Wired Equivalent Privacy A memorandum in Secure Computer Systems
|
|
- Christina Jordan
- 7 years ago
- Views:
Transcription
1 Wired Equivalent Privacy A memorandum in Secure Computer Systems March 3, 2009 Group members: Hongyu Ju <hongyu.ju@gmail.com> Kim Honkaniemi <Kim.Honkaniemi.3207@student.uu.se> Torbjörn Svangård <trptorbjorn@gmail.se> 1
2 Contents 1 Wired Equivalent Privacy CRC Dierent WEP standards Authentication Generating trac to get IV's Packet injection De-authentication Fake authentication Bittau's fragmentation attack Attacking WEP Brute force FMS attack KoreK's chopchop attack The PTW attack Number of IV's needed to crack WEP between
3 1 Wired Equivalent Privacy To secure the communication over IEEE (Wireless) standard, the encryption used is the Stream Cipher RC4 for encrypting and keeping the messages condentiality. For checking integrity CRC-32 is used, this check does not give any defense for targeted modication of the data but mainly for detecting random errors. This Stream Cipher will take a key as input and produce a long stream as output, a keystream. To encrypt your message, you XOR the keystream together with your plaintext to produce a Stream Cipher, this is your message encrypted. The key that is used is a concatenated string of the WEPkey and an Initializing Vector. The IV where introduced in the WEP protocol as a nonce to prevent the usage of two dierent packets ciphered with the same key. The RC4 is only secure if there never will be two messages encrypted with the same keystream which would be the same key and IV. The IV is sent together with the packet in plaintext so that the user on the other side can just insert this IV and decrypt the cipher. The RC4 is a safe way to encrypt messages as long as you keep your key secret, and for WEP this would include also to never re-use the same IV. The XOR of two ciphers with the same key, is equal to the XOR of its two plaintexts and the statistical properties of this can be used for cryptoanalysis to reconstructs the two plaintexts together with the key stream. 1.1 CRC-32 To ensure the integrity of the packet CRC-32 is used. CRC-32 is a cyclic redundancy check used to compute the checksum in WEP packets. There is a big problem with this CRC-32 tho, it has no defense against targeted modication, meaning an attacker could easily modify the packet and then making a new CRC checksum to match the new packet. CRC-32 is only protecting against random errors. 1.2 Dierent WEP standards There are mainly two versions of WEP used today, WEP-40 and WEP-104. WEP-40 uses a 40 bit, 10 hexadecimal characters, key concatenated with a 26 bit IV. WEP-104 uses a 104 bit, 26 hexedecimal characters, key concatenated with a 24 bit IV. 1.3 Authentication There are two ways to authenticate yourself onto a WEP WLAN, Open System Auth. and Shared Key Auth. For Shared Key Auth you will contact the Access Point and request to authenticate yourself, the AP will send back plaintext string which you encrypt data with a key and send it back in another auth request. The AP will decrypt the message with the correct key and if the decrypted data is the same as the plaintext rstly sent the AP will allow this user onto the network. The Open System Auth will just let the AP know that it wishes to 3
4 join the network and he's allowed. You will still need to have the correct keys to decrypt any data. The shared key auth sounds as if it was the better choice, BUT there is a big problem with this. If someone picks up both the plaintext and the cipher packet the can just XOR them together to get the specic Key Stream generated by the RC4 which is one step in retrieving the key. 2 Generating trac to get IV's In order to perform any crack on WEP based on its poor implementation of RC4 IV packets are needed. They can either be gathered passively by just collecting trac on a network, however this is very timeconsuming. If there is little or no trac on the network it will take a very long time in order to get enough IV's. However there are some tricks in order to make the AP (Access Point) send IV's. 2.1 Packet injection Lets assume that we are using a IPv4-network. We have a host A and a B. If A wants to send data to B it will need B's physical address or the gateway to B. To resolve addresses ARP-packets, Address Resolution Protocol, is used. A sends ARP-request to the linklayer broadcast address. This means that A signals that it wants to know B's physical address. B responds A with an ARP-reply containing B's physical address. Since an ARP-packet is a linklayer protocol it is not ltered or has any limited speed rate. From the an ARP-packet we can get the rst 16 bytes of the key stream. The corresponding IV is transmitted in clear with the packet. To speed up the time getting IV's, it is possible to re-inject a ARP-packet that was previously captured. By doing this more arp-replys will be generated. 2.2 De-authentication It is possible to send a de-authenticate message to a connected client on the network. This tells the client that it has lost connection to the base-station. Often clients reconnect automatically and when this occurs their ARP-cache is ushed, and will generate more ARP-requests. More ARP-requests means more IV's that we collect in order to crack the key. 2.3 Fake authentication The fake authentication attack allows an attacker to join a WEP protected network, even if the attacker has not got the secret root key. In the IEEE standard there are two specied ways of a client can authenticate itself. One is called Open System authentication, a client simply asks if it can join the network and if the access point will grant this if it supports Open System authentication. The secret root key is not used in this method. 4
