Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References



Similar documents
12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi

Chapter 6 CDMA/802.11i

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security in IEEE WLANs

CS 356 Lecture 29 Wireless Security. Spring 2013

Wireless Security. New Standards for Encryption and Authentication. Ann Geyer

How To Secure Wireless Networks

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

Security in Wireless Local Area Network

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

The next generation of knowledge and expertise Wireless Security Basics

Wireless security. Any station within range of the RF receives data Two security mechanism

Key Hopping A Security Enhancement Scheme for IEEE WEP Standards

Wireless Networks. Welcome to Wireless

Agenda. Wireless LAN Security. TCP/IP Protocol Suite (Internet Model) Security for TCP/IP. Agenda. Car Security Story

Recommended Wireless Local Area Network Architecture

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points.

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication

WIRELESS NETWORKING SECURITY

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security

DESIGNING AND DEPLOYING SECURE WIRELESS LANS. Karl McDermott Cisco Systems Ireland

Chapter 2 Wireless Networking Basics

Computer Networks. Secure Systems

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Wireless Encryption Protection

Wireless Security for Mobile Computers

A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2)

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Cornerstones of Security

CS549: Cryptography and Network Security

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003

Link Layer and Network Layer Security for Wireless Networks

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.

Netzwerksicherheit: Anwendungen


Wireless LAN Security Mechanisms

Security in Wireless and Mobile Networks

Wi-Fi Client Device Security and Compliance with PCI DSS

EXAM questions for the course TTM Information Security May Part 1

Your Wireless Network has No Clothes

Network Access Security. Lesson 10

COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2)

WLAN - Good Security Principles. WLAN - Good Security Principles. Example of War Driving in Hong Kong* WLAN - Good Security Principles

chap18.wireless Network Security

13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode

NXC5500/2500. Application Note w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2003): 15 Wireless LAN Security 1. Dr.-Ing G.

m-trilogix White Paper on Security in Wireless Networks

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

Linux Access Point and IPSec Bridge

Vulnerabilities in WEP Christopher Hoffman Cryptography

Particularities of security design for wireless networks in small and medium business (SMB)

Chapter 2 Configuring Your Wireless Network and Security Settings

Configuring Security Solutions

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

Wireless LAN Security I: WEP Overview and Tools

WIRELESS NETWORK SECURITY

Wireless Technology Seminar

Symm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2

Vulnerabilities of Wireless Security protocols (WEP and WPA2)

Authentication in WLAN

Topics in Network Security

EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE i (WPA2)

Chapter 7 Transport-Level Security

Applying of Security Mechanisms to Low Layers of OSI/ISO Network Model

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Lecture 3. WPA and i

Chapter 10. Network Security

CS 336/536 Computer Network Security. Summer Term Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

WI-FI VS. BLUETOOTH TWO OUTSTANDING RADIO TECHNOLOGIES FOR DEDICATED PAYMENT APPLICATION

Network Security Technology Network Management

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:

Client Server Registration Protocol

Developing Network Security Strategies

Certified Wireless Security Professional (CWSP) Course Overview

WIRELESS SECURITY IN (WI-FI ) NETWORKS

How To Secure Your Network With 802.1X (Ipo) On A Pc Or Mac Or Macbook Or Ipo On A Microsoft Mac Or Ipow On A Network With A Password Protected By A Keyed Key (Ipow)

Cisco SAFE: Wireless LAN Security in Depth

Security (II) ISO : Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

Distributed Systems Security

VPN SECURITY. February The Government of the Hong Kong Special Administrative Region

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

Security and privacy in public WLAN networks

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

How To Protect A Wireless Lan From A Rogue Access Point

Wireless Local Area. Network Security

As enterprises conduct more and more

WiFi Security: Deploying WPA/WPA2/802.1X and EAP in the Enterprise

Transcription:

Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions in Basic mechanisms WiFi Protected Access (WPA) IEEE 802.11i Describe some other security issues Mobile Networks: Security in Wireless LANs and Mobile Networks 2 References J. F. Kurose and K. W. Ross, Computer Networking: A Top-Down Approach Featuring the Internet, 2nd ed., Addison Wesley, 2003, Chapter 7. T. Karygiannis and L. Owens, Wireless Network Security: 802.11, Bluetooth, and Handheld Devices, NIST Special Publication 800-48, Nov. 2002. http://csrc.nist.gov/publications/nistpubs/ 800-48/NIST_SP_800-48.pdf WiFi Protected Access (WPA) http://www.wi-fi.org/opensection/protected_access.asp Agenda Mobile Networks: Security in Wireless LANs and Mobile Networks 3 Mobile Networks: Security in Wireless LANs and Mobile Networks 4 Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or a building Infrared limited to a room Traditional wireline networks benefit from physical security Access to the wire is required to gain information Switched networks further reduce exposure Mobility Makes it Difficult to Establish Trust A mobile user must connect to a network component (e.g., an access point) that is physically hidden Problem on both home and foreign networks Mobility on foreign networks -- service providers are unknown and, perhaps, not trusted Access points Foreign agents DHCP servers Sniffing is easy Is this my AP? Mobile Networks: Security in Wireless LANs and Mobile Networks 5 Mobile Networks: Security in Wireless LANs and Mobile Networks 6

