Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.

Similar documents
Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Particularities of security design for wireless networks in small and medium business (SMB)

Wireless security. Any station within range of the RF receives data Two security mechanism

WIRELESS SECURITY IN (WI-FI ) NETWORKS

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points.

Chapter 2 Wireless Networking Basics

How To Secure Your Network With 802.1X (Ipo) On A Pc Or Mac Or Macbook Or Ipo On A Microsoft Mac Or Ipow On A Network With A Password Protected By A Keyed Key (Ipow)

Security in IEEE WLANs

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Wireless Technology Seminar

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal

WIRELESS NETWORK SECURITY

Wireless Robust Security Networks: Keeping the Bad Guys Out with i (WPA2)

The Importance of Wireless Security

HP E-M110 Access Point Series. Product overview. Key features. Data sheet

Chapter 2 Configuring Your Wireless Network and Security Settings

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No.

Implementing Security for Wireless Networks

Certified Wireless Security Professional (CWSP) Course Overview

The next generation of knowledge and expertise Wireless Security Basics

Symm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2

CS549: Cryptography and Network Security

How To Secure Wireless Networks

Chapter 6 CDMA/802.11i

ALL Mbits Powerline WLAN N Access Point. User s Manual

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

How To Secure A Wireless Network With A Wireless Device (Mb8000)

Chapter 3 Safeguarding Your Network

Huawei WLAN Authentication and Encryption

EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE i (WPA2)

Lecture 3. WPA and i

Configuring Security Solutions

Recommended Wireless Local Area Network Architecture

Network Access Security. Lesson 10

HP ProCurve Wireless Access Point 10ag Overview

Wireless Network Standard and Guidelines

CS 356 Lecture 29 Wireless Security. Spring 2013

CISCO WIRELESS SECURITY SUITE

Agenda. Wireless LAN Security. TCP/IP Protocol Suite (Internet Model) Security for TCP/IP. Agenda. Car Security Story

NXC5500/2500. Application Note w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015

WiFi Security: Deploying WPA/WPA2/802.1X and EAP in the Enterprise

Wireless Networking Basics. NETGEAR, Inc Great America Parkway Santa Clara, CA USA

Wireless Security for Mobile Computers

Potential Security Vulnerabilities of a Wireless Network. Implementation in a Military Healthcare Environment. Jason Meyer. East Carolina University

Developing Network Security Strategies

EPI-3601S Wireless LAN PCI adapter Version 1.2 EPI-3601S. Wireless LAN PCI Adapter. (802.11g & b up to 108 Mbps) User Manual. Version: 1.

Authentication in WLAN

How To Get A Power Station To Work With A Power Generator Without A Substation

WI-FI VS. BLUETOOTH TWO OUTSTANDING RADIO TECHNOLOGIES FOR DEDICATED PAYMENT APPLICATION

CSC574: Computer and Network Security

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security

Security in Wireless Local Area Network

Application Note: Onsight Device VPN Configuration V1.1

How To Use The Cisco Aironet 1240G Series For A Wireless Network (Wired) And For A Wired Network (Wireless)

QuickSpecs. Models. Features and Benefits Mobility. ProCurve Wireless Edge Services zl Module. ProCurve Wireless Edge Services zl Module Overview

Advanced Security Issues in Wireless Networks

Wireless VPN White Paper. WIALAN Technologies, Inc.

How To Manage An Wireless Network At A University

A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS

Wi-Fi in Healthcare:

Wireless LAN Access Point. IEEE g 54Mbps. User s Manual

EAP350 EAP350. Long Range Ceiling Mount Access Point PRODUCT OVERVIEW

Computer Networks. Secure Systems

Network Security Best Practices

Link Layer and Network Layer Security for Wireless Networks

Wireless Security with Cyberoam

CS 336/536 Computer Network Security. Summer Term Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

A Dynamic Extensible Authentication Protocol for Device Authentication in Transport Layer Raghavendra.K 1, G. Raghu 2, Sumith N 2

Setting up a WiFi Network (WLAN)

UNIK4250 Security in Distributed Systems University of Oslo Spring Part 7 Wireless Network Security

USER GUIDE Cisco Small Business

WLAN Authentication and Data Privacy

ClickShare Network Integration

A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2)

