Basic Security. Security Service. Authentication. Privacy. Authentication. Data privacy & Data integrity



Similar documents
Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Chapter 6 CDMA/802.11i

Wireless security. Any station within range of the RF receives data Two security mechanism

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE i (WPA2)

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Security in IEEE WLANs

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security

Symm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2

Wireless Security. Jason Bonde ABSTRACT. 2. BACKGROUND In this section we will define the key concepts used later in the paper.

Wireless LAN Security Mechanisms

Key Hopping A Security Enhancement Scheme for IEEE WEP Standards

Wireless Networks. Welcome to Wireless

Wireless Security. New Standards for Encryption and Authentication. Ann Geyer

CS 356 Lecture 29 Wireless Security. Spring 2013

How To Secure Your Network With 802.1X (Ipo) On A Pc Or Mac Or Macbook Or Ipo On A Microsoft Mac Or Ipow On A Network With A Password Protected By A Keyed Key (Ipow)

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2)

Authentication in WLAN

Vulnerabilities of Wireless Security protocols (WEP and WPA2)

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

Distributed Systems Security

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.

Chapter 2 Wireless Networking Basics

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

Applying of Security Mechanisms to Low Layers of OSI/ISO Network Model

Security (II) ISO : Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

WiFi Security Assessments

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

The next generation of knowledge and expertise Wireless Security Basics

EXAM questions for the course TTM Information Security May Part 1

Agenda. Wireless LAN Security. TCP/IP Protocol Suite (Internet Model) Security for TCP/IP. Agenda. Car Security Story

CSC574: Computer and Network Security

Certified Wireless Security Professional (CWSP) Course Overview

CS549: Cryptography and Network Security

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Advanced Security Issues in Wireless Networks

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points.

WLAN - Good Security Principles. WLAN - Good Security Principles. Example of War Driving in Hong Kong* WLAN - Good Security Principles

COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2)

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN

Lecture 2 Secure Wireless LAN

Client Server Registration Protocol

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

Wireless Robust Security Networks: Keeping the Bad Guys Out with i (WPA2)

Netzwerksicherheit: Anwendungen

A Comprehensive Review of Wireless LAN Security and the Cisco Wireless Security Suite

Wireless LANs and Privacy. Ido Dubrawsky Network Security Engineer Cisco Secure Consulting Services Cisco Systems, Inc. And

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2003): 15 Wireless LAN Security 1. Dr.-Ing G.

WLAN Access Security Technical White Paper. Issue 02. Date HUAWEI TECHNOLOGIES CO., LTD.

CS 336/536 Computer Network Security. Summer Term Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

Huawei WLAN Authentication and Encryption

Wireless security (WEP) b Overview

UNIK4250 Security in Distributed Systems University of Oslo Spring Part 7 Wireless Network Security

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

Security in Wireless Local Area Network

ACC , Cisco Systems, Inc. All rights reserved.

WiFi Security: WEP, WPA, and WPA2

chap18.wireless Network Security

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

ProCurve Wireless LAN Security

SECURITY IN NETWORKS

COSC 472 Network Security

Chapter 17. Transport-Level Security

Content Teaching Academy at James Madison University

Vulnerabilities in WEP Christopher Hoffman Cryptography

SSI. Commons Wireless Protocols WEP and WPA2. Bertil Maria Pires Marques. Dez Dez

Network Security. HIT Shimrit Tzur-David

Computer Networks. Secure Systems

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal

Wireless Local Area Network Security Obscurity Through Security

Chapter 10. Network Security

Wireless Security for Mobile Computers

Network Security Protocols

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

WiFi Security: Deploying WPA/WPA2/802.1X and EAP in the Enterprise

Configuring Security Solutions

IT Networks & Security CERT Luncheon Series: Cryptography

WIRELESS NETWORKING SECURITY

Linux Access Point and IPSec Bridge

DESIGNING AND DEPLOYING SECURE WIRELESS LANS. Karl McDermott Cisco Systems Ireland

Security in Wireless and Mobile Networks

WLAN Security. Giwhan Cho Distributed/Mobile Computing System Lab. Chonbuk National University

Chapter 10: Designing and Implementing Security for Wireless LANs Overview

A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

CRYPTOGRAPHY IN NETWORK SECURITY

Wireless Networking Basics. NETGEAR, Inc Great America Parkway Santa Clara, CA USA

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Overview. SSL Cryptography Overview CHAPTER 1

Tutorial 3. June 8, 2015

Chap. 1: Introduction

WIRELESS SECURITY IN (WI-FI ) NETWORKS

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

Transcription:

