Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Transcription

1 Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE wireless security Define vulnerabilities of Open System Authentication, WEP, and Device Authentication Describe the WPA and WPA2 personal security models Overview enterprises wireless security implementation considerations IEEE Wireless Security Protections History of WIFI Specification Institute of Electrical and Electronics Engineers (IEEE) The most widely known and influential organization for computer networking and wireless communications Early 1980s: IEEE began developing network architecture standards Project called: IEEE formed committee to develop standards for a Wireless Local Area Network (WLAN) specification That operate at a speed of 1 & 2 million bits per second (Mbps) IEEE Wireless Security Protections (cont.) 1997: IEEE approves IEEE WLAN standard Approved Four Revisions: IEEE a IEEE b IEEE g

2 Controlling Access IEEE i - Enterprise specification (not speed related) IEEE n Controlling WLAN Access: Accomplished by limiting a device s access to the Access Point (AP) Requires method to restrict AP access to only authorized devices, and by extension the wireless network IEEE standard does not specify how to implement access controls Most AP vendors implement Access Control through Media Access Control (MAC) address filtering Controlling Access (cont.) Wired Equivalent Privacy (WEP) Designed to ensure that only authorized parties can view transmitted wireless information Uses RC4 encryption to protect traffic The IEEE committee designed WEP to meet the following criteria: Controlling Access (cont.) Efficient, exportable, optional, self-synchronizing, and reasonably strong US Cryptography restrictions prevented stronger key implementations WEP uses a Shared key cryptology implementation minimum of 64 bits in length Key options: 64-bit key 128-bit key Passphrase The AP and devices can hold up to four shared secret keys

3 One of which must be designated as the default key Quick Tutorial - Text Altering Algorithms Uses: To impede someone from reading the value of the text. Types: Encryption Algorithm Provides confidentiality Convert plain-text to ciphertext using a Key Allows ciphertext to be converted back to plain-text if the proper Key is present Hash Algorithm Controlling Access (cont.) Device authentication Cryptographic operation that converts a variable plain-text input to a fixed length ciphertext representation of the value. One-way function, the text can not be decrypted into the original plaintext. WLANs cannot limit signal transmissions to physical boundaries (e.g. walls or doors) Bleed over of signal is called Data Emanation Authentication methods supported by : Open system authentication Shared key authentication Controlling Access (cont.) Open System Vulnerabilities Open System Authentication: Open System Authentication Single Factor Authentication: SSID must match hosted network ID SSID can be discovered thru traffic scanning for AP beaconing

4 MAC address filtering WEP Beacon frame response to AP allows network joining MAC Spoofing Weak encryption, easily determined key based on repetition Open System Vulnerabilities Passive scanning Most common type of scanning Wireless device listens for beacons over a period of time Enhanced AP configurations allow for ability to exclude Beacon Frames from including SSID data In this case requires user to enter SSID manually on the wireless device Open System Vulnerabilities Problems when SSID not beaconed: Can affect roaming Can affect Windows XP devices SSID easily discoverable even when not beaconed Transmitted in other AP management frames Configuring SSID to not beacon provides virtually no protection Increases trouble shooting of wireless clients Open System Vulnerabilities MAC Address Filtering Weaknesses MAC addresses are initially exchanged unencrypted Attacker can easily see the MAC address of an approved device and spoof it to join WLAN network Managing large numbers of MAC addresses poses significant challenges MAC address filtering does not provide a means to temporarily allow a guest user access

5 Requires manually entry of user s MAC address into the access point WEP WEP encryption only supports 64-bit or 128-bit keys Made up of a 24-bit Initialization Vector (IV) and 40-bit or 104-bit default key Default key limits its strength Violates the cardinal rule of cryptography: WEP (cont.) Detectable patterns must be avoided at all costs IVs repeat in fewer than seven hours Weaknesses of WEP make it possible for an attacker to identify two packets derived from the same IV (called a collision) Keystream attack XOR Overview Method of determining the keystream by analyzing two packets that were created from the same IV XOR Function XOR is a digital logic gate that functions as a truth table. Logic operation is referred to as an Exclusive Disjunction Commonly used in bitwise operations such as cryptography. Values are represented as either 1 (True) or 0 (False). To validate as true one input for a given position must be true. If both values are equal, it creates a negative or False rating. Personal Wireless Security Requirements for personal wireless security based on two models: WPA Personal Security WPA2 Personal Security WPA Personal Security