Lack of Infrastructure Lack of security infrastructure Authentication servers Certificate authorities Unknown nodes providing service Intermediate nodes for ad hoc routing Can intermediate node be trusted? System Design Issues Mobile form factor Desire low power consumption Minimize computation Minimize network communication Constrained by low processing capabilities Constrained by limited link capacity Need cryptographic and other security-related algorithms to be simple Need to minimize communications overhead for security protocols Mobile Networks: Security in Wireless LANs and Mobile Networks 7 Mobile Networks: Security in Wireless LANs and Mobile Networks 8 Secure Communications (1) Privacy or confidentiality The intended recipients know what was being sent but unintended parties cannot determine what was sent Requires some form of encryption and decryption Encryption at the sender Decryption at the receiver using a public or private (secret) key to decode the encrypted information Authentication Confirms the identity of the other party in the communication Assures that The claimed sender is the actual sender The claimed receiver is the actual receiver Secure Communications (2) Message integrity and non-repudiation Data integrity data is transmitted from source to destination without undetected alteration Non-repudiation prove that a received message came from a claimed sender Availability and access control Ensures availability of resources for the intended users Controls access to resource Mobile Networks: Security in Wireless LANs and Mobile Networks 9 Mobile Networks: Security in Wireless LANs and Mobile Networks 10 Link Versus End-to-End Security End-to-End Security Link Security End-to-end security Provided by network (e.g., IPsec), transport (e.g., SSL), and/or application layer (e.g., application-specific) Link security Provided by link layer (e.g., IEEE 802.11 WEP, WPA, or IEEE 802.11i) Security Objectives (1) Major concerns at the link layer Authentication (but, related to access control) Privacy Integrity Major concerns at the network layer (e.g., IPsec) Authentication Privacy Integrity Mobile Networks: Security in Wireless LANs and Mobile Networks 11 Mobile Networks: Security in Wireless LANs and Mobile Networks 12

Security Mechanisms (2) at the transport layer (e.g., SSL) and in applications may deal with all objectives Authentication Privacy Integrity Access control Agenda Mobile Networks: Security in Wireless LANs and Mobile Networks 13 Mobile Networks: Security in Wireless LANs and Mobile Networks 14 Cryptography Public Key Cryptography Unlike a private key system, one can publish the key for encryption in a public key encryption system Plaintext Encryption Ciphertext K B Decryption Plaintext K B + Public key Symmetric (private) key cryptography Sender and receiver keys are identical ( = K B ) Asymmetric (public) key cryptography Sender (encryption) key ( ) is public Receiver (decryption) key (K B ) is private Plaintext m Encryption Ciphertext K B + (m) Private key - K Plaintext B Decryption m = K - B (K + B (m)) Mobile Networks: Security in Wireless LANs and Mobile Networks 15 Mobile Networks: Security in Wireless LANs and Mobile Networks 16 Authentication with Private Key Cryptography Authentication can be implemented with symmetric (private) key cryptography encrypt A Claim A R K(R) B Generate a one-time nonce decrypt R Authentication with Public Key Cryptography Use of public key avoids shared key problem Vulnerable to man-in-the-middle attack A Claim A R - (R) Key Request + B + : A s public key - : A s private key Sender must have used private key of A, so it is A Compute K + A (KA - (R)) = R Mobile Networks: Security in Wireless LANs and Mobile Networks 17 Mobile Networks: Security in Wireless LANs and Mobile Networks 18