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

WLAN - Good Security Principles. WLAN - Good Security Principles. Example of War Driving in Hong Kong* WLAN - Good Security Principles

Wireless Ethernet LAN (WLAN) General a/802.11b/802.11g FAQ

SSI. Commons Wireless Protocols WEP and WPA2. Bertil Maria Pires Marques. Dez Dez

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Key Hopping A Security Enhancement Scheme for IEEE WEP Standards

HP M n Access Point Configuration and Administration Guide

Wireless Encryption Protection

Wi-Fi Client Device Security and Compliance with PCI DSS

A Division of Cisco Systems, Inc. Wireless A/G. USB Network Adapter. User Guide WIRELESS WUSB54AG. Model No.

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN

ENHWI-N n Wireless Router

How To Protect A Wireless Lan From A Rogue Access Point

Transcription:

Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003

Key Challenges For Healthcare Wireless Migrating to standard implementations to protect investment and growth Understanding cellular, WLAN, and WWAN interference on medical monitoring and dispensing equipment Designing implementations to achieve coverage without undue attenuation Establishing security controls for confidentiality, integrity, and availability HIPAA Finding authentication solutions not just for users and devices, but also for code & content Integrating wireless into the communications and computing infrastructure and application base Understanding the trade-offs between ease of use and form factors, devices, and media controls 1

Wireless Security Landscape Many projects approved without regard for security Even without a formal wireless project, still need to address wireless threats (e.g. rouge Access Points) HIPAA is forcing security plans for all types of networks Wireless threat is significant since passive interception makes detection difficult to impossible Immature standards are rapidly evolving Growing body of Best Practices to benchmark against 2

802.11 802.11 Standards 802.11 The original WLAN Standard. Supports 1 Mbps to 2 Mbps. 802.11a High speed WLAN standard for 5 Ghz band. Supports 54 Mbps. 802.11b WLAN standard for 2.4 Ghz band. Supports 11 Mbps. 802.11e Address quality of service requirements for all IEEE WLAN radio interfaces. 802.11f Defines inter-access point communications to facilitate multiple vendor-distributed WLAN networks. 802.11g Establishes an additional modulation technique for 2.4 Ghz band. Intended to provide speeds up to 54 Mbps. Includes much greater security. 802.11h Defines the spectrum management of the 5 Ghz band for use in Europe and in Asia Pacific. 802.11i Address the current security weaknesses for both authentication and encryption protocols. The standard encompasses 802.1X, TKIP, and AES protocols. 3

Original 802.11 Security Service set identifier (SSID) A simple code that identifies the WLAN. Clients must be configured with the correct SSID to access their WLAN. Media access control (MAC) MAC address filtering restricts WLAN access to computers that are on a list you create for each access point on your WLAN. Wired equivalent privacy (WEP) Encryption and authentication scheme that protects WLAN data streams between clients and access points (AP) This was discovered to have flaws. 4

WEP Flaws Two basic flaws undermined its use for protection against other than the casual browser - eavesdropper No defined method for encryption key refresh or distribution Pre-shared keys were set once at installation and rarely if ever changed Use of RC4 which was designed to be a one-time cipher not intended for multiple message use But because the pre-shared key is rarely changed, same key used over and over Attacker monitors traffic and finds enough examples to work out the plaintext from message context With knowledge of the cipertext and plaintext, can compute the key 5

Encryption WEP Flaw Takes about 10,000 packets to discover the key Large amounts of known data is the fastest way of determining as many keystreams as possible The information may be as innocuous as the fields in the protocol header or the DNS name query Monitoring is passive so undetectable Simple tools and instructions freely available to spit out the key Legal experts postulate this type of monitoring may not be illegal 6

Other Problems SSID (service set identifier) Identifies the 802.11 devices that belong to a Basic Service Set (BSS). A BSS is analogous to a LAN segment in wired terms SSID is meant as a method to identify what Service Set you want to communicate with; not as a security layer authentication Even when using WEP, the SSID remains fully visible Some mgfr even allow the WLAN cards to poll for the SSID and self configure 7

Other Problems MAC (media access control) Possible to restrict access by MAC address on many AP (access points) by means of an ACL All standards compliant NIC cards, including WLAN cards, should have unique MAC, some software allow this address to be spoofed Spoofing Wireless Is easy Unlike internet devices which have routing issues to overcome, IP addresses of wireless devices can be manually changed at will Some networks systems serve up the IP address dynamically 8

