CS 336/536 Computer Network Security. Summer Term Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

Size: px
Start display at page:

Download "CS 336/536 Computer Network Security. Summer Term 2010. Wi-Fi Protected Access (WPA) compiled by Anthony Barnard"

Transcription

1 CS 336/536 Computer Network Security Summer Term 2010 Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

2 2 Wi-Fi Protected Access (WPA) These notes, intended to follow the previous handout IEEE Wired Equivalent Privacy (WEP), are a composite of section 6.2 of Network Security Essentials by William Stallings, 4 th edition, and some material from Real Security by Edney and Harbaugh and from Wireless Networks by Matthew Gast. Stallings begins section 6.2 by stating the reasons why wireless LANs are more vulnerable to attackers that are wired LANs. Radio waves do not usually respect walls, so passive eavesdropping by an external attacker (even listening while outside the building in the parking lot) is an obvious threat; more active threats have also been extensively described in the previous handout. The original (1999) IEEE specification, included in the previous handout, described the security system called Wired Equivalent Privacy (WEP) that you will see in lab session #4. However, as we have seen, WEP was soon shown to be very vulnerable. Unfortunately, by the time that the vulnerability was detected, large numbers of WiFi LANs had been implemented by people who believed that their networks were protected by WEP. Some form of rescue had to be undertaken. IEEE established Task Group i that included acknowledged security experts, such as Ron Rivest, who had been absent from the group that developed the 1999 standard. The limitations on the rescue were that legacy equipment, particularly the Access Points, had to be retained. This imposed three constraints on the rescue: software/firmware upgrades only - no chip replacement a typical AP of the time had only a few spare cycles available the RC4 encryption/decryption algorithm was embedded in a special purpose chip, so could not be changed. These constraints presented a formidable challenge to upgrading the security of wireless LANs. However, Task Group i quickly came up with WiFi Protected Access (WPA) as an interim measure towards the ultimate IEEE i, known as the Robust Security Network (RSN). WPA is available only for infrastructure networks. This was followed in 2004 by finalization of the RSN standard, which became known as WPA2, available in both infrastructure and ad-hoc networks. The full standard is complex, involving an authentication server (AS) implementing IEEE 801X and therefore appropriate only to an Enterprise environment (corporate, with significant security requirements). In a lesscritical situation, usually referred to as Small Office/Home Office (SOHO) mode, WPA is probably adequate and we shall therefore content ourselves with studying this.

3 Wi-Fi Protected Access (WPA) 3 [contact with Stallings section 6.2 will be shown thus: {Stallings page xxx} ] IEEE i Services {Stallings page 183} Authentication - mutual, of STA and AP Access control to admit only properly authenticated clients Privacy (confidentiality) and integrity of data messages IEEE i Phases of Operation {Stallings page 184} This security applies only to traffic within a BSS, that is, between a STA and its AP; it does not extend outside the BSS. There are five phases in i: Phase 1 - discovery STA finds AP and associates (covered in CS x34). STA and AP agree on algorithms and methods to be used. Phase 2 - Authentication STA and AP prove their identities to each other. In enterprise mode the Authentication Server is intimately involved here, but in SOHO mode it is effectively by-passed and we will not consider AS further. Phase 3 - Key generation and distribution. Phase 4 - Actual user data transfer. Phase 5 - Connection termination when transfer complete. Now let s look in more detail at the five phases.

4 4 Wi-Fi Protected Access (WPA) Phase 1 -Discovery Phase {Stallings page 186} The purpose of this phase is for STA and AP to establish (unsecure) contact and negotiate a set of security algorithms to be used in subsequent phases. STA and AP need to decide on: The authentication method to be used in phase 3 to perform mutual authentication of STA and AP and generate/distribute keys. We shall omit IEEE801X and use the simplest method, pre-shared key (PSK) in which the 256-bit key is provided to STA and AP in advance by some secure external method, usually manual. Confidentiality and integrity algorithms to protect user data in phase 4 We shall focus on using TKIP for this purpose. As covered in CS 334/534 and the previous handout, the discovery phase uses three exchanges: Probe request/response (or observation of a beacon frame) APs advertize their capabilities (WEP, WPA, etc.) in Information Elements in their beacon frames and in their probe responses. Authentication request/response (Open System, for backward compatibility) Association request/response - agreement on methods to be used, The STA s request, chosen from the menu offered by the AP, is contained in an information element in the STA s association request. Discovery Phase is shown in the upper half of figure 6.6:

5 Wi-Fi Protected Access (WPA) 5 Phase 2 - Authentication Phase {Stallings page 188} Since we re studying SOHO mode, not enterprise mode {Omit Stallings pages }, this phase is trivial. STA and AP are pre-loaded with the 256-bit pre-shared Key (PSK). In this case the phase 2 exchange shown in the lower half of fig 6.6 is bypassed. The lower half of Stallings page 188, all of page 189, and the top half of page 190 can be omitted, since they delve into the full-blown IEEE 802.1X enterprise-mode authentication The PSK can be supplied either as the actual 256 bits or as a passphrase (such as barnardjonesskjellum as used in ciswifi) that is expanded to the required length by a standard algorithm. In principle the PSK can be different for each STA-AP pair, but in practice most vendors use the same PSK for all STA. The idea is that the STA and AP are mutually authenticated if they can demonstrate to each other in the following phase that they each know the PSK. Phase 3 - Key Generation and Distribution Phase {Stallings pages } The top of the key hierarchy is the Pairwise Master Key (PMK). In Enterprise mode the PMK is obtained during an exchange with the Authentication Server, but in SOHO mode the PMK is derived directly from the PSK, which had previously been shared between STA and AP. Key generation must be completed before we can move on to phase 4 and transmit user data.