5 The other way is called Shared Key authentication. It uses the secret root key and a challenge-response authentication mechanism, which should make it more secure. It is however possible for an attacker to sni an Shared Key authentication handshake and use it to join the network. Example of fake authentication attack using Shared Key authentication: 1. Erik tries connecting to the network. 2. The access point sends out a clear text challenge. 3. Erik takes the challenge packet, encrypts it with his WEP key, and sends it back to the access point. 4. The attacker Anna extracts the IV (sent in the clear) and key by XORing the challenge with Erik's response. 5. Now Anna tries connecting to the network. 6. The access point sends out a challenge string. 7. Now that Anna has derived the key from the plaintext cryptanalysis, she can correctly respond to the access point's challenge. 8. Anna connects to the network. 2.4 Bittau's fragmentation attack Bittau's fragmentation attack from 2005 can get 1500 bytes of PRGA (pseudo random generation algorithm). This attack does not recover the WEP key itself, but only obtains the PRGA. The PRGA can then be used to generate packets which are in turn used for injection attacks. It requires at least one data packet to be received from the access point in order to initiate the attack. This attack is used to speed up IV collection. 1. Eavesdrop WEP-trac 2. Get the PRGA 3. Transmit fragmeted data using the same IV - this generates trac. 4. Collect weak IV's 5. Perform the FMS or PWT attack 3 Attacking WEP 3.1 Brute force The rst attacks ever performed on WEP was by brute force, which means trying every possible key until the correct key is discovered. The standard species a 40-bit key, a focused attack on a network would require less than a month to crack the key. For a well motivated attacker this is not very long time. 5
6 It was noted that many used plaintext pass phrase instead of a random hexadecimal crypt-key, this fact was used and narrowed down the attack to rst try all ASCII characters rst, converted to hexadecimal numbers. Maybe it would have been a good idea to have had an standardized algorithm for hashing the pass phrase, to make bruteforcing attacks more timeconsuming. The eect of this problem was that 104-bit keys were introduced. 3.2 FMS attack RC4 in its implementation in WEP has been found to have weak keys. Having a weak key means there is more correlation between the key and the output than there should be for good security. Determining which packets were encrypted with weak keys is easy because the rst three bytes of the key are taken from the IV that is sent unencrypted in each packet. This weakness can be exploited by a passive attack. The attack works in a passive way which makes it impossible to detect that it is even taking place. This works because the system running the attack does not need to transmit, instead it only needs to receive network trac. The attack takes advantage of a number of so called weak IV's. Out of the 16,777,216 possible (24-bit) IV's 9000 are considered as weak. A 40 bit WEP key can be cracked in a few seconds with around 250, ,000 IV's. So the time consuming part is collecting the IV-packets. For a 104 bit WEP key up to IV's and maybe even more is needed. 3.3 KoreK's chopchop attack The development of new attacks did not stop after the FMS attack. A person using the name KoreK posted a new kind of attack on a forum in His attack actually uses 17 dierent kinds of attacks, some previously published but most of them was found by KoreK. With this attack the need for IV's were reduced to about 150,000 for a 40-bit WEP key and 500,000 for a 104-bit key. 3.4 The PTW attack With the PTW-attack it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauthentication and ARP re-injection, 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds on a Pentium-M 1.7 GHz. The same attack can be used for 40 bit keys too with an even higher success probability. 3.5 Number of IV's needed to crack WEP between
7 Figure 1: 7
802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com
802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key
More informationWEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication
WLAN Security WEP Overview 1/2 WEP, Wired Equivalent Privacy Introduced in 1999 to provide confidentiality, authentication and integrity Includes weak authentication Shared key Open key (the client will
More informationWireless security (WEP) 802.11b Overview
Wireless security (WEP) 9/01/10 EJ Jung 802.11b Overview! Standard for wireless networks Approved by IEEE in 1999! Two modes: infrastructure and ad hoc IBSS (ad hoc) mode Independent Basic Service Set
More informationAttacks against the WiFi protocols WEP and WPA
Attacks against the WiFi protocols WEP and WPA Matthieu Caneill Jean-Loup Gilis October - December 2010 Abstract Wireless networks are today an entire part of the Internet, and are often used by companies
More informationWireless Networks. Welcome to Wireless
Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,
More informationAuthentication in WLAN
Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing
More informationChapter 6 CDMA/802.11i
Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Some material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationIntroduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu
Introduction to WiFi Security Frank Sweetser WPI Network Operations and Security fs@wpi.edu Why should I care? Or, more formally what are the risks? Unauthorized connections Stealing bandwidth Attacks
More informationWireless Security. Jason Bonde ABSTRACT. 2. BACKGROUND In this section we will define the key concepts used later in the paper.