6 Wireless Ethernet Compatibility Alliance (WECA) Consortium of wireless equipment manufacturers and software providers formed to promote wireless network technology WECA goals: Encourage use of IEEE standards / technologies Promote / market these technologies Test and certify which wireless products adhere to the IEEE standards for interoperability WPA Personal Security (cont.) In 2002, WECA changed its name to Wi-Fi (Wireless Fidelity) Alliance In October 2003 the Wi-Fi Alliance introduced Wi-Fi Protected Access (WPA) WPA design goal to protect both present and future wireless devices, addresses both wireless authentication and encryption PSK addresses authentication TKIP addresses encryption WPA replaced WEP (a key can be cracked in less than two minutes) WPA Personal Security (cont.) Preshared key (PSK) Authentication Uses a passphrase to generate the encryption key Must be created and entered into both the AP and each authorized wireless devices Devices will not communicate with the AP without identical PSK s PSK is not the Encryption Key The PSK is the SEED used to generate the mathematically unique encryption keys WPA Personal Security (cont.) WPA uses an encryption technology called Temporal Key Integrity Protocol (TKIP)

7 TKIP advantages over WEP: TKIP uses a longer 128-bit key TKIP keys are known as per-packet keys When coupled with other technologies, TKIP provides an even greater level of security WPA also replaces the (CRC) function in WEP with the Message Integrity Check (MIC) Designed to prevent attackers capturing, altering, and replaying data packets WPA2 Personal Security Wi-Fi Protected Access 2 (WPA2) Introduced September 2004 WPA Second generation Continues use of PSK authentication Replaces TKIP encryption with Advanced Encryption Standard (AES) PSK Authentication Designed for personal and small office home office PSK keys are automatically changed and authenticated between devices after a specified period of time known as the rekey interval WPA2 Personal Security (cont.) PSK key management weaknesses: Key distribution and sharing is performed manually without any technology security protections Only uses a single key Changing the PSK key requires reconfiguring the key on every wireless device and on all access points Guest access requires providing the PSK to that guest PSK uses passphrases which can be subject to dictionary attack WPA2 Personal Security (continued) PSK is a 64-bit hexadecimal number

8 Most common way method of generation is by entering a passphrase Criteria: Letters, digits, punctuation, etc Length requirements: Between 8 and 63 characters Passphrases < 20 characters subject to a specific type of dictionary attack and broken easily WPA2 Personal Security (cont.) AES-CCMP Encryption Encryption under the WPA2 personal security model is accomplished by AES-CCMP CCMP is Counter Mode with CBC-MAC (CCM) CCM is the algorithm providing data privacy While the Cipher Block Chaining Message Authentication Code (CBCMAC) component of CCMP provides data integrity and authentication Enterprise Wireless Security The enterprise wireless security options can be divided into three general categories: IEEE i IEEE i compliant models WPA compliant WPA2 compliant Key Points of i: Addresses the two main weaknesses of wireless networks: encryption and authentication Replaces WEP s PRNG RC4 algorithm with a stronger cipher that performs three steps on every block (128 bits) of plaintext IEEE i authentication and key management is accomplished by the IEEE 802.1x standard Supports Key-Caching: Network storage of device information to facilitates roaming users.

9 IEEE i (cont.) Devices can be Pre-Authenticated, Allowing authentication before moving into range of the AP WPA Enterprise Security The WPA Enterprise Security model is designed for medium to large-size organizations Provides improved authentication and encryption over the personal model on a wireless LAN WPA2 Enterprise Security IEEE 802.1x Authentication Provides an authentication framework for all IEEE 802-based LANs Uses port-based authentication mechanisms Does not perform any encryption TKIP Encryption An improvement on WEP encryption Designed to fit into the existing WEP procedure WPA Enterprise Security (cont.) Provides the highest level of secure authentication and encryption on a wireless LAN IEEE 802-1x Authentication Most robust authentication for WLAN AES-CCMP Encryption Encryption is based on the stronger AES-CCMP 128-bit keys and 128-bit blocks are mandatory for WPA2 Enterprise Wireless Security Devices Thin Access Point Enterprise device the separates the AP function

10 from the Authentication and Encryption. Provides for centralized management of wireless infrastructure All authentication is performed in the wireless switch Enterprise Wireless Security Devices (cont.) Wireless VLANs Used to segment traffic and increase security The flexibility of a wireless VLAN depends on which device separates the packets and directs them to different networks For enhanced security many organizations set up two wireless VLANs Employee access Guest access Enterprise Wireless Security Devices (cont.) Rogue Access Point Discovery Tools Summary Wireless protocol analyzer Allows auditing the airwaves for rogue access points RF Frequency Monitor requires a special sensor called a wireless probe Wireless Probe Types: Wireless device probe Desktop probe Access point probe Dedicated probe

11 Initial IEEE standard contained security controls for protecting wireless transmissions from attackers Wi-Fi Alliance introduced two levels of personal security Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) Enterprise and Personal wireless security models require different requirements / infrastructure Additional wireless security devices can be used to defend against attackers