6 6 Wi-Fi Protected Access (WPA) As illustrated in the following figure, in SOHO mode the PSK immediately becomes the pairwise master key (PMK), that is, both AP and STA automatically have a copy of their shared PMK (page 192). However, since this will usually be the same for all stations, pairwise is a misnomer As we shall see, the operational keys are derived from this common source plus other input to make them unique to each STA-AP pair. Figure 6.8: The PMK will not be used directly in any cryptographic operation, but will be used to generate the set of operational keys, known as the pairwise transient key (PTK). This consists of two keys to be used between STA and AP in this phase (phase 3) and a two-component (integrity and encryption) key for the next phase (phase 4).

7 Wi-Fi Protected Access (WPA) 7 The three parts to the PTK are: {Stallings page 193} EAP over LAN (EAPOL) Key Confirmation Key (EAPOL-KCK) EAP is the Extensible Authentication Protocol here used over a LAN, hence EAPOL. The confirmation key is what we ve called the message integrity key. It is used to protect the integrity of the messages in phase 3 (below) EAPOL Key Encryption Key (EAPOL-KEK) This will be used to protect the confidentiality of the keys during the phase 3 exchanges. Temporal Keys (TK) The word temporal is used because the keys have a limited (temporary) lifetime, being regenerated every time the STA associates with the AP. The two halves of this will be used to protect integrity and confidentiality of the subsequent user traffic (phase 4). We shall omit group keys (two sections on page 193 and the lower part of fig 6.9)

8 8 Wi-Fi Protected Access (WPA) Computing the Pairwise Transient Key This section outlines the computation of the 512-bit PTK from the 256-bit PMK. The first objective is to make the PTK different for each station/ap pair, and this is accomplished by mixing in the MAC addresses of the two participants. These are readily available from the frame headers. The PTK is re-computed every time a station authenticates with an AP. The second objective is to avoid re-using an old PTK, and since neither the PMK nor the MAC addresses will change, there must be some further dynamic input to the PTK. Four-Way Handshake This further dynamic input is generated during the four-way handshake, which will now be described {Stallings page 193} The four-way handshake is described on Stallings page 193 and shown in the upper part of figure 6.9, which is the continuation of figure 6.6. In our case (SOHO) we enter the 4-way handshake with the STA having already sent (in phase 1, association request) a request to the AP (referred to in the standard as the authenticator (A), asking for activation of WPA/TKIP. Figure 6.9 (upper): Before the four-way handshake begins the STA, referred to as the supplicant (S), has randomly chosen a nonce (Nonce1).

9 Wi-Fi Protected Access (WPA) 9 Message 1: A to S: a nonce chosen by the authenticator (Nonce2) The supplicant S chooses a nonce (Nonce1) and receipt of Nonce2 gives S the last piece of information it needs to compute the 512-bit PTK, as shown in this figure: Computation of PTK from PMK The Pseudo-Random Generator (PRG) is based on HMAC-SHA-1; look back at Thomas figure 4-37 (SSL) to get the flavor of repeated hashing until you have enough keying material. Note on terminology: some authors (including Stallings) use Temporal Key to refer to the entire 256 bits, others use the term to apply only to the 128 bits used in phase 4 to protect data confidentiality. Message 2: S to A: Nonce1, together with a message integrity code (MIC) Nonce1 gives the authenticator the last piece of information it needs to compute the PTK, so key exchange is complete. This enables the authenticator to check the validity of the MIC. If correct, this proves that that the supplicant possesses the PMK and thereby authenticates the supplicant. As you see, in the four-way handshake each side has chosen a nonce, and both nonces have been mixed into the computation of the PTK. Message 3: A to S: message A able to turn on encryption. This message includes the MIC, so S can check that A knows PMK) Message 4: S to A: message S about to turn on encryption. After sending message 4, S activates encryption; on receipt of frame 4, A activates encryption. Key generation and activation is complete.

10 10 Wi-Fi Protected Access (WPA) Phase 4 - Protected Data Transfer Phase {Stallings pages } We have chosen to study the Temporal Key Integrity Protocol (TKIP), which was designed to require only software/firmware changes to devices designed to run the original security protocol WEP {Omit CCMP - Stallings page 195}. Relative to /WEP, TKIP s new features are: Message integrity The usual Ethernet CRC having been shown to be inadequate to defeat forgeries, it was necessary for TKIP to introduce a cryptographic message integrity code (MIC) (Stallings chapter 3), to replace the inner CRC after the data field in the MAC frame. Since APs of the early 2000s were not sufficiently powerful to run HMAC, a new, simpler, algorithm called Michael was invented. The input to Michael is a 64-bit slice of the Temporal Key (a different slice in the two directions), plus the STA and AP MAC addresses, plus (of course) the data to be protected. Data Confidentiality The data in the frame, plus the MIC, are encrypted with RC4 using half (128 bits) of the Temporal Key, truncated to 104 bits. Additional protection is provided by: A new IV sequencing discipline, to remove replay attacks from the attacker s arsenal; the IV is expanded to 48 bits and is incremented monotonically (recall that in WEP there was no official requirement to increment the IV, so attackers could simply replay a previous frame). A per-packet key mixing function. The first design goal is to produce the final data-encryption key (the input seed to the RC4 PRG), that is different for the two directions of transmission (to and from the AP). The second design goal is to prevent generation of the weak keys identified by Fluhrer (see previous handout) and also produce an RC4 seed that is different for each successive packet. This key mixing process is shown in the figure opposite.

