • Very Easy to “Eavesdrop” • Easy as 1 minute of work sometimes

  11. Too Many Flaws? • What next?

  12. WPA (Wi-Fi Protected Access) • Constructed by Wi-Fi Alliance • Using RC4 encryption • EAP(Extended Authentication Protocol) • Michael (MIC) message integrity • Designed for use with 802.1X • More secure than WEP

  13. WPA Uses RC4 with 4 new features: • Extended 48-bit Initialization Vector (IV) and IV Sequencing Rules • A Message Integrity Code (MIC) • Key Derivation and Distribution • Temporal Key Integrity Protocol generates per-packet keys

  14. 1.Extended 48-bit IV and IV Sequencing Rules • A 48 bit vector increases the number of possible initialization vectors (2^48) and key/IV combinations. • Prevents reuse and collision of IV • Blocks weak IV’s • Implements advanced sequencing rules

  15. 2. Key derivation and Distribution • Password-Based Key Derivation version 2 • Derives keys using a Pseudorandom function to derive keys. Using a passphrase and a salt. • Keys are distributed • Using a four-way handshake • Using Pairwise Master Key, Client Random number, Client MAC, AP random number, AP MAC • Gives 4 values (Data encryption key, Data integrity key, Key exchange encryption key, Key exchange integrity key

  16. 3.Temporal Key Integrity Protocol generates per-packet keys • Synchronized changing of the unicast encryption key

  17. WPA encryption

  18. WPA decryption

  19. WPA2 WI-FI Alliance: http://www.wi-fi.org/knowledge_center/webcast-wpa-061103/

  20. WPA2 Integrity check (CBC)

  21. WPA2 Counter encryption

  22. WPA2 Encryption

  23. WPA2 Decryption

  24. References • WIKI Pedia (http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy) • WI-FI (http://www.wi-fiplanet.com/tutorials/article.php/1368661) • IEEE Std 802.11i™-2004 (http://standards.ieee.org/getieee802/download/802.1X-2001.pdf) • WI-FI protected Access Web cast (http://www.wi-fi.org/files/kc_17_WPA%20Web%20Cast_6-11-03.pdf) • Cracking Wi-Fi Protected Access(http://www.ciscopress.com/articles/article.asp?p=369221&seqNum=3&rl=1) • IEEE 802.11 Wireless LAN security with Microsoft Windows - white paper (http://www.microsoft.com/downloads/details.aspx?FamilyID=67fdeb48-74ec-4ee8-a650-334bb8ec38a9&displaylang=en)

More Related