ITEC4620 Wireless and Mobile Communication Networks D803(12.30-15.30(Sat)) ดร. ประว ทย ช มช ว ศวกรรมสารสนเทศและการส อสาร Email: prawit@mut.ac.th ห องท างาน: F402 เบอร โทรศ พท ท ท างาน: (02)9883655 ต อ 220 เบอร โทรศ พท เคล อนท : 065343850 Class Security in 802.11 Introduction to Network Security Example of 802.11 Network security Security Service Security Mechanisms Key managements Types of ciphers Security Attacks IEEE 802.11 Security Authentication WEP Security Vulnerabilities 802.11i WPA (WiFi Protected Access) RSN (Robust Security Network)(WPA2) ห วข อบรรยาย IEEE 802.11 Security Examples Ciphertext Ciphertext Ciphertext Source Module Encryption Decryption Receiver Module Wireless Channel Sender Receiver Authentication Encryption Decryption Receiver Module Receiver

Authentication Open System Authentication Any one can join Shared key Authentication Basic Security A standard challenge A shared secret key Data privacy & Data integrity WEP AES used in IEEE 802.11i Security Service Definition A service that enhances the security of data processing systems and information transfers. Makes use of one or more security mechanisms Examples of network security service requirements: authentication privacy, confidentiality integrity non repudiation obliviousness information flow Authentication Definition The requirement by which a process securely communicates its identity to another Thus, if process k receives an identification communication from process j then it must be the case that there is a corresponding send of that identification communication by j Note that if messages are not all unique, then to deal with replay of old communications from j, we may have to embed counters in the state to capture bad prefixes Instances of identity communication of j: k j : n j k : R.j n or k j : n j k : S n ; j Privacy Definition The requirement by which communication is possible that can be decoded only by the processes that agree to communicate In some cases, source, destination, frequency of communication needs to be protected as well Instances of private communication from j to k: j k : S data or j k : B.k data

Non Repudiation Definition The requirement by which a recipient can prove that to anyone that the message was indeed sent by the sender Likewise, a sender can prove that a recipient indeed received the message Note that non-repudiation implies integrity, but not vice versa. Note that non-repudiation does not necessarily imply authentication, since the message could have been forwarded by a third party Instance of nonrepudiation of communication from j to k: j k : data, R.j data or j k : data, R.j MD(data) Integrity Definition The requirement by which a recipient can prove to itself that the message is what was indeed sent I.e., the message was not modified or replaced Instance of integrity of communication from j to k: j k : data, MD(data; S) Obliviousness Definition The requirement by which a process may perform a set of operations but not be sure which one (or more) of them was correctly performed E.g., a process may send two messages but not be sure which one of them was correctly received E.g., a process may sign one of a set of messages but not know which one it signed, or use one of a set of keys to encrypt with but not know which one was chosen Information Flow Definition The requirement by which a high-level process cannot communicate any information to a low-level process, directly or indirectly Sometimes this is called absence of covert channels or subliminal channels One sufficient condition for this requirement is called noninterference, which says that the outcome of an action of a low-level process in a computation remains the same even if actions performed by all higher-level processes are added or deleted to the computation

Security services (contd.) Other important security services include: authorization: access is enabled if that access is allowed availability: permanence, non-erasure verifiability: a sort of integrity, revealing originality not content unforgeability: a sort of integrity, forged messages must be independent of original messages distinguishability: can guess whether encrypted msg is m0/m1 detectability: can guess whether encrypted msg is valid Ethical, social, policy and legal issues Some software we will study may be under export restriction, it is your responsibility to obey the applicable laws Many of the algorithms we will discuss are protected by patents, which makes it illegal to make and sell (or give away) computer programs that use those algorithms I expect you to work individually. Cheating/undisclosed collaboration will be dealt with severely Types of Cryptographic Functions Secret Key Cryptography (Systematic cryptography) One Password key for Encryption and Decryption Public Key Cryptography (Systematic cryptography) - Two key: Public key and Private Key Hash Algorithm Message digits or one-way transformations Secret Key Cryptography Ciphertext Ciphertext Ciphertext Source Module Encryption Decryption Receiver Module Communication Channel Sender Receiver

Public key algorithm Ciphertext Ciphertext Ciphertext Source Module Encryption Decryption Receiver Module Communication Channel Sender Receiver Decryption Receiver Module Hash Algorithms Password Hashing ใช ในการเก บ hash ของ password Message Integrity ใช ในการตรวจสอบความถ กต องของข อม ล Message Finger print ใช ในการตรวจสอบความถ กต องของข อม ลจ านวนมาก ๆ Downline Load Security ใช ในการตรวจสอบความถ กต องของโปรแกรมท ได มาจากอ ปกรณ เคร อข ายปลายทาง o = h(m) Receiver m= massages ร o และ h(m) หาค า m ได ยากมาก Stream Ciphers Types of Ciphers Generates Continuous key stream based on the key value Block Ciphers Generates a single encryption key stream of a fixed size Both Ciphers Same input generates the same Ciphertext output (security threat) Initialization Vectors Feedback modes key Cipher Stream Ciphers Key Stream Ciphertext