11 Wi-Fi Protected Access (WPA) 11 Phase 1 combines the 802 MAC address of the packet transmitter (AP or STA), the high-order 32 bits of the expanded IV, and the temporal key (TK for encryption, from phase 3) by XORing each of their bytes to index into a substitution table ( S-box ), to produce an 80-bit intermediate key. Since both the 64-bit temporal key and the transmitter MAC address are different in the two directions the intermediate keys are very unpredictable satisfying the first design goal. The Phase 1 intermediate key needs to be re-computed only when the low-order 16 bits of the IV wrap around, or when the temporal key is updated, so most implementations cache the Phase 1 result as a performance optimization. Phase 2 copies the low-order 16 bits of the IV into the high-order 24 bits of the RC4 seed, the 8 most significant bits of the counter into both the first and second bytes of the field, and the least significant counter bits to the third byte of the field. Phase 2 then masks off the most significant bit of the second byte to prevent the key concatenation from producing one of the known RC4 weak keys (Fluhrer attack, which required the second byte of the WEP IV to be 0xFF). The 16 low-order IV bits are also input, along with the intermediate key, into phase 2 key mixing, which produces the 104 bits needed to complete the 128-bit RC4 seed. An important point is that an encryption engine (the chip that increments RC4) that ran WEP does not need to be changed in any way to run WPA, since it still gets 128 bits as its input key. This satisfies the goal of preserving legacy equipment.

12 12 Wi-Fi Protected Access (WPA) You can see that WPA has introduced substantial additional sophistication to WEP. The WPA operational keys are forced to be different for each STA-AP pair (by mixing in the two MAC addresses), different each time a particular STA associates with a particular AP (by choosing the two different random nonces), different for each direction of travel (to or from the AP) and different for each packet in a flow (by mixing in the monotonically-increasing IV). The hackers will have a much harder time than with WEP! However: Weakness in Passphrase Choice in WPA Interface By Robert Moskowitz (Paper dated November 04, 2003) The Known-PSK attack by Stations within the ESS The normal practice is to have a single PSK/PMK for all stations and APs within an ESS. Therefore, to generate the PTK used by any station/ap pair, a station within the ESS that wishes to spy on its brothers needs to learn only the two MAC addresses and nonces. All of this is available in the initial exchange of messages (the 4-Way Handshake). Any device can passively listen for these frames for a STA-AP pair and then generate the PTK for that pair. Thus even though each unicast station/ap pairing in the ESS has unique keys (PTK) there is nothing private about these keys to any other device in the ESS, since they all have the same PMK. \cs\cs437\lecture\lecture_u10\handouts\guide to WPA.doc

CS 356 Lecture 29 Wireless Security. Spring 2013

CS 356 Lecture 29 Wireless Security. Spring 2013 CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter

More information

UNIK4250 Security in Distributed Systems University of Oslo Spring 2012. Part 7 Wireless Network Security

UNIK4250 Security in Distributed Systems University of Oslo Spring 2012. Part 7 Wireless Network Security UNIK4250 Security in Distributed Systems University of Oslo Spring 2012 Part 7 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s charter to develop

More information

chap18.wireless Network Security

chap18.wireless Network Security SeoulTech UCS Lab 2015-1 st chap18.wireless Network Security JeongKyu Lee Email: jungkyu21@seoultech.ac.kr Table of Contents 18.1 Wireless Security 18.2 Mobile Device Security 18.3 IEEE 802.11 Wireless

More information

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com White paper Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points http://www.veryxtech.com White Paper Abstract Background The vulnerabilities spotted in the Wired Equivalent Privacy (WEP) algorithm

More information

Chapter 6 CDMA/802.11i

Chapter 6 CDMA/802.11i Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Some material copyright 1996-2012 J.F Kurose and K.W. Ross,

More information

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication WLAN Security WEP Overview 1/2 WEP, Wired Equivalent Privacy Introduced in 1999 to provide confidentiality, authentication and integrity Includes weak authentication Shared key Open key (the client will

More information

802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com

802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key

More information

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,

More information

Lecture 24 Wireless Network Security. modified from slides of Lawrie Brown

Lecture 24 Wireless Network Security. modified from slides of Lawrie Brown Lecture 24 Wireless Network Security modified from slides of Lawrie Brown Wireless Security Overview concerns for wireless security are similar to those found in a wired environment security requirements

