90 likes | 271 Views
802.11b Security. CSEP 590 TU Osama Mazahir. Introduction. Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern in wireless compared to wired network This requires data encryption mechanisms. Wired Equivalent Protocol (WEP).
E N D
802.11b Security CSEP 590 TU Osama Mazahir
Introduction • Packets are sent out into the air for anyone to receive • Eavesdropping is a much larger concern in wireless compared to wired network • This requires data encryption mechanisms
Wired Equivalent Protocol (WEP) • Single key is shared by all machines in network • Shared key is used to encrypt packets • RC4 stream cipher • 40-bit key + 24-bit initialization vector (IV) • IV sent in plaintext • To send plaintext packet P, you send: {IV, P RC4(K, IV)}
WEP issues • Optional deployment • IV changes in simply and predictably from one packet to the next • 24-bits is too small of a space • IV repeating allows for plaintext discovery • Checksum is not keyed • Attacker can create ciphertext and adjust checksum so that receiver accepts packet • Attacker can inject forged packets
Wi-Fi Protected Access (WPA) • Created as an interim solution while waiting for 802.11i • Subset of 802.11i • 128-bit key + 48-bit IV • Still uses RC4 stream cipher • 802.1X Authentication Server can be used to distribute different keys to each user
WPA (continued) • Temporal Key Integrity Protocol (TKIP) to thwart WEP key recovery attacks • Per-packet key mixing • Message integrity check • Hashed RC4 traffic key (re-keying) • Message Authentication Code (MAC) to prevent packet forgery • Frame Counter to prevent basic replay attacks
802.11i (WPA2) • Similar to WPA in many respects • AES block cipher • Robust Security Network (RSN) mechanism for algorithm/encryption selection • After authentication/association, a 4-way handshake is done in which a new Pairwise Transient Key (PTK) is established • PTK is used to for data packet transmission
Virtual Private Networks • Allows establishing a secure point-to-point channel across an untrusted/shared network • Nodes not in trusted LAN can VPN into trusted LAN • Requires end-user configuration • Not good for end-user roaming scenarios