Block Ciphers Without Initialization Vectors With Feedback modes Electronic Code Book (ECB) (No Feed back Mode) Output Feedback Mode (OFB) Cipher Feedback Mode (CFB) Key m1 En discarded K bits Key m2 En discarded K bits Key m3 En Key m1 discarded K bits En discarded K bits c1 Key m2 En discarded K bits c2 Key m3 En discarded K bits c3 Security Mechanism Definition A mechanism that is designed to detect, prevent, or recover from a security attack Pervasive security mechanisms include: encryption or encipherment digital signatures, notarization traffic padding routing control trusted functionality security labels access controls event detection audit trails Firewalls c1 c2 c3

Types of Keys Cryptography underlies many security mechanisms. Keys are often used for securing or unsecuring information Symmetric, S: Same key is used to encode and decode Asymmetric or Public/Private, B/R: Public key is used to encode, private key to decode One way function, f: Given x, it is easy to compute f(x), but given f(x) it s hard to compute x One way function with trapdoor, f: A one way function where given f(x) it is easy to compute x if one knows a trapdoor function g s.t. g(f(x))=x Types of Keys (contd.) One way permutation, f,g: Both f and g are one way functions and each other's trapdoor One way hash function, MD: A hash function MD that is one way (Recall that a hash function may be many-to-one) One way strongly collision-free hash function, MD: A one way hash function MD s.t. it is hard to compute different x and y s.t. MD(x)=MD(y) One way weakly collision-free hash function, MD: A one way hash function MD s.t. given x it is hard to compute a different y s.t. MD(x)=MD(y) Types of Keys (contd.) Weak key: A key in the key-space that does not encode well, e.g., 0-key, and is thus easy to guess Complement key: A key s.t. Complement(f(x)) = f(complement(x)) and thus involves considering half the x to guess Related keys: A pair of keys that are related by some difference which can be exploited to reduce the number of x to guess Introduction to Network Security Example of 802.11 Network security Security Service Security Mechanisms Key managements Types of ciphers Security Attacks IEEE 802.11 Security Authentication WEP Security Vulnerabilities 802.11i WPA (WiFi Protected Access) RSN (Robust Security Network)(WPA2) ห วข อบรรยาย

Athentication and Access control CRC Integrity Protection Confidentaility RC4 Shared key WEP WEP IEEE 802.11 Security open RC4 TRIP EAP MIC WEP WPA Mac Adress Filtering Firewall VPN (Virtual Private Network) 802.1X EAP TRIP(opt) RSN(WPA2) WEP AES- CCMP 802.11i 802.1X IEEE 802.11 Security SSID ก าหนดไม AP กระจาย SSID Ethernet MAC Address Access Control Lists ก าหนดการเช อมต อเคร อข ายโดยใช หมายเลข MAC ของล กข าย หมายเลข MAC สามารถเปล ยนได Authentication WEP (Wired Equivalent Privacy) 802.11i หล งจากเจอช องโว ของ WEP WPA (Wi-Fi Protected Access) TKIP (Temporal Key Integrity Protocol) AES (Advanced Encryption Standard) Open Authentication Shared Key Authentication Authentication In WLAN Authentication Frame Format

Open Authentication Shared Key Authentication Challenge Text 128 bytes The first is the same as the first frame in open system authentication Generated using the WEB key generator with a random key and initialization vector (2 Frame) The frame is encrypted with WEP (third frame) After receiving the third frame, integrity check, if valid, send forth frame The forth frame is the same as the second frame in open system authen tication Frame Format when using WEP

CICV CICV ICV ICV CICV WEP ICV ICV Key ID+Pad CRC I Secret RC4 Keystream V key Secret key RC4 Keystream I V I Ciphertext V Ciphertext Algorithms - CRC, RC4, Parameters WEP Decryption Ciphertext WEP Encryption Yes CRC No Discard Bad ICV I Ciphertext V X1 0 0 1 1 X2 0 1 0 1 X1 X2 0 1 1 0 - (Initialization Vector), ICV (Integrate Check Value), CICV (Cipher ICV) - 64 bits = 24()+40 (Secret key) - 128 bits = 24()+104 (Secret key) KSA (Key Scheduling Algorithm) PRGA (Pseudo Random Generation Algorithm) N = 2 n l is the number of words of K, where each word contains n bits x CRC (Cyclic redundancy check) 32 Polynomial 3-bit CRC ส งออกช องส ญญาณ IEEE 32-bit CRC Polynomial 26 23 22 16 12 11 10 8 7 5 4 2 + x + x + x + x + x + x + x + x + x + x + x + x + x + 1 x 3 + x + 1 n=8 (normally) K = secret key z = key stream