More information

Table of Contents 1 WLAN Security 1-1

Table of Contents 1 WLAN Security 1-1 Table of Contents 1 WLAN Security 1-1 Overview 1-1 Authentication Modes 1-1 WLAN Data Security 1-2 Client Access Authentication 1-3 WLAN Security Policies 1-5 i 1 WLAN Security Overview WLAN networks feature

More information

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu Introduction to WiFi Security Frank Sweetser WPI Network Operations and Security fs@wpi.edu Why should I care? Or, more formally what are the risks? Unauthorized connections Stealing bandwidth Attacks

More information

Symm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2

Symm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2 Wi-Fi Security FEUP>MIEIC>Mobile Communications Jaime Dias Symmetric cryptography Ex: RC4, AES 2 Digest (hash) Cryptography Input: variable length message Output: a fixed-length bit

More information

Vulnerabilities of Wireless Security protocols (WEP and WPA2)

Vulnerabilities of Wireless Security protocols (WEP and WPA2) Vulnerabilities of Wireless Security protocols (WEP and WPA2) Vishal Kumkar, Akhil Tiwari, Pawan Tiwari, Ashish Gupta, Seema Shrawne Abstract - Wirelesses Local Area Networks (WLANs) have become more prevalent

More information

EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2)

EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2) EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2) Moffat Mathews, Ray Hunt Department of Computer Science and Software Engineering, University of Canterbury, New Zealand {ray.hunt@canterbury.ac.nz}

More information

Wired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA)

Wired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA) 2009 International Conference on Signal Processing Systems Wired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA) ARASH HABIBI LASHKARI Computer Science Dept. of FCSIT a_habibi_l@hotmail.com

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

WLAN security. Contents

WLAN security. Contents Contents WEP (Wired Equivalent Privacy) No key management Authentication methods Encryption and integrity checking WPA (WiFi Protected Access) IEEE 802.1X authentication framework Practical example using

More information

Security in IEEE 802.11 WLANs

Security in IEEE 802.11 WLANs Security in IEEE 802.11 WLANs 1 IEEE 802.11 Architecture Extended Service Set (ESS) Distribution System LAN Segment AP 3 AP 1 AP 2 MS MS Basic Service Set (BSS) Courtesy: Prashant Krishnamurthy, Univ Pittsburgh

More information

Wireless security. Any station within range of the RF receives data Two security mechanism

Wireless security. Any station within range of the RF receives data Two security mechanism 802.11 Security Wireless security Any station within range of the RF receives data Two security mechanism A means to decide who or what can use a WLAN authentication A means to provide privacy for the

More information

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example Table of Contents Wi Fi Protected Access 2 (WPA 2) Configuration Example...1 Document ID: 67134...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Conventions...2 Background Information...2

More information

A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS

A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS Jose Perez Texas A&M University Corpus Christi Email: jluisperez16@gmail.com Fax Number: (361) 825-2795 Faculty Advisor: Dr. Ahmed Mahdy, Texas A&M University

More information

WLAN Access Security Technical White Paper. Issue 02. Date 2012-09-24 HUAWEI TECHNOLOGIES CO., LTD.

WLAN Access Security Technical White Paper. Issue 02. Date 2012-09-24 HUAWEI TECHNOLOGIES CO., LTD. WLAN Access Security Technical White Paper Issue 02 Date 2012-09-24 HUAWEI TECHNOLOGIES CO., LTD. . 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by

More information

Chapter 10 Security of Wireless LAN

Chapter 10 Security of Wireless LAN Chapter 10 Security of Wireless LAN WEP WPA WPA2 [NetSec], WS 2008/2009 10.1 WLAN Authentication and Encryption WEP (Wired Equivalent Privacy) First Generation One way shared key authentication RC4 encryption

More information

Tutorial: An Overview of Wireless Security

Tutorial: An Overview of Wireless Security Tutorial: An Overview of Wireless Security Jung-Min Jerry Park (jungmin@vt.edu) Dept. of Electrical & Computer Engineering Virginia Tech CESCA Research Day March 2013 Some of the material presented here

More information

1. Scope and objectives. 2 Introduction IEEE GPP TSG SA WG3 Security S July 9 July 12, 2002 Helsinki, Finland

1. Scope and objectives. 2 Introduction IEEE GPP TSG SA WG3 Security S July 9 July 12, 2002 Helsinki, Finland TSG SA WG3 Security S3-020341 July 9 July 12, 2002 Helsinki, Finland Agenda Item: 7.9 Source: Ericsson Title: Introduction of IEEE 802.11 Security Document for: Discussion 1. Scope and objectives This

More information

Wireless Authentication and Encryption: A Primer

Wireless Authentication and Encryption: A Primer Wireless Vulnerability Management Wireless Authentication and Encryption: A Primer Presented by: Hemant Chaskar, PhD Director of Technology AirTight Networks 2008 AirTight Networks, Inc. All Rights Reserved.

