Department of Computer Science Southern Illinois
Download
Report
Transcript Department of Computer Science Southern Illinois
Department of Computer Science
Southern Illinois University Carbondale
Wireless and Network Security
Lecture 9: IEEE 802.11 Security - 2
Dr. Kemal Akkaya
E-mail: [email protected]
Kemal Akkaya
Wireless & Network Security
1
How about using Virtual Private Networking
(VPN) for better Security?
Deploying a secure VPN over a wireless network can
greatly increase the security of your data
Idea behind this is to treat the wireless network the
same as an insecure wired network (the internet).
Any user get authenticates through a server
Can use the network as if he/she is on the network
Campus network, business etc.
Not a good solution:
Overhead
Deployment
Performance
Susceptible to denial of service (DOS) attacks, along with any attack
against the specific VPN
Kemal Akkaya
Wireless & Network Security
2
Solutions for better IEEE 802.11 Security
IEEE 802.1x
Per-user authentication
Key distribution mechanism
Wi-Fi Protected Access (WPA)
802.1x
WPA
802.11i
Proposed in 2003
Subset of 802.11i
Two forms:
802.1x + EAP + TKIP + MIC
Pre-shared Key + TKIP + MIC
IEEE 802.11i – WPA2
802.1x + EAP + AES + CCM
But WEP is still in wide use
Kemal Akkaya
Wireless & Network Security
3
IEEE 802.1X
802.1X is a port-based, layer 2 (MAC address layer)
authentication framework on IEEE 802 networks.
Uses EAP (Extensible Authentication Protocol) for
implementation
It works along with the 802.11 protocol to manage
authentication for WLAN clients
Centralized authentication
All clients go through APs
Interoperability: Can work along with NICs running WEP
Three main components:
Supplicant
Authenticator
Authentication Server
Kemal Akkaya
Wireless & Network Security
4
IEEE 802.1X Authentication Process
Client makes an association with AP
AP places client in an unauthenticated holding
area; AP sends an authentication request to
client
Client sends user ID to AP, which forwards it to
server
Server sends challenge via AP to client
Challenge type up to vendor
Secret info is not sent over air in plaintext
Client responds to challenge
Server verifies response, provides fresh session
keys
Kemal Akkaya
Wireless & Network Security
5
IEEE 802.1X Authentication Process
Authentication session
Client
Auth Server
AP
“RADIUS”
Let me in!
What’s your ID?
ID = [email protected]
Is [email protected] OK?
Prove to me that you are
[email protected]
The answer is “xxx”
EAP Challenge/
Authentication
Let him in. Here is the session key.
Come in. Here is the session key.
network
http://www.yahoo.com
Kemal Akkaya
Encrypted
session
Wireless & Network Security
6
WPA (Wi-Fi Protected Access)
Pre-standard subset of IEEE 802.11i
Interim solution to run on existing wireless hardware
Uses Temporal Key Integrity Protocol (TKIP) for data
encryption and confidentiality
On October 31, 2002, the Wi-Fi Alliance endorsed TKIP under the
name Wi-Fi Protected Access (WPA).
TKIP Changes
Still uses RC4, 128 bits for encryption
Key mixing function for combining the secret root key with the IV
Merely concatenation in WEP
Provisions for changing base keys
Secret part of encryption key changed in every packet
Avoids weak keys
IV acts as a sequence counter
Starts at 0, increments by 1
Against replay attacks
Packets received out of order will be rejected by the AP
Kemal Akkaya
Wireless & Network Security
7
WPA Changes for Integrity
Includes Michael: a Message Integrity Code (MIC)
64 bits
Replaces the CRC
Different keys for MIC and encryption
Observer cannot create new MIC to mask changes to data
Computationally Efficient
Increases IV from 24 bits to 64 bits
900 years to repeat an IV at 10k packets/sec
For WEP this is done in 30 mins
Authentication
2 forms based on 802.1X:
Per-user based: Public key
Pre-shared key: same key – WPA-PSK
Kemal Akkaya
Wireless & Network Security
8
Final Standard: 802.11i
The long-awaited security standard for wireless
Ratified in June 2004
Also known as WPA2 for the market
Another name is Robust Security Network (RSN)
Hardware manufactured before 2002 is likely to be
unsupported
AES requires a new dedicated chip
From March 2006, WPA2 certification is mandatory for all
new devices
Addresses the main problems in WEP
Components:
802.1X based Authentication
CCMP (Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol)
RSN based associations
Kemal Akkaya
Wireless & Network Security
9
CCMP
More WPA2
Uses Advanced Encryption Standard (AES)
Unlike in TKIP, key management and message integrity is handled
by a single component built around AES using a 128-bit key and a
128-bit block.
Uses CCM
Encrypts data and MIC
Key Caching
Skips re-entering of the user credential by storing the host
information on the network
APs can store keys
Fast re-connection
Pre-authentication
If previously authenticated
Allows client to become authenticated with an AP before moving to it
Uses previous authentication info
Useful in encrypted VoIP over Wi-Fi
Fast Roaming
Kemal Akkaya
Wireless & Network Security
10
802.11i Summary
Kemal Akkaya
Wireless & Network Security
11