Wireless Security Jason Bonde University of Minnesota, Morris bond0107@morris.umn.edu ABSTRACT Wireless internet has become a popular way of accessing the Internet. While wireless internet does have the
More informationNetwork Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.
Network Security Chapter 15 Security of Wireless Local Area Networks Network Security WS 2002: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control MAC and physical characteristics
More informationAdvanced Security Issues in Wireless Networks
Advanced Security Issues in Wireless Networks Seminar aus Netzwerke und Sicherheit Security Considerations in Interconnected Networks Alexander Krenhuber Andreas Niederschick 9. Januar 2009 Advanced Security
More informationDiploma thesis Fachgebiet Theoretische Informatik
Diploma thesis Fachgebiet Theoretische Informatik Summer term 2007 Fachbereich Informatik TU Darmstadt Attacks on the WEP protocol Erik Tews e tews@cdc.informatik.tu-darmstadt.de Supervisor: Prof. Dr.
More informationWireless Security: Token, WEP, Cellular
Wireless Security: Token, WEP, Cellular 27 May 2015 Lecture 9 Some slides adapted from Jean-Pierre Seifert (TU Berlin) 27 May 2015 SE 425: Communication and Information Security 1 Topics for Today Security
More informationKey Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards
White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the
More informationVulnerabilities in WEP Christopher Hoffman Cryptography 2 2011-3
Vulnerabilities in WEP Christopher Hoffman Cryptography 2 2011-3 1. Abstract Wired Equivalent Privacy (WEP) was the first encryption scheme used for protecting wireless traffic. It consisted of a private
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationVulnerabilities of Wireless Security protocols (WEP and WPA2)
Vulnerabilities of Wireless Security protocols (WEP and WPA2) Vishal Kumkar, Akhil Tiwari, Pawan Tiwari, Ashish Gupta, Seema Shrawne Abstract - Wirelesses Local Area Networks (WLANs) have become more prevalent
More informationCOMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2)
COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2) Disha Baba Banda Singh Bahadur Engineering College Fatehgarh Sahib, Punjab Sukhwinder Sharma Baba Banda Singh Bahadur Engineering College Fatehgarh
More informationCSC574: Computer and Network Security
CSC574: Computer and Network Security Lecture 21 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr) Wireless Security Wireless makes network security much more difficult Wired: If Alice
More informationWireless LAN Security Mechanisms
Wireless LAN Security Mechanisms Jingan Xu, Andreas Mitschele-Thiel Technical University of Ilmenau, Integrated Hard- and Software Systems Group jingan.xu@tu-ilmenau.de, mitsch@tu-ilmenau.de Abstract.