More information

WiFi Security: WEP, WPA, and WPA2

WiFi Security: WEP, WPA, and WPA2 WiFi Security: WEP, WPA, and WPA2 - security requirements in wireless networks - WiFi primer - WEP and its flaws - 802.11i - WPA and WPA2 (RSN) Why security is more of a concern in wireless? no inherent

More information

Wireless Security Threats and Countermeasures

Wireless Security Threats and Countermeasures Wireless Security Threats and Countermeasures Wireless and Optical Communications Conference 2007 Steve Wang Distinguished Member of Technical Staff Alcatel-Lucent Lilse, IL 60532 April 2007 All Rights

More information

WLAN Security. WLAN Security Standards WEP IEEE 802.1x Wi-Fi Protected Access (WPA) i Layered Security for Wireless Networks

WLAN Security. WLAN Security Standards WEP IEEE 802.1x Wi-Fi Protected Access (WPA) i Layered Security for Wireless Networks TECHNISCHE UNIVERSITÄT ILMENAU WLAN Security Integrated Hard- and Software Systems http://www.tu-ilmenau.de/ihs WLAN Security Standards WEP IEEE 802.1x Wi-Fi Protected Access (WPA) 802.11i Layered Security

More information

Securing WLAN: From WEP to WPA

Securing WLAN: From WEP to WPA Securing WLAN: From WEP to WPA Demian Machta Computer Security CS574 Instructor : T.Perrine Word count: 3270 San Diego State University, Fall 2003 dmachta@eresmas.com 1 Index I. Introduction.3 II. Wired

More information

IEEE 802.11 Wireless LAN Security Overview

IEEE 802.11 Wireless LAN Security Overview 138 IEEE 802.11 Wireless LAN Security Overview Ahmed M. Al Naamany, Ali Al Shidhani, Hadj Bourdoucen Department of Electrical and Computer Engineering Sultan Qaboos University, Oman. Summary Wireless Local

More information

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer Managing and Securing Computer Networks Guy Leduc Chapter 7: Securing LANs Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section 8.8) Also

More information

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the

More information

Wireless Robust Security Networks: Keeping the Bad Guys Out with 802.11i (WPA2)

Wireless Robust Security Networks: Keeping the Bad Guys Out with 802.11i (WPA2) Wireless Robust Security Networks: Keeping the Bad Guys Out with 802.11i (WPA2) SUNY Technology Conference June 21, 2011 Bill Kramp FLCC Network Administrator Copyright 2011 William D. Kramp All Rights

More information

A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES

A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES Johanna Janse van Rensburg, Barry Irwin Rhodes University G01j202j7@campus.ru.ac.za, b.irwin@ru.ac.za (083) 944 3924 Computer Science Department, Hamilton

More information

NXC5500/2500. Application Note. 802.11w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015

NXC5500/2500. Application Note. 802.11w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015 NXC5500/2500 Version 4.20 Edition 2, 02/2015 Application Note 802.11w Management Frame Protection Copyright 2015 ZyXEL Communications Corporation 802.11w Management Frame Protection Introduction IEEE 802.11w

More information

Security of Wireless Local Area Network (WLAN)

Security of Wireless Local Area Network (WLAN) Adrián Lachata, Štefan Pero Abstract. This paper deals with security of WLAN. This network uses standard IEEE 802.11. We will explain cipher algorithm RC4 and communication between client and Access Point

More information

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions

More information

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 Wireless LAN security (Reference - Security & Cooperation in Wireless Networks by Buttyan & Hubaux, Cambridge Univ. Press, 2007, Chapter

More information

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 Issues in WiFi Networks Nicolae TOMAI Faculty of Economic Informatics Department of IT&C Technologies Babes Bolyai Cluj-Napoca University, Romania tomai@econ.ubbcluj.ro Abstract: The paper has four sections.

More information

Chapter 2 Wireless Networking Basics

Chapter 2 Wireless Networking Basics Chapter 2 Wireless Networking Basics Wireless Networking Overview Some NETGEAR products conform to the Institute of Electrical and Electronics Engineers (IEEE) 802.11g standard for wireless LANs (WLANs).

More information

1. discovery phase 2. authentication and association phase 3. EAP/802.1x/RADIUS authentication 4. 4-way handshake 5. group key handshake 6.

1. discovery phase 2. authentication and association phase 3. EAP/802.1x/RADIUS authentication 4. 4-way handshake 5. group key handshake 6. 1. discovery phase 2. authentication and association phase 3. EAP/802.1x/RADIUS authentication 4. 4-way handshake 5. group key handshake 6. secure data communication. The access point periodically advertise

More information

COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2)

COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2) COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2) Disha Baba Banda Singh Bahadur Engineering College Fatehgarh Sahib, Punjab Sukhwinder Sharma Baba Banda Singh Bahadur Engineering College Fatehgarh

More information

Lecture 9: Wireless Security WEP/WPA. Course Admin

Lecture 9: Wireless Security WEP/WPA. Course Admin Lecture 9: Wireless Security WEP/WPA CS 336/536: Computer Network Security Fall 2013 Nitesh Saxena Adopted from previous lecture by Keith Ross, Amine Khalife and Tony Barnard Course Admin Mid-Term Exam

More information

Certified Wireless Security Professional (CWSP) Course Overview

Certified Wireless Security Professional (CWSP) Course Overview Certified Wireless Security Professional (CWSP) Course Overview This course will teach students about Legacy Security, encryption ciphers and methods, 802.11 authentication methods, dynamic encryption

More information

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003 Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003 2003 Wi-Fi Alliance. Wi-Fi is a registered trademark of the Wi-Fi Alliance