Example of IEEE 802.11 Security ม AP ต วหน งเสร จค า Authentication เป น open system authentication Encryption แบบ WEP 128 bits ไม ม การ filter MAC address น กศ กษาไม ม the shared secret key น กศ กษาสามารถเช อมต อได? น กศ กษาสามารถ ping AP น นจากเคร อง คอมน กศ กษา? An Example of WEP Key Distribution No speciation of key distribution All keys must be statically entered into ether the driver software or the firmware on the wireless card If keys are accessible to users, then all keys must be changed Key management problems collisions Message Injection Authentication Spoofing Cracking Web Key Problems with WEP

Key management problems WEP used a systematic key encryption mechanism Both encryption and decryption use the same key If a laptop is stolen, the shared key has to re-config on both AP and clients is reused is sent in clear text 2 packet from the same collisions Keystream Cipher text Cipher text Cipher text collisions 11010011 10100110 Keystream 01110101 Cipher text 01110101 10001011 11111110 Cipher text 00101101 10100110 10001011 11010011 00101101 11111110 collisions Know Ciphertext1 and Ciphertext2 1 Get 2 How we know 1 1. Send a packet to a target machine 2. Geuss plaintext1 from well-known protocols Handshaking in TCP

Message Injection IEEE 802.11 does not require the to change with every packet Know A key stream from a Pliant text and a Cipher text A new Ciphertext A new plaintext the known key stream Inject the packet into the network A valid WEP packet Cipher text Keystream Message Injection 11010011 10100110 Keystream 01110101 Cipher text 11010011 10100110 01110101 Deriving a key stream Forging a new cipher text Authentication Spoofing = Challenge Text Ciphertext = Challenge Response Use message injection - To authentication without the shared secret key Cracking Web Key Airsnort, WEPCrack and dweputils From Scoth Fluhre, Itsik Mantin and Adi Shamir Weaknesses in the Key Scheduling Algorithm of RC4 Know The first few bytes of pliantext Such as IP and ARP start with 0xAA

Brute Force Attack vs FSM Attack Brute Force Attack Capture a single encrypted packet Apply an enormous of computing power FSM (Finite State Machine) Attack Capture an enormous of encrypted packets Use very little CPU power Introduction to Network Security Example of 802.11 Network security Security Service Security Mechanisms Key managements Types of ciphers Security Attacks IEEE 802.11 Security Authentication WEP Security Vulnerabilities 802.11i WPA (WiFi Protected Access) RSN (Robust Security Network)(WPA2) ห วข อบรรยาย WPA (Wi-Fi Protected Access) & RNS Authentication and Access control User based Authentication Logical Port Based on 802.1X EAP (Extensible Authentication protocol), EAPOL (EAP Over LAN) EAP-Cisco EAP-TLS (Transport Layer Security) EAP-PEAP (Protected EAP)

802.1X Supplicant Autheticator Authenticaion Server 1. 802.1X(EAP-Start) 2. AP Blocks All Non-802.1X Traffic 3. 802.1X (EAP-Request Identiy) 4. 802.1X(EAP-Response Indentity) 5. RADIUS(EAP-Response Identity) 7. 802.1X(EAP-Request)(Challenge) 6. RADIUS (EAP-Request)(Challenge) 8. 802.1X(EAP-Response) (Challenge response) 10. 802.1X (EAP-Request)(Challenge) 9. RADIUS(EAP-Response) (Challenge response) 11. RADIUS (EAP-Request)(Challenge) 13. 802.1X(EAP-Response)(Challenge response) 15. 802.1X(EAP-Success) 12. RADIUS(EAP-Response)(Challenge response) 14. RADIUS ACCEPT 17. The client opens its Port 16. The AP opens the client s Port TKIP (Temporal Key Integrity Protocol) 802.1X Derived key Most Significant 32 Bits Form Transmitter MAC Address Mixer Phase 1 Key Mixer 16 Bit Per Frame Key Plain Text Data Frame WEP Encrypted Data Frame 802.1X Derived key Most Significant 32 Bits Form Transmitter MAC Address Encrypted Data Frame Mixer 16 Bit MIC key Michael Plain Text Data Frame Phase 1 Key Mixer Per Frame Key MIC Failure Sequecnce Discard Failed ICV WEP Data Frame with MIC Discard Out of sequence MIC (Message Integrity Code) Destination MAC Address Source MAC Addresss 802.11 Data Payload Michael 64 Bit MIC 16 bit Data Payload 64 bit MIC 32 Bit ICV Per Frame Encryption Frame transmitted AES-CCMP (Advanced Encryption Standard) Need new hardware CCM (new mode) combines of CTR (Counter mode encryption) CBC MAC (Cipher Block Chaining-Message Authentication Code)

Summary IEEE Authentication WEP WPA TRIP WPA2(AES-CCMP),RSN(Robust Security Network) แบบฝ กห ดลองท าด

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information