More informationKey Management (Distribution and Certification) (1)
Key Management (Distribution and Certification) (1) Remaining problem of the public key approach: How to ensure that the public key received is really the one of the sender? Illustration of the problem
More informationWEP WPA WPS :: INDEX : Introduction :
WEP WPA WPS With clients Without clients :: INDEX : Introduction > Overview > Terms & Definitions [ Step 1 ] : Configuring the network interface [ Step 2 ] : Collecting the network info [ Step 3 ] : Capturing
More informationCS5490/6490: Network Security- Lecture Notes - November 9 th 2015
CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 Wireless LAN security (Reference - Security & Cooperation in Wireless Networks by Buttyan & Hubaux, Cambridge Univ. Press, 2007, Chapter
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationSSI. Commons Wireless Protocols WEP and WPA2. Bertil Maria Pires Marques. E-mail: pro09020@fe.up.pt Dez 2009. Dez 2009 1
SSI Commons Wireless Protocols WEP and WPA2 Bertil Maria Pires Marques E-mail: pro09020@fe.up.pt Dez 2009 Dez 2009 1 WEP -Wired Equivalent Privacy WEPisasecurityprotocol,specifiedintheIEEEWireless Fidelity
More informationSecurity design for a new local area Network AULWLAN
International Conference on Computer Systems and Technologies CompSysTech 2003 Security design for a new local area Network AULWLAN Ahmed Abdo Ali ABSTRACT : This paper presents a security scheme for a
More informationThe Misuse of RC4 in Microsoft Word and Excel
The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft
More informationCryptanalysis of IEEE 802.11i TKIP
Cryptanalysis of IEEE 802.11i TKIP Finn Michael Halvorsen Olav Haugen Master of Science in Communication Technology Submission date: June 2009 Supervisor: Stig Frode Mjølsnes, ITEM Co-supervisor: Martin
More informationWireless LAN Security I: WEP Overview and Tools
Wireless LAN Security I: WEP Overview and Tools Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-09/
More informationWHITE PAPER. WEP Cloaking TM Maximizing ROI from Legacy Wireless LAN
WHITE PAPER WEP Cloaking TM Maximizing ROI from Legacy Wireless LAN WEP Cloaking TM Maximizing ROI from Legacy Wireless LAN Wired Equivalent Privacy (WEP) is the encryption protocol defined in the original
More informationCCMP known-plain-text attack
Taking a different approach to attack WPA2-AES, or the born of the CCMP known-plain-text attack Domonkos P. Tomcsanyi Lukas Lueg April, 2010 Abstract
More informationWiFi Security Assessments
WiFi Security Assessments Robert Dooling Dooling Information Security Defenders (DISD) December, 2009 This work is licensed under a Creative Commons Attribution 3.0 Unported License. Table of Contents
More informationA COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2)
A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2) Vipin Poddar Suresh Gyan Vihar School of Engginering And Technology, Jaipur, Rajasthan. Hitesh Choudhary, Poornima University, Jaipur,
More informationWireless security. Any station within range of the RF receives data Two security mechanism
802.11 Security Wireless security Any station within range of the RF receives data Two security mechanism A means to decide who or what can use a WLAN authentication A means to provide privacy for the
More informationA SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS
A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS Jose Perez Texas A&M University Corpus Christi Email: jluisperez16@gmail.com Fax Number: (361) 825-2795 Faculty Advisor: Dr. Ahmed Mahdy, Texas A&M University
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationWireless LAN Security: Securing Your Access Point
IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.5B, May 2006 173 Wireless LAN Security: Securing Your Access Point Sia Sie Tung, Nurul Nadia Ahmad, Tan Kim Geok Faculty
More informationTinySec: A Link Layer Security Architecture for Wireless Sensor Networks
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastr, David Wagner Presented By: Tristan Brown Outline Motivation Cryptography Overview TinySec Design Implementation
More informationOffensive Security. Wireless Attacks - WiFu
Offensive Security Wireless Attacks - WiFu v. 3.0 Mati Aharoni Devon Kearns Thomas d Otreppe de Bouvette Course Overview The wireless industry continues to grow in leaps and bounds with more and more gadgets
More information6.857 Computer and Network Security Fall Term, 1997 Lecture 4 : 16 September 1997 Lecturer: Ron Rivest Scribe: Michelle Goldberg 1 Conditionally Secure Cryptography Conditionally (or computationally) secure
More informationWLAN and IEEE 802.11 Security
WLAN and IEEE 802.11 Security Agenda Intro to WLAN Security mechanisms in IEEE 802.11 Attacks on 802.11 Summary Wireless LAN Technologies WLAN technologies are becoming increasingly popular, and promise
More informationAll vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices
Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationWI-FI SECURITY: A LITERATURE REVIEW OF SECURITY IN WIRELESS NETWORK
IMPACT: International Journal of Research in Engineering & Technology (IMPACT: IJRET) ISSN(E): 2321-8843; ISSN(P): 2347-4599 Vol. 3, Issue 5, May 2015, 23-30 Impact Journals WI-FI SECURITY: A LITERATURE
More informationLecture 2 Secure Wireless LAN
Lecture 2 Secure Wireless LAN Network security (19265400 / 201000086) Lecturers: Aiko Pras Pieter-Tjerk de Boer Anna Sperotto Ramin Sadre Georgios Karagiannis Acknowledgements Part of the slides are based
More informationWPA Migration Mode: WEP is back to haunt you...