More information

Related Chapters. Chapter 15: Wireless Network Security Chapter 16: Wireless Sensor Network Security Chapter 17: Cellular Network Security

Related Chapters. Chapter 15: Wireless Network Security Chapter 16: Wireless Sensor Network Security Chapter 17: Cellular Network Security Wireless Security Related Chapters Chapter 15: Wireless Network Security Chapter 16: Wireless Sensor Network Security Chapter 17: Cellular Network Security 2 Wireless Technologies InfraRed BlueTooth (Piconet,

More information

Security Protocols. 1. Data Link Layer Security: Focusing on WLAN

Security Protocols. 1. Data Link Layer Security: Focusing on WLAN Security Protocols 1. Data Link Layer Security: Focusing on WLAN The Datalink lyaer of the OSI Model, deals with the transfer of data between adjacent network nodes within a wide area or local area network.

More information

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007 Wireless Network Security Pat Wilbur Wireless Networks March 30, 2007 Types of Attacks Intrusion gain unauthorized access to a network in order to use the network or Internet connection Types of Attacks

More information

MAC Layer Key Hierarchies and Establishment Procedures

MAC Layer Key Hierarchies and Establishment Procedures MAC Layer Key Hierarchies and Establishment Procedures Jukka Valkonen jukka.valkonen@tkk.fi 17.11.2006 1. Introduction and Background 2. Pair-wise associations 3. Group associations 4. Different layers

More information

WLAN Security. Giwhan Cho ghcho@dcs.chonbuk.ac.kr. Distributed/Mobile Computing System Lab. Chonbuk National University

WLAN Security. Giwhan Cho ghcho@dcs.chonbuk.ac.kr. Distributed/Mobile Computing System Lab. Chonbuk National University WLAN Security Giwhan Cho ghcho@dcs.chonbuk.ac.kr Distributed/Mobile Computing System Lab. Chonbuk National University Content WLAN security overview 802.11i WLAN security components pre-rsn (Robust Security

More information

A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2)

A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2) A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2) Vipin Poddar Suresh Gyan Vihar School of Engginering And Technology, Jaipur, Rajasthan. Hitesh Choudhary, Poornima University, Jaipur,

More information

Lecture 3. WPA and 802.11i

Lecture 3. WPA and 802.11i Lecture 3 WPA and 802.11i Lecture 3 WPA and 802.11i 1. Basic principles of 802.11i and WPA 2. IEEE 802.1X 3. Extensible Authentication Protocol 4. RADIUS 5. Efficient Handover Authentication 1 Lecture

More information

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas. Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003 Key

More information

Your 802.11 Wireless Network has No Clothes

Your 802.11 Wireless Network has No Clothes Your 802.11 Wireless Network has No Clothes William A. Arbaugh Narendar Shankar Y.C. Justin Wan Department of Computer Science University of Maryland College Park, Maryland 20742 March 30, 2001 Abstract

More information

layer specifications for 1- and 2-megabit-per-second (Mbps) wireless LANs operating in the 2.4-GHz band.

layer specifications for 1- and 2-megabit-per-second (Mbps) wireless LANs operating in the 2.4-GHz band. GLOSSARY 802.11 The IEEE standard that specifies carrier sense media access control and physical layer specifications for 1- and 2-megabit-per-second (Mbps) wireless LANs operating in the 2.4-GHz band.

More information

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G. Network Security Chapter 15 Security of Wireless Local Area Networks Network Security WS 2002: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control MAC and physical characteristics

More information

WI-FI SECURITY: A LITERATURE REVIEW OF SECURITY IN WIRELESS NETWORK

WI-FI SECURITY: A LITERATURE REVIEW OF SECURITY IN WIRELESS NETWORK IMPACT: International Journal of Research in Engineering & Technology (IMPACT: IJRET) ISSN(E): 2321-8843; ISSN(P): 2347-4599 Vol. 3, Issue 5, May 2015, 23-30 Impact Journals WI-FI SECURITY: A LITERATURE

More information

Wireless Networks. Welcome to Wireless

Wireless Networks. Welcome to Wireless Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)

More information

Advanced Security Issues in Wireless Networks

Advanced Security Issues in Wireless Networks Advanced Security Issues in Wireless Networks Seminar aus Netzwerke und Sicherheit Security Considerations in Interconnected Networks Alexander Krenhuber Andreas Niederschick 9. Januar 2009 Advanced Security

More information

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal 1,2 Department of CSE 1,2,3 BRCM Bahal, Bhiwani 1 shenam91@gmail.com, 2 dkamal@brcm.edu.in Abstract This paper

More information

Focus Assignment. Secure computer systems Fall WLAN Security

Focus Assignment. Secure computer systems Fall WLAN Security Focus Assignment Secure computer systems Fall 2004 WLAN Security Anders Nistér anders.nister@lcb.uu.se Andreas Lundin Andreas.Lundin.8031@student.uu.se Karl-Oskar Lundin karloskarlundin@hotmail.com Uppsala

More information

WPA 2 Hole196 Vulnerability FAQ

WPA 2 Hole196 Vulnerability FAQ WPA 2 Hole196 Vulnerability FAQ What is the Hole196 vulnerability? "Hole196" is a vulnerability in the WPA2 security protocol exposing WPA2-secured Wi-Fi networks to insider attacks. AirTight Networks

