Скачать презентацию WLANs Security Why wireless Standards 802 11 Скачать презентацию WLANs Security Why wireless Standards 802 11

7a2ecdca3552415ce2ddc19f5b9ca713.ppt

  • Количество слайдов: 8

WLANs & Security Why wireless? Standards 802. 11 b (802. 11) - up to WLANs & Security Why wireless? Standards 802. 11 b (802. 11) - up to 11 Mbps, several hundred feet 802. 11 g - up to 54 Mbps, backward compatible, same frequency 802. 11 a - up to 54 Mbps, emerging standard bluetooth - 1 Mbps Security Issues - to be continued. . . Legal & Social Issues owns the bandwidth? - who

802. 11 Crash Course What does the AP do? Where are the vulnerabilities? Station 802. 11 Crash Course What does the AP do? Where are the vulnerabilities? Station (radio) - protocols rely communicationupon media access control (MAC) addresses - packets are called MPDUs these include a frame sequence number and CRC-32

802. 11 Security Wired Equivalent Privacy - optional (WEP) - based on challenge and 802. 11 Security Wired Equivalent Privacy - optional (WEP) - based on challenge and response protocol

Premise: Challenge and Response verify the correctness of a password without sending it Exchange Premise: Challenge and Response verify the correctness of a password without sending it Exchange Given: - two systems (client & server) that share a symmetric key - a server that “knows” the password 1. . client requests password from user 3. . server uses password to encrypt challenge 5. . client uses user-supplied password to encrypt the challenge 6. . the user’s password is correct iff the encrypted challenge identical to the response Note: Many systems use this protocol - e. g. Windows Web site authentication

802. 11 Security Wired Equivalent Privacy - optional (WEP) - based on challenge and 802. 11 Security Wired Equivalent Privacy - optional (WEP) - based on challenge and response protocol - uses RC 4 (symmetric) algorithm - uses 24 -bit nonce (challenge) per packet (called initialization vector (IV) - note that WEP does not specify any way to obtain shared keys

802. 11 Security Problems Identity - identity of a package is based upon the 802. 11 Security Problems Identity - identity of a package is based upon the client MAC address - open source drivers typically permit user to alter MAC addresses Access Control (two 1) relies upon alternatives) an access control list in the AP - these are stored by MAC address 2) “closed network” - use proprietary mechanism based upon a shared “secret” string that is broadcast in cleartext within management frames. Authentication (two 1) open system - AP permits everyone to authenticate alternatives) 2) challenge & response between station and AP 2001 - RC 4 is found to be vulnerable to attack given millions of cleartext - ciphertext pairs The RC 4 attack on WEP is automated with publicly released tools.

Current 802. 11 “Solutions” 1) place WLAN outside firewalls 2) use virtual private networks Current 802. 11 “Solutions” 1) place WLAN outside firewalls 2) use virtual private networks (VPN) Note that VPNs work with IP-based protocols, but WLANs rely upon MAC-based protocol.

Future 802. 11 Standards (in progress) Temporary Key Integrity Protocol - will (TKIP)arrive in Future 802. 11 Standards (in progress) Temporary Key Integrity Protocol - will (TKIP)arrive in the form of firmware & driver patched (when released) - message integrity code (MIC) included to eliminate forgeries - packet sequencing rules changed to prohibit replay attacks - a per packet key mixing function used to prevent key cracking - TKIP is a patch for WEP CCMP - uses a 48 -bit IV, instead of 24 bits used by WEP - uses AES, instead of RC 4 - uses larger MIC than TKIP - intended as eventual replacement for TKIP