Transcript Electronic Security - University of Texas at Austin

Electronic Security
Inaugural meeting
(for Hasheem: that means ‘the first meeting’
What Is Electronic Security?
For our purposes:
• Security that does not involve the mechanical
exploitation of vulnerabilities in physical locks
• The examination of security systems which are
implemented primarily by means of an electronic
Basically, anything interesting that involves both
security and electronics (we are open to
suggestions for future meetings! )
Quick and Dirty Network Security:
(NOT an exhaustive list, just enough concept to move to our main topic)
• Privacy
– Only trusted parties can participate in conversations (actively)
– Anyone who tries to listen won’t understand the conversation
• Integrity
– When person A sends message M to person B, the person B can
be certain that M did not change at all from the time A sent it to
the time B received it
WEP
(or: when smart engineers make very, very bad decisions)
Wired Equivalent Privacy
• Outlined in the IEEE 802.11b standard
• Uses RC4 stream cipher for
privacy/encryption
– Used badly/improperly
• Uses CRC-32 checksum for integrity
– Ultimately this provides ZERO integrity
RC4 is a Stream Cipher
Keystream:
1001
1111
To infinity and beyond!
0101
1110
1010
1000
1001
0010
0110
1101
0000
0110
Plaintext:
A
0100
0001
B
C
D
E
0100
0010
0100
0011
0100
0100
0100
0001
1100
1110
1011
1101
0110
0010
F
0101
0100
0110
Cyphertext:
1101
1110
1000
0100
0000
Claude E Shannon proved that this encryption scheme provides PERFECT security if and only if:
• There is no repeating pattern in the keystream
• The keystream is as long as the plaintext
RC4 Provides a PSEUDORANDOM keystream = a secret key + Initialization
Vector.
Not perfect, but pretty good… ONLY if the IV NEVER repeats!
WEP Implementation
(credit for this image: Vitaly Shmatikov)
RC4 keystream = IV + secret
key
1 keystream := 1 data layer
frame
IV is sent in the
clear
CRC-32 is a linear
translation through xor, so
anyone can re -compute
THE FREAKING IV IS SENT IN THE CLEAR, IT MAKES UP 24 BITS OF THE
KEY NO MATTER HOW BIG THE KEY IS
Vulnerable to Fluhrer et al. attack on RC4. John Gordon will now demonstrate.