More information

Configuring a WLAN for Static WEP

Configuring a WLAN for Static WEP Restrictions for Configuring Static WEP, page 1 Information About WLAN for Static WEP, page 1 Configuring WPA1+WPA2, page 3 Restrictions for Configuring Static WEP The OEAP 600 series does not support

More information

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly

More information

COMPARISON OF VARIOUS WLAN SECURITIES

COMPARISON OF VARIOUS WLAN SECURITIES COMPARISON OF VARIOUS WLAN SECURITIES SHIKHA BANSAL, MANISH MAHAJAN CGC, Landran, Punjab Abstract As Wireless Local Area Networks (WLANs) are rapidly deployed to expand the field of wireless products,

More information

Network Security Protocols

Network Security Protocols Network Security Protocols Information Security (bmevihim100) Dr. Levente Buttyán associate professor BME Hálózati Rendszerek és Szolgáltatások Tanszék Lab of Cryptography and System Security (CrySyS)

More information

Authentication in WLAN

Authentication in WLAN Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing

More information

Wireless Local Area Network Security Obscurity Through Security

Wireless Local Area Network Security Obscurity Through Security Wireless Local Area Network Security Obscurity Through Security Abstract Since the deployment of infamous Wired Equivalent Privacy (WEP), IEEE and vendors have developed a number of good security mechanisms

More information

WLAN 802.11w Technology

WLAN 802.11w Technology Technical white paper WLAN 80.w Technology Table of contents Overview... Technical background... Benefits... 80.w technology implementation... Management Frame Protection negotiation... Protected management

More information

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2003): 15 Wireless LAN Security 1. Dr.-Ing G.

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2003): 15 Wireless LAN Security 1. Dr.-Ing G. Network Security Chapter 15 Security of Wireless Local Area Networks Network Security (WS 2003: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control (MAC and physical characteristics

More information

Wireless Networking Basics. NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA

Wireless Networking Basics. NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA Wireless Networking Basics NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA n/a October 2005 2005 by NETGEAR, Inc. All rights reserved. Trademarks NETGEAR and Auto Uplink are trademarks

More information

MAC,

MAC, Announcements 18-759: Wireless Networks Lecture 12: 802.11 Management Peter Steenkiste Dina Papagiannaki Spring Semester 2009 http://www.cs.cmu.edu/~prs/wireless09/ Peter A. Steenkiste, CMU 1 Midterm:

More information

Wireless Technology Seminar

Wireless Technology Seminar Wireless Technology Seminar Introduction Adam Worthington Network Consultant Adam.Worthington@euroele.com Wireless LAN Why? Flexible network access for your users? Guest internet access? VoWIP? RFID? Available

More information

CCMP known-plain-text attack

CCMP known-plain-text attack Taking a different approach to attack WPA2-AES, or the born of the CCMP known-plain-text attack Domonkos P. Tomcsanyi Lukas Lueg April, 2010 Abstract

More information

Wireless Networks: Basics & Security Issues

Wireless Networks: Basics & Security Issues Wireless Networks: Basics & Security Issues Burak Ekici ekcburak@hotmail.com Department of Computer Engineering, Yaşar University, Turkey. April 22, 2012 Burak Ekici (Dept. of Comp. Eng.) Wireless Networks:

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

WLAN Security. Mustafa Hibic, Panteleimon Cheropoulos and Altan Koray Aydemir

WLAN Security. Mustafa Hibic, Panteleimon Cheropoulos and Altan Koray Aydemir WLAN Security Mustafa Hibic, Panteleimon Cheropoulos and Altan Koray Aydemir Chapters 1. Introductions 2. Modes of Unauthorized Access 3. Security Measures 4. Wired Equivalent Privacy (WEP) 5. Wi-Fi Protected

More information

Ten Deadly Sins in Wireless Security

Ten Deadly Sins in Wireless Security Ten Deadly Sins in Wireless Security The emergence and popularity of wireless devices and wireless networks has provided a platform for real time communication and collaboration. This emergence has created

More information

Network Security. Chapter 15. Security of Wireless Local Area Networks. Network Security (WS 2005): 15 Wireless LAN Security 1 Dr.-Ing G.

Network Security. Chapter 15. Security of Wireless Local Area Networks. Network Security (WS 2005): 15 Wireless LAN Security 1 Dr.-Ing G. Network Security Chapter 15 Security of Wireless Local Area Networks Network Security (WS 2005): 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control (MAC) and physical

More information

Configure Workgroup Bridge on the WAP351

Configure Workgroup Bridge on the WAP351 Article ID: 5047 Configure Workgroup Bridge on the WAP351 Objective The Workgroup Bridge feature enables the Wireless Access Point (WAP) to bridge traffic between a remote client and the wireless LAN that

More information

Network security, TKK, Nov 2008 1

Network security, TKK, Nov 2008 1 Outline Network security: WLAN Security LAN technology Threats against WLANs Weak security mechanisms and WEP 802.1X, WPA, 802.11i Tuomas Aura, Microsoft Research, UK 2 LAN technology LAN (WLAN) standards