WPA Migration Mode: WEP is back to haunt you... Leandro Meiners (lmeiners@coresecurity / lmeiners@gmail.com) Diego Sor (dsor@coresecurity.com / diegos@gmail.com) July 2010 Abstract Cisco access points
More informationTutorial 3. June 8, 2015
Tutorial 3 June 8, 2015 I. Basic Notions 1. Multiple-choice (Review Questions Chapter 6, 8 and 11) 2. Answers by a small paragraph (Chapter 2: viruses: MBR, rootkits, ) Multiple choice X. Which is the
More informationThe Basics of Wireless Local Area Networks
The Basics of Wireless Local Area Networks Andreas Johnsen Student at Mälardalens högskola ajn05012@student.mdh.se +46 712345678 ABSTRACT This paper is written as a brief education about the basics of
More informationMethodology: Security plan for wireless networks. By: Stephen Blair Mandeville A. Summary
Methodology: Security plan for wireless networks By: Stephen Blair Mandeville A. Summary The evolution to wireless networks allows connections with the same quality of data transfer at a lower cost but
More informationEncryption, Data Integrity, Digital Certificates, and SSL. Developed by. Jerry Scott. SSL Primer-1-1
Encryption, Data Integrity, Digital Certificates, and SSL Developed by Jerry Scott 2002 SSL Primer-1-1 Ideas Behind Encryption When information is transmitted across intranets or the Internet, others can
More informationWireless Encryption Protection
Wireless Encryption Protection We re going to jump around a little here and go to something that I really find interesting, how do you secure yourself when you connect to a router. Now first and foremost
More informationLab 7. Answer. Figure 1
Lab 7 1. For each of the first 8 Ethernet frames, specify the source of the frame (client or server), determine the number of SSL records that are included in the frame, and list the SSL record types that
More informationSecurity in IEEE 802.11 WLANs
Security in IEEE 802.11 WLANs 1 IEEE 802.11 Architecture Extended Service Set (ESS) Distribution System LAN Segment AP 3 AP 1 AP 2 MS MS Basic Service Set (BSS) Courtesy: Prashant Krishnamurthy, Univ Pittsburgh
More informationEVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2)
EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2) Moffat Mathews, Ray Hunt Department of Computer Science and Software Engineering, University of Canterbury, New Zealand {ray.hunt@canterbury.ac.nz}
More informationSecurity in wireless networks:
: Vulnerabilities and countermeasures Department of Software Engineering and Computer Science Blekinge Institute of Technology Spring 2003 Authors: Josephine Larsson Ida Waller Supervisor: Anders Carlsson
More informationdect provides high protection against unauthorized access
dect provides high protection against unauthorized access BACKGROUND 2 Wireless communication for voice and data is growing worldwide. The amount of DECT (Digital Enhanced Cordless Telecommunications)
More informationA DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES
A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES Johanna Janse van Rensburg, Barry Irwin Rhodes University G01j202j7@campus.ru.ac.za, b.irwin@ru.ac.za (083) 944 3924 Computer Science Department, Hamilton
More informationNew Avatars of Honeypot Attacks on WiFi Networks
New Avatars of Honeypot Attacks on WiFi Networks Prabhash Dhyani Wireless Security Researcher,Airtight Networks,Pune Email: prabhash.dhyani@airtightnetworks.com Abstract WiFi has become mainstream technology
More informationNetwork Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2003): 15 Wireless LAN Security 1. Dr.-Ing G.
