Department of Computer Science Southern Illinois

Download Report

Transcript Department of Computer Science Southern Illinois 

Department of Computer Science
Southern Illinois University Carbondale
Wireless and Network Security
Lecture 9: IEEE 802.11 Security - 2
Dr. Kemal Akkaya
E-mail: [email protected]
Kemal Akkaya
Wireless & Network Security
1
How about using Virtual Private Networking
(VPN) for better Security?
 Deploying a secure VPN over a wireless network can
greatly increase the security of your data
 Idea behind this is to treat the wireless network the
same as an insecure wired network (the internet).
 Any user get authenticates through a server
 Can use the network as if he/she is on the network
 Campus network, business etc.
 Not a good solution:
 Overhead
 Deployment
 Performance
 Susceptible to denial of service (DOS) attacks, along with any attack
against the specific VPN
Kemal Akkaya
Wireless & Network Security
2
Solutions for better IEEE 802.11 Security
 IEEE 802.1x
 Per-user authentication
 Key distribution mechanism
 Wi-Fi Protected Access (WPA)
802.1x
WPA
802.11i
 Proposed in 2003
 Subset of 802.11i
 Two forms:
 802.1x + EAP + TKIP + MIC
 Pre-shared Key + TKIP + MIC
 IEEE 802.11i – WPA2
 802.1x + EAP + AES + CCM
 But WEP is still in wide use
Kemal Akkaya
Wireless & Network Security
3
IEEE 802.1X
 802.1X is a port-based, layer 2 (MAC address layer)
authentication framework on IEEE 802 networks.
 Uses EAP (Extensible Authentication Protocol) for
implementation
 It works along with the 802.11 protocol to manage
authentication for WLAN clients
 Centralized authentication
 All clients go through APs
 Interoperability: Can work along with NICs running WEP
 Three main components:
 Supplicant
 Authenticator
 Authentication Server
Kemal Akkaya
Wireless & Network Security
4
IEEE 802.1X Authentication Process
Client makes an association with AP
AP places client in an unauthenticated holding
area; AP sends an authentication request to
client
Client sends user ID to AP, which forwards it to
server
Server sends challenge via AP to client
 Challenge type up to vendor
 Secret info is not sent over air in plaintext
Client responds to challenge
Server verifies response, provides fresh session
keys
Kemal Akkaya
Wireless & Network Security
5
IEEE 802.1X Authentication Process
 Authentication session
Client
Auth Server
AP
“RADIUS”
Let me in!
What’s your ID?
ID = [email protected]
Is [email protected] OK?
Prove to me that you are
[email protected]
The answer is “xxx”
EAP Challenge/
Authentication
Let him in. Here is the session key.
Come in. Here is the session key.
network
http://www.yahoo.com
Kemal Akkaya
Encrypted
session
Wireless & Network Security
6
WPA (Wi-Fi Protected Access)
 Pre-standard subset of IEEE 802.11i
 Interim solution to run on existing wireless hardware
 Uses Temporal Key Integrity Protocol (TKIP) for data
encryption and confidentiality
 On October 31, 2002, the Wi-Fi Alliance endorsed TKIP under the
name Wi-Fi Protected Access (WPA).
 TKIP Changes
 Still uses RC4, 128 bits for encryption
 Key mixing function for combining the secret root key with the IV
 Merely concatenation in WEP
 Provisions for changing base keys
 Secret part of encryption key changed in every packet
 Avoids weak keys
 IV acts as a sequence counter
 Starts at 0, increments by 1
 Against replay attacks
 Packets received out of order will be rejected by the AP
Kemal Akkaya
Wireless & Network Security
7
WPA Changes for Integrity
 Includes Michael: a Message Integrity Code (MIC)





64 bits
Replaces the CRC
Different keys for MIC and encryption
Observer cannot create new MIC to mask changes to data
Computationally Efficient
 Increases IV from 24 bits to 64 bits
 900 years to repeat an IV at 10k packets/sec
 For WEP this is done in 30 mins
 Authentication
 2 forms based on 802.1X:
 Per-user based: Public key
 Pre-shared key: same key – WPA-PSK
Kemal Akkaya
Wireless & Network Security
8
Final Standard: 802.11i
 The long-awaited security standard for wireless
 Ratified in June 2004
 Also known as WPA2 for the market
 Another name is Robust Security Network (RSN)
 Hardware manufactured before 2002 is likely to be
unsupported
 AES requires a new dedicated chip
 From March 2006, WPA2 certification is mandatory for all
new devices
 Addresses the main problems in WEP
 Components:
 802.1X based Authentication
 CCMP (Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol)
 RSN based associations
Kemal Akkaya
Wireless & Network Security
9
 CCMP
More WPA2
 Uses Advanced Encryption Standard (AES)
 Unlike in TKIP, key management and message integrity is handled
by a single component built around AES using a 128-bit key and a
128-bit block.
 Uses CCM
 Encrypts data and MIC
 Key Caching
 Skips re-entering of the user credential by storing the host
information on the network
 APs can store keys
 Fast re-connection
 Pre-authentication
 If previously authenticated
 Allows client to become authenticated with an AP before moving to it
 Uses previous authentication info
 Useful in encrypted VoIP over Wi-Fi
 Fast Roaming
Kemal Akkaya
Wireless & Network Security
10
802.11i Summary
Kemal Akkaya
Wireless & Network Security
11