Improved Security Standards 802.1x Authentication (2001) WPA (Wi-Fi Protected Access) (2002) 802.11i (2003-4) 9

802.1X Authentication and EAP 802.1X Framework to control port access between devices, AP, and servers Uses Extensible Authentication Protocol (EAP) (RFC 2284) Uses dynamic keys instead of the WEP authentication static key Requires mutual authentication protocol User s transmission must go thru WLAN AP to reach authentication server performing the authentication Permits number of authentication methods RADIUS is the market de facto standard 10

EAP Types EAP-TLS (RFC 2716) EAP is extension of PPP providing for additional authentication methods TLS provides for mutual authentication and session key exchange Negotiated mutual key becomes Master-Key for 802.11 TKIP Requires client & server certificates (PKI based) Deployed by Microsoft for its corporate network Shipping in Windows 2000 and XP 11

Other EAP Types EAP-TTLS Tunneled TLS -- -- uses two TLS sessions Outer--TLS session with Server certificate for server authentication Inner Inner--TLS session using certificates at both ends and password Protects user s identity from intermediary entities PEAP Similar to EAP-TTLS, but only allows EAP for authentication Server authentication via Server certificate User s password delivered through SSL protected channel Session continues when user s password verified Client-side certificate optional 12

WPA Interim 802.11 Security Wi-Fi Protected Access (WPA) Interim Solution between WEP and 802.11i Plugs holes in legacy 802.11 devices; typically requires firmware or driver upgrade, but not new hardware Subset of the 802.11i and is forward compatible Sponsored by the Wi-Fi Alliance Will require WPA for current certifications Support announced by Microsoft, Intel, others Agere Atheros Athnel Colubris Funk Sftw Intesil Proxim Resonext TI 13

WPA Improves WEP encryption Based on TKIP protocol and algorithm Changes the way keys are derived Refreshes keys more often Adds message integrity control to prevent packet forgeries Benefits Encryption weakness improved but not solved Some concern that TKIP may degrade WLAN performance without hardware accelerator But protects current device investment Will be available sooner than 802.11i 14

WPA Works similarly to 802.1X authentication Both Clients and AP must be WPA enabled for encryption to and from 802.1X EAP server Key in a pass phrase (master key) in both client and AP If pass phrase matches, then AP allows entry to the network Pass phrase remains constant, but a new encryption key is generated for each session 15

TKIP Temporal Key Integrity Protocol Quick fix to overcome the the reuse of encryption key problem with WEP Combines the pre-shared key with the client s MAC and and larger IV to ensure each client uses different key stream Still uses WEP RC4, but changes temporal key every 10K packets Mandates use of MIC (Michael) to prevent packet forgery Benefits Uses existing device calculation capabilities to perform the encryption operations Improves security, but is still only a short-term fix 16

New 802.11i Security Addresses the main problems of WEP and Shared-Key Authentication Temporal Key Integrity Protocol (TKIP) Message Integrity Control ~ Michael AES Encryption replacement for RC4 Robust Security Network (RSN) Require new wireless hardware Ratification ~ YE 2003 17

Robust Security Network RSN uses Dynamic Negotiation For authentication and encryption algorithms between AP and client devices Authentication is based on 802.1X and EAP AES Encryption 18

How RSN Works 1. 2. 3. Client Access Point WLAN Switch Ethernet Switch RADIUS Server 4 1. Client sends request for association and security negotiation to AP, which forward to WLAN switch. 2. WLAN switch passes request to Authentication Server (RADIUS). 3. RADIUS authenticates client. 4. Switch and client initiate 4 way key negotiation to create unique session key. Switch pushes key, which is AES encrypted to AP. AES encrypts all data traffic. 19

Final Words 802.11 is truly useful technology Wireless networking will continue to expand As the networking standards change so will the security issues Network security specialists need to understand wireless networking; and vice versa Start evaluating and deploying new security standards SANS Institute Information Security Reading Room http://www.sans.org/rr/wireless/ NIST Wireless Network Security http://csrc.nist.gov/publications/drafts/draft-sp800-48.pdf 20

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information