Network Security Chapter 15 Security of Wireless Local Area Networks Network Security (WS 2003: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control (MAC and physical characteristics
More informationA New Secure Strategy for Small-Scale IEEE 802.11 Wireless Local Area Networ
I.J. Wireless and Microwave Technologies 2012, 4, 21-27 Published Online August 2012 in MECS (http://www.mecs-press.net) DOI: 10.5815/ijwmt.2012. 04.04 Available online at http://www.mecs-press.net/ ijwmt
More informationGSM and UMTS security
2007 Levente Buttyán Why is security more of a concern in wireless? no inherent physical protection physical connections between devices are replaced by logical associations sending and receiving messages
More informationHow To Secure Your Network With 802.1X (Ipo) On A Pc Or Mac Or Macbook Or Ipo On A Microsoft Mac Or Ipow On A Network With A Password Protected By A Keyed Key (Ipow)
Wireless LAN Security with 802.1x, EAP-TLS, and PEAP Steve Riley Senior Consultant MCS Trustworthy Computing Services So what s the problem? WEP is a euphemism Wired Equivalent Privacy Actually, it s a
More informationWireless Network Security. Pat Wilbur Wireless Networks March 30, 2007
Wireless Network Security Pat Wilbur Wireless Networks March 30, 2007 Types of Attacks Intrusion gain unauthorized access to a network in order to use the network or Internet connection Types of Attacks
More informationNetzwerksicherheit: Anwendungen
Internet-Technologien (CS262) Netzwerksicherheit: Anwendungen 22. Mai 2015 Christian Tschudin & Thomas Meyer Departement Mathematik und Informatik, Universität Basel Chapter 8 Security in Computer Networks
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography
More informationCS 361S - Network Security and Privacy Spring 2014. Homework #1
CS 361S - Network Security and Privacy Spring 2014 Homework #1 Due: 11am CST (in class), February 11, 2014 YOUR NAME: Collaboration policy No collaboration is permitted on this assignment. Any cheating
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More information1 Step 1: Select... Files to Encrypt 2 Step 2: Confirm... Name of Archive 3 Step 3: Define... Pass Phrase
Contents I Table of Contents Foreword 0 Part I Introduction 2 1 What is?... 2 Part II Encrypting Files 1,2,3 2 1 Step 1: Select... Files to Encrypt 2 2 Step 2: Confirm... Name of Archive 3 3 Step 3: Define...
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationYour 802.11 Wireless Network has No Clothes
Your 802.11 Wireless Network has No Clothes William A. Arbaugh Narendar Shankar Y.C. Justin Wan Department of Computer Science University of Maryland College Park, Maryland 20742 March 30, 2001 Abstract
More informationCCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE 802.11i): A Comparison with DES and RSA
Journal of Computer Science Original Research Paper CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE 802.11i): A Comparison with DES and RSA 1 Velayutham, R. and 2 D. Manimegalai
More informationSecurity in Wireless and Mobile Networks
Security in Wireless and Mobile Networks 1 Introduction This is a vast and active field, a course by itself Many references on wireless security A good book on wireless cooperation: Thwarting Malicious
More information2. WLAN SECURITY MECHANISMS AND PROTOCOLS 1. INTRODUCTION
Wireless Network Security : Comparison of WEP (Wired Equivalent Privacy) Mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) Security Protocols. Halil Ibrahim BULBUL Ihsan BATMAZ
More informationWireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com
Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge
More informationCS549: Cryptography and Network Security
CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared
More informationWIRELESS NETWORKING SECURITY
WIRELESS NETWORKING SECURITY Dec 2010 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationSSL A discussion of the Secure Socket Layer
www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record
More informationSecurity in Wireless Local Area Network
Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June
More informationThe next generation of knowledge and expertise Wireless Security Basics
The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com
More informationWEP WPA WPS :: INDEX : Introduction :
WEP WPA WPS With clients Without clients :: INDEX : Introduction > Overview > Terms & Definitions [ Step 1 ] : Configuring the network interface [ Step 2 ] : Collecting the network info [ Step 3 ] : Capturing
More informationWhite paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com
White paper Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points http://www.veryxtech.com White Paper Abstract Background The vulnerabilities spotted in the Wired Equivalent Privacy (WEP) algorithm
