230 likes | 351 Views
Applied Communications Technology Wireless Mobile Security. “20% of enterprise CIOs had found unsecured access points on their network.”. 50% of all network breaches start with Wi-Fi.
E N D
Applied Communications TechnologyWireless Mobile Security “20% of enterprise CIOs had found unsecured access points on their network.” 50% of all network breaches start with Wi-Fi “Nearly one out of every two recorded digital attacks are now taking place via the wireless route as opposed to one out of every ten, at the start of 2004.” • Overview of needs • Wireless security • Attack types • GSM and UTMS security • Bluetooth
Why is security more of a concern in wireless? Slide 2 • No inherent physical protection • Broadcast communications • Eavesdropping is easy with a modified phone • Impersonation of user’s signals and/or user data to the network • Impersonation of the network, looks like genuine network • Illegitimate access to the network and its services is easy • Denial of service is easily achieved by jamming
Wireless Security Slide 3 Pain points: “Air” is now a part of corporate networks. It must be monitored! RF signals can leak out of your office premises Invisible network. Hard to manage what you cannot see “No Wi-Fi” policy keeps my network safe (yeah, right…) 2.4GHz is license free, unregulated medium Firewalls, VPNs, Wired Intrusion Detection systems are not sufficient New stringent regulatory compliance
Wireless security requirements Slide 4 • Confidentiality : encrypt messages • Authenticity: verify origin of messages • Replay detection: check freshness of messages • Verify message integrity - possible to modify messages on-the-fly (during radio transmission) • Access control • access to network services only for “legitimate entities” • access control should be constantly reapplied • Not enough to check when a user joins the network • Or when logical associations are established • Logical associations can be hijacked at any time • Protection against jamming
Balancing Security and Access Slide 5 Careful management of security policies is needed to maintain the balance between transparent access and use and the network security
WLAN Security Wheel Always have a good WLAN Security Policy in place. Secure the network based on the policy Slide 6
Vulnerabilities Slide 7 • Configuration • Default, common or shared passwords • Unneeded services enabled • Few or no filters – router setup, file permissions etc. • Poor device maintenance • Policy • Weak security policy (or no explicit security policy) • Poorly enforced policy • Physical access unrestricted or unsecured • Poor or no monitoring – logs, CCD, reporting • Technology • TCP/IP – spoofing • WEP and Broadcast SSID – relatively easy to break • Association process – connection hand-shake spoofing • Wireless Interference
WLAN Security Attacks Slide 8 • Reconnaissance • unauthorized discovery (information gathering ) and mapping of systems, services, or vulnerabilities • usually precedes an actual access or DoS attack. • Access • Usually involves running a script and/or “social engineering” • Intruder attempts to gain access to a device for which he does not have an account or password • Denial-of-Service • an attacker disables or corrupts the network with the intent of denying the service to authorized users
WLAN Security Issues The “Rogue” Access Point The “Parking Lot” Attacker Slide 9
WLAN Security Considerations No Encryption Traffic Encryption Web Browsing HTTP HTTPS File Transfer SCP TFTP or FTP Email POP3 or SMTP SPOP3 Remote Mgmt Telnet SSH Slide 10 • Authentication – only authorized users and devices should be allowed. • Administration Security – only authorized users should be able to access the AP configuration interfaces • Encryption – traffic should be protected from unauthorized access. • FTP, HTTP, POP3, and SMTP are insecure and should be avoided whenever possible. Utilize protocols with encryption.
