Wireless Security 802 11 RFID WTLS SMU CSE
- Slides: 35
Wireless Security 802. 11, RFID, WTLS SMU CSE 5349/7349
802. 11 • 802. 11 a, b, … • Components – Wireless station • A desktop or laptop PC or PDA with a wireless NIC. – Access point • A bridge between wireless and wired networks – Radio – Wired network interface (usually 802. 3) – Bridging software • Aggregates access for multiple wireless stations to wired network. SMU CSE 5349/7349
802. 11 modes • Infrastructure mode – Basic Service Set • One access point – Extended Service Set • Two or more BSSs forming a single subnet. – Most corporate LANs in this mode. • Ad-hoc mode (peer-to-peer) – Independent Basic Service Set – Set of 802. 11 wireless stations that communicate directly without an access point. • Useful for quick & easy wireless networks. SMU CSE 5349/7349
Infrastructure mode Access Point Basic Service Set (BSS) – Single cell Station Extended Service Set (ESS) – Multiple cells SMU CSE 5349/7349
Ad-hoc mode Independent Basic Service Set (IBSS) SMU CSE 5349/7349
Open System Authentication • Service Set Identifier (SSID) • Station must specify SSID to Access Point when requesting association. • Multiple APs with same SSID form Extended Service Set. • APs broadcast their SSID. SMU CSE 5349/7349
MAC Address Locking • Access points have Access Control Lists (ACL). • ACL is list of allowed MAC addresses. – E. g. Allow access to: • 00: 01: 42: 0 E: 12: 1 F • 00: 01: 42: F 1: 72: AE • 00: 01: 42: 4 F: E 2: 01 • But MAC addresses are sniffable and spoofable. • Access Point ACLs are ineffective control. SMU CSE 5349/7349
Interception Range Station outside building perimeter. tres 100 me Basic Service Set (BSS) – Single cell SMU CSE 5349/7349
Interception • Wireless LAN uses radio signal. • Not limited to physical building. • Signal is weakened by: – Walls – Floors – Interference • Directional antenna allows interception over longer distances. SMU CSE 5349/7349
Directional Antenna • Directional antenna provides focused reception. • D-I-Y plans available. – Aluminium cake tin. – 11 Mbps at 750 meters. – http: //www. saunalahti. fi/~elepal/antennie. html SMU CSE 5349/7349
802. 11 b Security Services • Two security services provided: – Authentication • Shared Key Authentication – Encryption • Wired Equivalence Privacy SMU CSE 5349/7349
Wired Equivalence Privacy • Shared key between – Stations. – An Access Point. • Extended Service Set – All Access Points will have same shared key. • No key management – Shared key entered manually into • Stations • Access points • Key management a problem in large wireless LANs SMU CSE 5349/7349
RC 4 Refresher: – RC 4 uses key sizes from 1 bit to 2048 bits. – RC 4 generates a stream of pseudo random bits • XORed with plaintext to create ciphertext. SMU CSE 5349/7349
WEP – Sending • Compute Integrity Check Vector (ICV). – Provides integrity – 32 bit Cyclic Redundancy Check. – Appended to message to create plaintext. • Plaintext encrypted via RC 4 – Provides confidentiality. – Plaintext XORed with long key stream of pseudo random bits. – Key stream is function of • 40 -bit secret key • 24 bit initialisation vector (more later) • Ciphertext is transmitted. SMU CSE 5349/7349
Initialization Vector • IV must be different for every message transmitted. • 802. 11 standard doesn’t specify how IV is calculated. • Wireless cards use several methods – Some use a simple ascending counter for each message. – Some switch between alternate ascending and descending counters. – Some use a pseudo random IV generator. SMU CSE 5349/7349
WEP Encryption Initialisation Vector (IV) Secret key IV || Seed PRNG Key Stream Plaintext 32 bit CRC Cipher text || ICV Message SMU CSE 5349/7349
WEP – Receiving • Ciphertext is received. • Ciphertext decrypted via RC 4 – Ciphertext XORed with long key stream of pseudo random bits. • Check ICV – Separate ICV from message. – Compute ICV for message – Compare with received ICV SMU CSE 5349/7349
Shared Key Authentication • When station requests association with Access Point – AP sends random number to station – Station encrypts random number • Uses RC 4, 40 bit shared secret key & 24 bit IV – Encrypted random number sent to AP – AP decrypts received message • Uses RC 4, 40 bit shared secret key & 24 bit IV – AP compares decrypted random number to transmitted random number SMU CSE 5349/7349
Security - Summary • Shared secret key required for: – Associating with an access point. – Sending data. – Receiving data. • Messages are encrypted. – Confidentiality. • Messages have checksum. – Integrity. • But SSID still broadcast in clear. SMU CSE 5349/7349
Security Attacks • Targeted network segment • Malicious association • Interference Jamming • Attack against MAC authentication • Vulnerability through ad hoc mode – Free Internet – Malicious use of identity – Access to other network resources – Host AP – Easy to jam the signals – DOS through repeated, albeit unsuccessful access requests (management messages are not authenticated. Egs. Wlan-jack) – Do. S through disassociation commands – Interference with other appliances (2. 4 G spectrum) SMU – Can spoof MAC with loadable firmware – Defense? CSE 5349/7349