More informationWired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA)
2009 International Conference on Signal Processing Systems Wired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA) ARASH HABIBI LASHKARI Computer Science Dept. of FCSIT a_habibi_l@hotmail.com
More informationThree attacks in SSL protocol and their solutions
Three attacks in SSL protocol and their solutions Hong lei Zhang Department of Computer Science The University of Auckland zhon003@ec.auckland.ac.nz Abstract Secure Socket Layer (SSL) and Transport Layer
More informationSymm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2
Wi-Fi Security FEUP>MIEIC>Mobile Communications Jaime Dias Symmetric cryptography Ex: RC4, AES 2 Digest (hash) Cryptography Input: variable length message Output: a fixed-length bit
More informationWi-Fi Client Device Security & HIPAA Compliance
Wi-Fi Client Device Security & HIPAA Compliance Originally Published: September 2010 Updated: October 2012 A White Paper from Laird Technologies Connecting medical devices to a hospital s Wi-Fi network
More informationWireless Local Area. Network Security
Wireless Local Area Network Security HONORS PROJECT CIS 345/ Section 131 Spring 2005 Mentor: Prof. C.S. Rani The first part of this research paper will answer questions such as: what is wireless, how wireless
More informationWireless LANs and Privacy. Ido Dubrawsky Network Security Engineer Cisco Secure Consulting Services Cisco Systems, Inc. And
Wireless LANs and Privacy Ido Dubrawsky Network Security Engineer Cisco Secure Consulting Services Cisco Systems, Inc. And Lance Hayden Business Development Manager Cisco Secure Consulting Services Cisco
More informationWIRELESS SECURITY A SEMINAR REPORT. Submitted by ANISH KUMAR. in partial fulfillment for the award of the degree COMPUTER SCIENCE & ENGINEERING
WIRELESS SECURITY A SEMINAR REPORT Submitted by ANISH KUMAR in partial fulfillment for the award of the degree of BACHELOR OF TECHNOLOGY in COMPUTER SCIENCE & ENGINEERING SCHOOL OF ENGINEERING COCHIN UNIVERSITY
More informationCIS433/533 - Computer and Network Security Cryptography
CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and
More informationMOHAMMAD YASIN ARASHPOUR
IMPLEMENTATION OF WIRELESS SECURITY ON VIRTUALWiFi MOHAMMAD YASIN ARASHPOUR DISSERTATION SUBMITTED IN FULFILLMENT OF FULL REQUIREMENT FOR THE DEGREE OF MASTER OF INFORMATION TECHNOLOGY FACULTY OF COMPUTER
More informationAirStation One-Touch Secure System (AOSS ) A Description of WLAN Security Challenges and Potential Solutions
AirStation One-Touch Secure System (AOSS ) A Description of WLAN Security Challenges and Potential Solutions Buffalo Technology (USA), Inc. October 2004 1 Summary The Wireless Security Problem With the
More informationWireless LAN Security
Wireless LAN Security Today and Tomorrow By Sangram Gayal and Dr. S. A. Vetha Manickam Center for Information and Network Security Pune University Table of Contents 1. Introduction... 3 2. Wireless LANs...
More informationA Security Analysis of the Wireless Networks (IEEE 802.11)
A Security Analysis of the Wireless Networks (IEEE 802.11) Sampath Thodupunuri Abstract The 802.11 standard for wireless networks includes a Wired Equivalent Privacy (WEP) protocol, used to protect link-layer
More informationIPsec Details 1 / 43. IPsec Details
Header (AH) AH Layout Other AH Fields Mutable Parts of the IP Header What is an SPI? What s an SA? Encapsulating Security Payload (ESP) ESP Layout Padding Using ESP IPsec and Firewalls IPsec and the DNS
More informationThe Wireless LAN (Local Area Network) USB adapter can be operated in one of the two following networking configurations :
SAGEM Wi-Fi 11g USB ADAPTER Quick Start Guide About this guide This Quick Start Guide describes how to install and operate your SAGEM Wi-Fi 11g USB ADAPTER. Please read this manual before you install the
More informationChair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 13
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 13 Some More Secure Channel Issues Outline In the course we have yet only seen catastrophic
More informationCS 758: Cryptography / Network Security
CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html
More informationProCurve Wireless LAN Security
ProCurve Wireless LAN Security Fundamentals Guide Technical Training Version 8.21 Contents ProCurve Wireless LAN Security Fundamentals Introduction... 1 Objectives... 1 Discussion Topics... 2 Authentication
More informationBasic Security. Security Service. Authentication. Privacy. Authentication. Data privacy & Data integrity
ITEC4620 Wireless and Mobile Communication Networks D803(12.30-15.30(Sat)) ดร. ประว ทย ช มช ว ศวกรรมสารสนเทศและการส อสาร Email: prawit@mut.ac.th ห องท างาน: F402 เบอร โทรศ พท ท ท างาน: (02)9883655 ต อ
More information