Wireless LANs Security Slide 11 • MAC address filtering • Encryption is the method which will give the best level of security • If companies wish to use the technology they will want a level of knowledge that only the recipient can read the data and the non-repudiation of the packets sent • Encryption Algorithms • WEP, WPA, WPA2
Admin Authentication on AP Slide 15 • To prevent unauthorized access to the AP configuration interfaces: • Configure a secret password for the privileged mode access. (good) • Configure local usernames/passwords. (better) • Configure AP to utilize a security server for user access. (best) • SSID Stealth • In this mode, the Access point does not reveal its identity to probe requests from stations • This provides a primitive level of “security by obscurity” • Access Control Lists • The AP maintains a list of MAC addresses of trusted stations and requests from other MAC addresses are ignored
WLAN Security Hierarchy Enhanced Security Open Access Basic Security 802.1x, KIP/WPA Encryption, Mutual Authentication, Scalable Key Mgmt., etc. 40-bit or 128-bitStatic WEP Encryption No Encryption, Basic Authentication Public “Hotspots” Home Use Business Business Traveler, Telecommuter VirtualPrivateNetwork (VPN) Remote Access Slide 16
Attacker Capabilities Slide 17 • Man-in-the-middle • This is the capability whereby the intruder puts himself in between the target user and a genuine network and has the ability to eavesdrop, modify, delete, re-order, replay, and spoof signalling and user data messages exchanged between the two parties. • Network Authentication Compromise • The intruder possesses a compromised authentication vector (challenge-response pairs, cipher keys, integrity keys, etc.) • For his attacks the intruder requires a modified Mobile Station (MS) and/or a modified Base Station (BS)
Identity catching Slide 19 • Mobile users are identified by temporary identities, but there are cases where the network requests the user to send its permanent identity in clear text • Passive identity catching • The attacker with a modified MS waits passively for a new registration or a database crash as in such cases the user is requested to send its identity in clear text. • Active identity catching • In this case, the attacker with a modified BS entices the user to camp on his BS and then asks him to send his International Mobile Subscriber Identity (IMSI)
Impersonation of User Slide 20 • By the use of a compromised authentication vector • By the use of an eavesdropped authentication response • Hijacking outgoing calls in networks with encryption disabled • Hijacking outgoing calls in networks with encryption enabled • Hijacking incoming calls in networks with encryption disabled • Hijacking incoming calls in networks with encryption enabled • If you have a user’s authentication details you can send a message as them, even if it’s a temporary authentication
Impersonation of the network Slide 21 • By suppressing encryption between the target user and the intruder: An attacker with a modified BS entices the user to camp on his false BS and when the service is initiated, the intruder does not enable encryption. • By suppressing encryption between the target user and the true network: During call setup the ciphering capabilities of the MS are modified by the intruder and it appears to the network that there is genuine mismatch of the ciphering and authentication algorithms. After this the network may decide to establish an un-enciphered connection: The intruder cuts the connection and impersonates the network to the target user. • By forcing the use of a compromised cipher key: The attacker with a modified BS/MS and a compromised authentication vector entices the user to setup a call while camped on his false BS/MS. The attacker then forces the use of a compromised cipher key.
Intro to Mobile Phone Security Slide 22 • The original first generation analogue mobile systems employed a simple electronic serial number to confirm that the terminal should be allowed access to the service. • It was not long before the protection afforded to this number was broken. • Second generation systems such as GSM were designed from the beginning with security in mind. • The Home Environment operator can control the use of the system by the provision of the Subscriber Identity Module (SIM) which contains a user identity and authentication key.
GSM Security Features Slide 23 • Authentication • network operator can verify the identity of the subscriber making it infeasible to clone someone else’s mobile phone • challenge-response authentication protocol • encryption of the radio channel • Confidentiality • protects voice, data and sensitive signalling information (e.g. dialled digits) against eavesdropping on the radio path • encryption of the radio channel • Anonymity • protects against someone tracking the location of the user or identifying calls made to or from the user by eavesdropping • use of temporary identities
GPRS Encryption Slide 28 • Differences compared with GSM circuit-switched • Encryption terminated further back in network • Encryption applied at higher layer in protocol stack • Logical Link Layer (LLC) • New stream cipher with different input/output parameters • GPRS Encryption Algorithm (GEA) • GEA generates the keystream as a function of the cipher key and the ‘LLC frame number’ - so the cipher is re-synchronised to every LLC frame • LLC frame number is very large so keystream repeat is not an issue
Bluetooth Slide 31 • Short-range communications, master-slave principle • Eavesdropping is difficult: • Frequency hopping • Communication is over a few metres only • Security issues: • Authentication of the devices to each other • Confidential channel • based on secret link key
Conclusion Slide 33 • Wireless and mobile security issues concentrate on the Integrity, confidentiality and authentication of the networks and users. • Access and use of service to avoid or reduce a legitimate charge. • Location privacy: unique to mobile networks. • Mobile devices: • Limited resources • Lack of physical protection • Roaming of users across different networks
Drive-by Cracking Slide 34