All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

Size: px

Start display at page:

Download "All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices"

Abel Lewis
8 years ago
Views:

1 Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly encrypted communication Wireless medium is open, unauthorized users can get around firewalls Rogue APs Denial of service Ex: Jamming channel 56

Intrusion and interception of poorly encrypted communication Wireless medium is open,

2 Problems with WEP Revisited IVs are short 24-bit IVs cause the generated key stream to repeat Repetition allows easy decryption of data for a moderately sophisticated adversary Cryptographic keys are shared As the number of people sharing the key grows, the security risks also grow RC4 has a weak key schedule and is inappropriately used in WEP Weakness in the first few bits in RC4 schedule RC4 schedule is restarted for every packet Packet integrity is low CRC and other linear block codes are inadequate for providing cryptographic integrity No user authentication Client does not authenticate AP Anyone can pretend to be an AP Device authentication is simple shared-key challenge-response Shared-key challenge response is subject to man-in-the-middle attack 57

RC4 schedule RC4 schedule is restarted for every packet Packet integrity is low CRC and other linear block codes are inadequate for providing cryptographic integrity No user authentication

3 An Illustration of Man-in-the-middle attack Authorization Request Generate a random # Encrypt Challenge using RC4 algo Challenge Response Confirm Success Decrypt response and verify 58

4 An Illustration of Man-in-the-middle attack Authorization Request 2 Authorization Request 1 Challenge 1 Generate a random # Challenge 1 Authorization Request 2 Challenge 2 Response Response Confirm Success 59

5 Counter-measurements in WLAN MAC Access Control (ACL) Grant or deny a list of NIC addresses However, MAC addresses are transmitted clear-text and can be spoofed Set up ACL can be cumbersome for medium to large networks Wireless Protected Access (WPA) IEEE 802.1X port access control Stop intruders from sending traffic through the access point into adjacent networks Use Extensible Authentication Protocol (EAP) TKIP (temporal key integrity protocol) Add a per-packet key mixing function to de-correlate the public initialization vectors (IVs) from weak keys Re-keying with fresh encryption and integrity keys every 1000 packets TKIP utilizes RC4 with 128-bit keys for encryption and 64-bit keys for authentication. Now replaced by RSN (Robust Security Network) which use AES block cipher 60

1X port access control Stop intruders from sending traffic through the access point into adjacent networks Use Extensible Authentication Protocol (EAP) TKIP (temporal key integrity protocol) Add a

6 AP acts as a middle man RADIUS: authorization server EAPOW 4-way hanshake can be used to exchange shared-key (for session) 61

7 Counter-measurements (cont d) Personal firewall Virtual private network (VPN) Corporate intranet, e.g., access UH resource using VPN 62

8 VPN (cont d) Secured tunnel built on IPsec (layer 3) Access control: Wireless networks on campus Enterprise Network Firewall RADIUS Server 63

9 An Example Home Wireless Network 00:1C:58:23:BD:9A DSL Modem Wireless Router Enable WEP MAC ACL Firewall 64

11 66

12 67

13 68

14 A Real Life Example Screen shot from Radisson Bahia Mar (Fort Lauderdale) 69

15 Security Issues in MANET MANETs inherently assume cooperation and thus are subject to security attack by design Ex: DSR routing uses cached routes Security problems Availability RF jamming sleep deprivation torture Inject false routing information or simply drop packets Integrity Data integrity Device integrity: how do you know your thermometer is telling the truth? Authenticity Absence of online server Secure transient association Confidentiality These problems are aggravated by the fact that many devices, e.g., a thermometer is incapable of performing cryptographic operations by itself 70

Device integrity: how do you know your thermometer is telling the truth?

16 An Example Attack in DSR Backhole: A wants to communicate with D. Node A Node B Intruder Node C Node D Node A will broadcast a message asking the better path to reach the node D. The best path is chosen depending on the metric of the different routes If an intruder replies with the shortest path, it inserts itself in the network Node can drop any packet forwarded to him 71

17 Counter-attack to blackhole Passively acknowledge Node A Node B Data 1 Data 1 Intruder Node C Node D 72

18 A Secured MANET Routing Protocol Nodes need to be authenticated Source, destination, relay nodes How? Shared-key or public key But how to establish keys? key management is a hard problem Route message content needs to be protected Some are dynamically updated each hop Some are static Integrity of data messages Example: hash chain for AODV to ensure hop count field Source RREP (seed, H TTL (seed), H) Intermediate node, kth hop, (H k, H TTL (seed), H) 73

key management is a hard problem Route message content needs to be protected Some are dynamically updated each

19 Further Reading 74

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or