Scribd
Upload
26 views37 pages

Security & Authentication in WLAN: State of The Art and Evolution

This document discusses security and authentication in wireless local area networks (WLANs). It describes the evolution of WLAN security standards over time. First generation security included service set identifiers (SSIDs), Wired Equivalent Privacy (WEP), and open and shared key authentication. WEP had deficiencies due to use of static keys and RC4 encryption. IEEE 802.1X was developed to address these issues by enabling strong mutual authentication and derivation of dynamic session keys for per-user per-session encryption. It established an extensible authentication protocol (EAP) framework to support various authentication methods.

Uploaded by

dwi_nurhadi177605
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
Download as ppt, pdf, or txt
26 views37 pages

Security & Authentication in WLAN: State of The Art and Evolution

This document discusses security and authentication in wireless local area networks (WLANs). It describes the evolution of WLAN security standards over time. First generation security included service set identifiers (SSIDs), Wired Equivalent Privacy (WEP), and open and shared key authentication. WEP had deficiencies due to use of static keys and RC4 encryption. IEEE 802.1X was developed to address these issues by enabling strong mutual authentication and derivation of dynamic session keys for per-user per-session encryption. It established an extensible authentication protocol (EAP) framework to support various authentication methods.

Uploaded by

dwi_nurhadi177605
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
Download as ppt, pdf, or txt
Download as ppt, pdf, or txt
You are on page 1/ 37

Security & Authentication in WLAN

 State of the Art and Evolution

Network Architecture and Design 1


Organizations and Groups
 WECA The Wireless Ethernet Compatibility Alliance certifies
compliance with the IEEE 802.11 standards. Awards the WiFi
(Wireless Fidelity).

 IEEE 802.1X defines changes to the MAC Bridge in


order to provide Port based network access control capability.

 IEEE 802.11i defining MAC enhancements to provide


enhanced security for 802.11. This is a work in progress, and
802.1X is an important part of this. (end of 2002)

Network Architecture and Design 2


First Generation WLAN
Security
 Virtual Private Network-VPN
 Ensures privacy through encryption.
 Runs transparently over a WLAN
 Use of a VPN is independent of any native WLAN
security scheme, thus is not mentioned here.

Network Architecture and Design 3


First Generation WLAN
Security
 Service Set Identifier-SSID
 Analogous to a common network name.
 Serves to logically segment users and APs.
 Is a piece of information advertised or
preconfigured at the station.
 SSID may be requested when joining a
WLAN.
 SSID is not secure, because an AP
advertises its SSID in its beacons.

Network Architecture and Design 4


First Generation WLAN
Security
 Wired Equivalent Privacy-WEP
 Optional implementation for IEEE 802.11b.

 A WECA requirement of at least 40 bit


encryption for WiFi certification.

 Goals
 Deny access to users that do not possess the
appropriate WEP key.
 Prevent the decoding of traffic that is WEP encrypted
without the possession of the WEP key.

Network Architecture and Design 5


First Generation WLAN
Security
 Wired Equivalent Privacy-WEP
 WEP is a symmetric encryption mechanism.

 IEEE 802.11b has chosen 40-bit keys.

 Some vendors use 128-bit WEP encryption.

 Key distribution or negotiation is not mentioned


in the standard.

Network Architecture and Design 6


First Generation Process
 Authentication: Is the process of verifying the credentials
of a client desiring to join a WLAN.

 Open System Authentication: Process in


clear text.
 Shared Key Authentication: Uses a key to
encrypt a challenge text.

 Association: Is the process of associating a client with a


given AP in the WLAN.

Network Architecture and Design 7


First Generation Process
Probe Phase

2.- The APs that hear this


packet send a probe response
packet back to the station.

This probe response packet


contains some information such
as SSID, which is used to
determine which AP associate.
1.- When initialization, the
client sends a probe request
packet out on all the channels.

Network Architecture and Design 8


First Generation Process
Authentication Phase
Shared key mode.

The WEP key is already


configured in the client.

Network Architecture and Design 9


First Generation Process
Association Phase

After being authenticated, the client sends an


association request to the AP.

Network Architecture and Design 10


IEEE 802.11WEP Key
Management
 Key distribution or negotiation is not mentioned in the
standard.
 The standard provides two mechanisms to select a
key to encrypt a frame.
 Four default keys shared by all clients.

 Secure communication between users with default keys.


 Once keys become widely distributed, they are more
compromised.
‒ “Key mapping” relationship with another station.
 More secure operation since fewer stations have the
keys.
 Distribution of such unicast keys is problematic as group
increases.
Network Architecture and Design 11
WEP Deficiencies
 WEP uses RC4; using a shared secret key, generates an
arbitrarily long sequence of bytes from a pseudorandom number.
 This stream is XORed with the plaintext to
produce the encrypted ciphertext. It works well in
SSL.
 802.11b uses 40-bit keys
 Hackers can crack them in hours, but takes so
much to crack 104-bit keys.
 But…Easy to break RC4 encryption with keystream reuse.