802. 11 Insecurities • Authentication – two options – Open – Shared-key more insecure? • Static key management – If one device is compromised/stolen, everyone should change the key – Hard to detect • WEP keys – 40 or 128 can be cracked in less than 15 minutes SMU CSE 5349/7349
IV Collision attack • If 24 bit IV is an ascending counter, – If Access Point transmits at 11 Mbps, IVs exhausted in roughly 5 hours. • Passive attack: – Attacker collects all traffic – Attacker could collect two encrypted messages: • If two messages EM 1, EM 2, both encrypted with same key stream ( same key and same IV) • EM 1 EM 2 = M 1 M 2 • Effectively removes the key stream • Can now try to derive plaintext messages SMU CSE 5349/7349
Limited WEP keys • Some vendors allow limited WEP keys – User types in a password – WEP key is generated from passphrase – Passphrases creates only 21 bits of 40 bit key. • Reduces key strength to 21 bits = 2, 097, 152 • Remaining 19 bits are predictable. • 21 bit key can be brute forced in minutes. SMU CSE 5349/7349
Brute Force Key Attack • Capture ciphertext. – IV is included in message. • Search all 240 possible secret keys. – 1, 099, 511, 627, 776 keys – ~200 days on a modern laptop • Find which key decrypts ciphertext to plaintext. SMU CSE 5349/7349
128 bit WEP • Vendors have extended WEP to 128 bit keys. – 104 bit secret key. – 24 bit IV. • Brute force takes 10^19 years for 104 -bit key. • Effectively safeguards against brute force attacks. SMU CSE 5349/7349
IV weakness • WEP exposes part of PRNG input. – IV is transmitted with message. • Initial keystream can be derived – TCP/IP has fixed structure at start of packets • Attack is practical. • Passive attack. – Non-intrusive. – No warning. SMU CSE 5349/7349
Wepcrack • First tool to demonstrate attack using IV weakness. – Open source • Three components – Weaker IV generator. – Search sniffer output for weaker IVs & record 1 st byte. – Cracker to combine weaker IVs and selected 1 st bytes. SMU CSE 5349/7349
Airsnort • Automated tool – – – SMU Does it all! Sniffs Searches for weaker IVs Records encrypted data Until key is derived. CSE 5349/7349
Safeguards • • Security Policy & Architecture Design Treat as untrusted LAN Discover unauthorised use Access point audits Station protection Access point location Antenna design SMU CSE 5349/7349
Wireless as Untrusted LAN • Treat wireless as untrusted. – Similar to Internet. • Firewall between WLAN and Backbone. • Extra authentication required. • Intrusion Detection – WLAN / Backbone junction. • Vulnerability assessments SMU CSE 5349/7349
Discover Unauthorised Use • Search for unauthorised access points or ad-hoc networks • Port scanning – For unknown SNMP agents. – For unknown web or telnet interfaces. • Warwalking! – – SMU Sniff 802. 11 packets Identify IP addresses Detect signal strength May sniff your neighbours… CSE 5349/7349
Location of AP • Ideally locate access points – In centre of buildings. • Try to avoid access points – By windows – On external walls – Line of sight to outside • Use directional antenna to “point” radio signal. SMU CSE 5349/7349
IPSec VPN • IPSec client placed on every PC connected to the WLAN • Filters to prevent traffic from reaching anywhere other than VPN gateway and DHCP/DNS server • Can combine user authentication also SMU CSE 5349/7349
IEEE 802. 11 i • A new framework for wireless security – Centralized authentication – Dynamic key distribution – Will apply to 802. 11 a, b & g • Uses 802. 1 X as authentication framework – Extensible Authentication Protocol (EAP), RFC 2284 (EAP -TLS & LEAP) – Mutual authentication between client and authentication server (RADIUS) – Encryption keys dynamically derived after authentication – Session timeout triggers reauthentication SMU CSE 5349/7349
802. 11 i – Encryption Enhancements • Temporal Key Integrity Protocol (TKIP) – – RC 4 still used Per-packet keys Hash functions for MIC instead of CRC 32 Only firmware upgrade required • AES – AES cipher replaces RC 4 – Will require new hardware SMU CSE 5349/7349
802-11-wireless-security
Wireless datagram protocol in mobile computing
Application of mobile ip
Bridges from 802.x to 802.y
Bridges from 802.x to 802.y
Wireless security in cryptography
Wireless lan 802
Gast 802 11 wireless networks "torrent"
Telecommunications the internet and wireless technology
Privatesecurity
Border security using wins
Wlan network
Wireless security threats
Wireless security training
Wireless security threats and vulnerabilities
Wireless transport layer security
Smu actuarial science
Smu motto
Perisian smu
Smu dsa
Smu notebook tender
Goh jing rong smu
Handshake session
Smu handshake
Smu student senate
Smu handshake
Smu geothermal
Paul dixon smu
Smu purchasing
Smu accounts payable
Quadrillion on your
Rfid seminar
Rfid tool tracking
Rfid technology applications
Rfid definition supply chain
Controllo inventory rfid