Agenda Authentication Privacy IEEE 802.11 Security Security was not thoroughly addressed in the original IEEE 802.11 standard Based on Wired Equivalent Privacy (WEP) Objective is to not compromise security when compared to a standard wired LAN (e.g., Ethernet) but what does this really mean? Evolution Long-term: IEEE 802.11i Short-term: WiFi Protected Access (WPA) Mobile Networks: Security in Wireless LANs and Mobile Networks 19 Mobile Networks: Security in Wireless LANs and Mobile Networks 20 IEEE 802.11: Authentication (1) IEEE 802.11 supports two authentication schemes Open system authentication Shared key authentication Authentication management frames used in a transaction to establish authentication Authentication algorithm number Authentication transaction sequence number Status code Deauthentication management frame sent to terminate an association Reason code IEEE 802.11: Authentication (2) Open system authentication is really just a placeholder for systems that do not wish to implement true authentication One station asserts its identity The other station responds with success Shared key authentication Both stations must have a copy of a WEP key Station proves identity by encrypting and returning challenge text 128-bit challenge text based on RC4 stream cipher Shared key authentication only authenticates the station to the AP, not the AP to the station! Mobile Networks: Security in Wireless LANs and Mobile Networks 21 Mobile Networks: Security in Wireless LANs and Mobile Networks 22 IEEE 802.11: Shared Key Authentication Uses private key authentication scheme shown earlier Encrypted using shared WEP key STA identity assertion identity assertion/ challenge text encrypted text success/failure AP 128-bit one-time nonce Decrypted using shared WEP key IEEE 802.11: Deauthentication A station can terminate an authentication association with another station by sending that station a deauthentication frame Contains just a reason code, e.g., sending station is leaving the BSS or ESS Mobile Networks: Security in Wireless LANs and Mobile Networks 23 Mobile Networks: Security in Wireless LANs and Mobile Networks 24

IEEE 802.11: Privacy Based on Wired Equivalent Privacy (WEP) MAC at sender encrypts frame body of data frames Headers and non-data frames are not encrypted Does not protect against data analysis attacks MAC at receiver decrypts and passes data to higher level protocol Uses RC4 symmetric stream cipher Same key at sender and receiver Can be applied to variable length data Key distribution not addressed in standard WEP Data Encryption Host/AP share 40-bit symmetric key Semi-permanent WEP key May be longer (e.g., 128 bits) Host appends 24-bit initialization vector () for each frame to create a 64-bit key 152-bit key with 128-bit WEP key The 64-bit key is used to generate a stream of keys, k i, using RC4 private key stream cipher algorithm Key k i is used to encrypt byte i, di, in the frame c i = d i XOR k i (XOR is exclusive-or) Initialization vector () and the encrypted bytes, c i, are sent in the frame Mobile Networks: Security in Wireless LANs and Mobile Networks 25 Mobile Networks: Security in Wireless LANs and Mobile Networks 26 WEP Encryption at the Sender WEP Encryption Vulnerability K S k 1 d 1 c 1 Key Sequence Generator k 2 d 2 c 2 802.11 Header k N k N+1 d N c N crc 1 c N+1 k N+4 crc 4 c N+4 K S = shared WEP key Supports integrity WEP-encrypted data and CRC Initialization vectors are 24 bits in length and a new one is used each frame, so s are eventually reused s are transmitted in plaintext, so reuse can be detected just by packet sniffing Attack An intruder causes a host to encrypt known plaintext, d 1, d 2, d 3, The intruder sees c i = d i XOR k i The intruder knows c i and d i, so it can compute k i The intruder knows encrypting key sequence k 1, k 2, k 3, k 4, The next time that the same is used, the intruder can decrypt Mobile Networks: Security in Wireless LANs and Mobile Networks 27 Mobile Networks: Security in Wireless LANs and Mobile Networks 28 IEEE 802.11: Security Weaknesses (1) WEP encryption is flawed, affecting privacy and authentication Static WEP keys leave encryption vulnerable Initialization vectors sent in the clear Generation of s may be weak Not specified in the standard All NICs from a vendor may generate the same sequence of s or the may be a fixed value Exposed (revealing part of key) plus weakness of RC4 make WEP vulnerable to analysis Can be broken for a busy network by a contemporary personal computer about 10 hours for sniffing and a few seconds to guess the key IEEE 802.11: Security Weaknesses (2) Integrity check based on CRC Relatively weak compared to a hash or message authentication scheme Introduces vulnerabilities for certain kinds of attacks Unilateral challenge-response used for authentication vulnerable to man-in-the-middle attack Asymmetric authentication Station cannot authenticate AP Key management is not addressed by the standard Very complex task, especially for a large network Mobile Networks: Security in Wireless LANs and Mobile Networks 29 Mobile Networks: Security in Wireless LANs and Mobile Networks 30