More information

Issues in Wireless Security (WEP, WPA & i)

Issues in Wireless Security (WEP, WPA & i) Issues in Wireless Security (WEP, WPA & 802.11i) Presented to the 18 th Annual Computer Security Applications Conference 11 December 2002 Brian R. Miller, Booz Allen Hamilton 0 Overview Examine current

More information

Wireless communications systems security. Alexey Fomin, SUAI fomin@vu.spb.ru

Wireless communications systems security. Alexey Fomin, SUAI fomin@vu.spb.ru Wireless communications systems security Alexey Fomin, SUAI fomin@vu.spb.ru Agenda Current security solutions in wireless systems (802.11) Open problems 2 Security Tasks Message authentication & privacy

More information

IT-Sicherheit: Sicherheitsprotokolle. Wireless Security. (unter Benutzung von Material von Brian Lee und Takehiro Takahashi)

IT-Sicherheit: Sicherheitsprotokolle. Wireless Security. (unter Benutzung von Material von Brian Lee und Takehiro Takahashi) IT-Sicherheit: Sicherheitsprotokolle Wireless Security (unter Benutzung von Material von Brian Lee und Takehiro Takahashi) ! 61 ints 5 2 Po ss e c Ac 3 Built in Security Features!!!!!! Service Set Identifier

More information

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved.

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved. White Paper Wireless LAN Security Copyright 2002-2003 Madge Limited. All rights reserved. 1 Introduction As wireless LANs become widely deployed, and the business benefits become clear, concern has grown

More information

With its promise of a target transmission. Responding to Security Issues in WiMAX Networks. Section Title

With its promise of a target transmission. Responding to Security Issues in WiMAX Networks. Section Title Responding to Security Issues in WiMAX Networks Chin-Tser Huang, University of South Carolina J. Morris Chang, Iowa State University WiMAX technology has attracted significant attention and interest because

More information

WiFi Security: Deploying WPA/WPA2/802.1X and EAP in the Enterprise

WiFi Security: Deploying WPA/WPA2/802.1X and EAP in the Enterprise Michael Disabato Service Director Network & Telecom Strategies mdisabato@burtongroup.com Diana Kelley Senior Analyst Security & Risk Management Strategies dkelley@burtongroup.com www.burtongroup.com WiFi

More information

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis: IMPORTANT! This Guide refers to the following Products: Securing Your Wireless Network Please read the following carefully; Synopsis: This Guide is designed to help you if you have a Wireless Network that

More information

Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003

Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003 Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003 Executive Summary The threat to network security from improperly secured WLANs is a real and present danger for today s enterprises.

More information

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Secret Key Cryptography Modes of operation Stream

More information

WIRELESS SECURITY A SEMINAR REPORT. Submitted by ANISH KUMAR. in partial fulfillment for the award of the degree COMPUTER SCIENCE & ENGINEERING

WIRELESS SECURITY A SEMINAR REPORT. Submitted by ANISH KUMAR. in partial fulfillment for the award of the degree COMPUTER SCIENCE & ENGINEERING WIRELESS SECURITY A SEMINAR REPORT Submitted by ANISH KUMAR in partial fulfillment for the award of the degree of BACHELOR OF TECHNOLOGY in COMPUTER SCIENCE & ENGINEERING SCHOOL OF ENGINEERING COCHIN UNIVERSITY

More information

Wireless LAN Security

Wireless LAN Security Wireless LAN Security WEP: Overview WEP = Wired Equivalency Protocol RC4 stream cipher Purposes: Authentication Packet Encryption Uses single key to authenticate all network users and encrypt all packets

More information

Lecture 2 Secure Wireless LAN

Lecture 2 Secure Wireless LAN Lecture 2 Secure Wireless LAN Network security (19265400 / 201000086) Lecturers: Aiko Pras Pieter-Tjerk de Boer Anna Sperotto Ramin Sadre Georgios Karagiannis Acknowledgements Part of the slides are based

More information

Chapter 10: Designing and Implementing Security for Wireless LANs Overview

Chapter 10: Designing and Implementing Security for Wireless LANs Overview Chapter 10: Designing and Implementing Security for Wireless LANs Overview Identify and describe the strengths, weaknesses, appropriate uses, and appropriate implementation of IEEE 802.11 security related

More information

CSC574: Computer and Network Security

CSC574: Computer and Network Security CSC574: Computer and Network Security Lecture 21 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr) Wireless Security Wireless makes network security much more difficult Wired: If Alice

More information

A CompuCom Perspective - Wireless LAN Security:

A CompuCom Perspective - Wireless LAN Security: A CompuCom Perspective - Wireless LAN Security: A White Paper Prepared by CompuCom s ConvergeMobile and Security Practices September 2003 Introduction... 2 Benefits of Wireless LANs... 2 Productivity...

More information

Wireless Pre-Shared Key Cracking (WPA, WPA2)

Wireless Pre-Shared Key Cracking (WPA, WPA2) Wireless Pre-Shared Key Cracking (WPA, WPA2) TABLE OF CONTENTS Introduction... 2 Mechanics Of PSKs And How They Work Demystified... 2 How PSKs Can Be Cracked!... 5 WPA2 PSK Cracking Demonstration.... 6

More information