280 likes | 562 Views
Wireless Network Security Comparison of WEP, WPA, RSN Protocols. By Rajanikanth Ragula CS Login: rragula. Introduction . Wireless LAN’s becoming popular. Fast, cost effective and flexible. Security became a critical issue. Wired Vs Wireless .
E N D
Wireless Network SecurityComparison of WEP, WPA, RSN Protocols By RajanikanthRagula CS Login: rragula
Introduction • Wireless LAN’s becoming popular. • Fast, cost effective and flexible. • Security became a critical issue.
Wired Vs Wireless • Way of transmitting data • Wired networks – tapping the media that is used for network communication. • Wireless network- air is the medium. Transmitted data via radio frequency can be accessed by equipment.
Need for security • Wireless networks are inherently less secure than traditional wired. • Any one within the range and right equipment can easily intercept the transmissions. • Security is challenging , most of them could be addressed
WEP • Wired Equivalent Privacy • Security scheme equivalent to wired network. • Practice shown that level of security offered by WEP hardly equivalent to wired LAN’s
Authentication • Open system • Shared Key
How WEP works • Each 802.11 packet is encrypted with RC4 cipher stream generated by a RC4 key. • 24 bit initialization vector and a 40bit WEP key. • Encrypted packet is generated with bitwise XOR of original packet and RC4 stream.
IV is chosen by the sender • Every packet won’t be encrypted with same IV. • 4 byte integrity check value(ICV) is computed • ICV also encrypted with the cipher stream.
flaws in key Scheduling • identifying a large number of weak keys, in which knowledge of a small number of key bits suffices to determine many state and output bits . • first byte generated by the RC4 leaks information about individual key bytes. • analyze WEP-encrypted packets - - reconstruct the secret key in WEP.
Weaknesses of WEP • Direct use of master key. • Small key size : key size is 40 bits. Major weakness. Lack of key management: keys tend to be long lived and poor quality. single WEP key shared between each node.
WEP’s RC4 implementation: weak keys. more correlation between the key and the output than there should be. Reused and small sized IV: 24bit long IV, 16 million combinations. busy network reuse becomes unavoidable.
Weakness of ICV algorithm not a good choice for cryptographic hash. attacker can modify the message and ICV to make it look authentic. WEP is found too far from an ideal security solution.
WPA • WI-Fi protected access • First security solution in 802.11 based networks. • More coverage due to technical failures in WEP
WPA Improvements • TKIP : Temporal Key Integrity Protocol. Scrambles the keys using hashing, adds integrity checking Fixes all security problems, no new hardware needed. 128 bit secret key(TK), 48 bit IV TK is shared, different RC4 key stream
User Authentication: • Uses Extensible Authentication Protocol. • In WEP access given based on the computer’s MAC • EAP is built more on public key encryption system.
Integrity: a new mechanism Message Integrity Code MIC is computed to detect errors in data contents. 64bit MIC is added to the data and the ICV.
New in WPA.. • Master keys are never directly used. • Hierarchy of keys used. More secure. • Secure key management • Very less chance of IV reuse (48 bit IV) • MIC – one in a million chance of guessing correct
Drawbacks • Keys generated from short passwords are subjected to dictionary attack • Passphrase above 20 characters is long and most people not willing to use.
RSN • Robust security network • For 802.11i devices • Advanced Encryption Standard for Encryption • 802.1x standard for access control.
RSN • Dynamic negotiation of authentic and encryption algorithms between access points and mobile devices. • expected to provide the robust security required for wireless environments. • RSN provides all the advantages of WPA in addition AES Implementation, CCMP
Conclusion • Wireless networks can be significant tool in increasing business productivity. • IT staff need to understand the security threats that wireless technology poses. • No system is unbreakable , presently we can completely rely on 802.11i
References • Wireless Network Security: Comparison of WEP, WPA, RSN Protocols: http://delivery.acm.org.proxy.lib.odu.edu/10.1145/1370000/1363229/a9-bulbul.pdf?key1=1363229&key2=9544984521&coll=ACM&dl=ACM&CFID=55274803&CFTOKEN=85070207