IEEE 802.11: Security Weaknesses (3) Out-of-the-box default is usually no security Ease of deployment and ease of operation for users Lots of WLANs with no security configured! Agenda Mobile Networks: Security in Wireless LANs and Mobile Networks 31 Mobile Networks: Security in Wireless LANs and Mobile Networks 32 Improving IEEE 802.11 Security RSA Security s Fast Packet Rekeying WiFi Alliance s WiFi Protected Access (WPA) IEEE 802.11 Technical Group i (IEEE 802.11i) Fast Packet Rekeying Generates a unique key to encrypt each network packet on the WLAN Hashing technique used to rapidly generates per packet keys The IEEE 802.11 group has approved fast packet rekeying as a fix for WEP security weaknesses Mobile Networks: Security in Wireless LANs and Mobile Networks 33 Mobile Networks: Security in Wireless LANs and Mobile Networks 34 WiFi Protected Access WiFi Protected Access (WPA) is intended as a nearterm solution to the IEEE 802.11 security problem Software-only updates requires update to AP firmware and NIC driver A subset of the more extensive IEEE 802.11i techniques Based on two main functions 802.1x port-based access control Temporal Key Integrity Protocol (TKIP) IEEE 802.1x Port-Based Access Control Allows use of upper-layer authentication protocols AP and station can authenticate each other Integrates with IETF s Extensible Authentication Protocol (EAP) See RFC 2284 Authentication can be On the AP Use a backend server, e.g., with RADIUS Allows use of session keys 802.1x keys can be changed each session Standard WEP keys are semi-permanent Mobile Networks: Security in Wireless LANs and Mobile Networks 35 Mobile Networks: Security in Wireless LANs and Mobile Networks 36

Temporal Key Integrity Protocol Extends the initialization vector () space beyond 24 bits Uses key construction for each packet Improves cryptographic integrity check beyond CRC used in WEP Supports key derivation and distribution IEEE 802.11i IEEE 802.11i also known as Robust Security Network (RSN) Longer-term solution (but should be available very soon) Requires hardware replacements for APs and NICs Superset of WPA includes IEEE 802.1x port-based access control Temporal Key Integrity Protocol (TKIP) Includes support for Advanced Encryption Standard (AES) for confidentiality and integrity Mobile Networks: Security in Wireless LANs and Mobile Networks 37 Mobile Networks: Security in Wireless LANs and Mobile Networks 38 Advanced Encryption Standard The Advanced Encryption Standard (AES) is published by NIST as the successor to Data Encryption Standard (DES) Operation 128-byte blocks of data (cleartext) 128-, 192-, or 256-bit symmetric keys NIST estimates that a machine that can break 56-bit DES key in 1 second would take about 149 trillion years to crack a 128-bit AES key (unless someone is very lucky) Agenda Mobile Networks: Security in Wireless LANs and Mobile Networks 39 Mobile Networks: Security in Wireless LANs and Mobile Networks 40 Mitigating Risk* Virtual Private Networks Management countermeasures For example, standardizing AP settings and controlling use of WLANs within an organization Operational countermeasures For example, controlling coverage area of APs Technical countermeasures Access point configuration Firmware and software updates Personal firewalls Intrusion detection systems (IDS) Maximizing WEP key length Security audits *Karygiannis and Owens, 2002 Virtual private networks Mobile Networks: Security in Wireless LANs and Mobile Networks 41 VPN Server VPN Tunnel Link Security Using a VPN (e.g., based on IPsec) above the WLAN provides the security present in the environment of the VPN server Mobile Networks: Security in Wireless LANs and Mobile Networks 42

Agenda Bluetooth While generally more secure than IEEE 802.11, there are vulnerabilities More information C. T. Hager and S. F. Midkiff, Demonstrating Vulnerabilities in Bluetooth Security, IEEE Global Telecommunications Conference (GLOBECOM), Vol. 3, Dec. 1-5, 2003, pp. 1420-1424. C. T. Hager and S. F. Midkiff, An Analysis of Bluetooth Security Vulnerabilities, IEEE Wireless Communications and Networking Conference, Vol. 3, March 16-20, 2003, pp. 1825-1831. Mobile Networks: Security in Wireless LANs and Mobile Networks 43 Mobile Networks: Security in Wireless LANs and Mobile Networks 44 Mobile Networks Security vulnerabilities in Mobile IP Rogue Foreign Agents Impersonating a Home Agent Impersonating a Mobile Host to redirect traffic Reducing security to enable Mobile IP router at foreign network Security vulnerabilities in mobile ad hoc networks (MANETs) Generating faulty routing information Snooping on relayed traffic Refusing to route Power-oriented attacks Summary Examined the basic objectives of security and fundamental approaches to cryptography and authentication IEEE 802.11 security features (which are flawed) Authentication Privacy and integrity Solutions to IEEE 802.11 s security problems WiFi Protected Access (WPA) IEEE 802.11i Robust Security Network (RSN) Higher layer security methods can also address WLAN security problems in wireless and mobile systems Mobile Networks: Security in Wireless LANs and Mobile Networks 45 Mobile Networks: Security in Wireless LANs and Mobile Networks 46

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information