Network Architecture and Design 12


802.11 Security Weaknesses
 Physical
 Hardware loss, without user identification,
Authentication, Accounting and Auditing.
 Impersonation
 Does not identify users, just hardware.
 No mutual authentication, enables Rogue AP’s.
 Integrity
 WEP supports per packet encryption but not
authentication.
 Possibility to recover the RC4 stream.

Network Architecture and Design 13


802.11 Security Weaknesses
 Disclosure
 Can be obtained both MAC address, time of
association/disassociation.
 Problems with static global keys.
 Secret by more than two is not a secret
 Enables rogue AP attacks.
 Permits that anyone into the network to decrypt other
conversations.
 Dictionary attacks.
 Denial of Service
 Disassociation attacks.

Network Architecture and Design 14


IEEE 802.1X
 Security in 802.11 can be broken in
 Authentication framework IEEE 802.1X
 Authentication algorithm/protocol
 Encryption

• Is a standard
–Scalable.
–Centralized Framework for Authentication.
–Deploys a variety of authentication protocols.
–Still in development.

Network Architecture and Design 15


How 802.1X Addresses 802.11
Security Issues
 Extensible Authentication Protocol-EAP
framework.
 User ID and strong authentication.
 Dynamic key derivation.
 Mutual authentication.
 Per-packet authentication.

Network Architecture and Design 16


EAP Framework
 EAP provides a flexible link layer security
framework
 Simple encapsulation protocol for IETF
authentication standards
 Transport Level Security–TLS (Windows).
 Internet Key Exchange–IKE (Certicom-Lucent).
 GSS_API (Kerberos).
 Other mutual authentications schemes (Cisco LEAP).
 Run over lossy or lossless media and any link layer
(PPP,802.3)
 Does not assume physical secure link.

Network Architecture and Design 17


EAP Architecture

Network Architecture and Design 18


Identification & Authentication
 Users identified by usernames, not MAC
addresses.
 Supports extended authentication.
 Non password based authentication.
 Public key certificates and smartcards.
 IKE
 Biometrics
 Token cards
 Password based
 One-time passwords
 Any GSS_API (Kerberos)

Network Architecture and Design 19


Per-User Per-Session Keys
 802.1X enables secure derivation of per-user
session key.
 Provides ability to securely change global
keys.
 WEP keys are dynamically derived at the client
when log-on.
 Global key, such as broadcast WEP key, is sent
from AP to client, encrypted using the unicast
session key.
 Makes per-user WEP keys easy to
administer.
Network Architecture and Design 20
Mutual Authentication
 802.1X needs EAP methods supporting
mutual authentication.
 Guarantees right key transfers
 Prevents Man-in-the-middle, Rogue Server
attacks
 Mutual Authentication EAP methods.
 TLS: Supply certificate, prove possession of
private key.
 IKE: Server demonstrates possession of pre-
shared key or private key.
 GSS_API (Kerberos):server must demonstrate
knowledge of the session key.
Network Architecture and Design 21
Per-Packet Authentication
 EAP supports per packet authentication
& integrity. But not to all messages
 TLS, IKE derive session key, with this the
negotiations are authenticated and integrity
protected.
 Using WEP, session key can be used to
encrypt, authenticate and integrity
protect some messages as:
 Success & Failure.

Network Architecture and Design 22


WLAN Security Topics Coming
 Temporal Key Integrity Protocol – TKIP
 Initially referred as WEP2. Solve the key
reuse in WEP.
 128-bit shared temporal key.
 Combines
 Temporal key
 Client’s MAC address

 Adds 16-octet initialization vector.

To produce a key to encrypt the data.


 Temporal key change every 10,000 packets.

Network Architecture and Design 23


WLAN Security Topics Coming
 Advanced Encryption Standard – AES
 AES offers much stronger encryption.
 Replaces the aging Data Encryption Standard
(DES) in NIST.
 Solves the problem of stronger encryption
needed by 802.11.
 AES requires a coprocessor (additional
hardware).
 Companies need to replace existing access
points and client NICs.
 802.11i standard will likely include AES.
Network Architecture and Design 24
Cisco Implementation
 EAP describes an extensible packet exchange to
allow the passing of authentication information
between the client and the PPP server.

 WLAN is not a PPP. 802.1X EAP over LAN (EAPOL)


defines how encapsulate EAP in Ethernet or token
ring packets.

 EAPOW – EAP over Wireless LAN, is EAPOL but


when used in wireless networks.
 Is also used EAP over Radius to encapsulate within RADIUS
packets.

Network Architecture and Design 25


Protocols used to encapsulate EAP

Network Architecture and Design 26


Cisco Implementation - LEAP
 Cisco-Lightweight Extensible Authentication Protocol.
 Aironet client adapters that supports EAP-LEAP
authentication (FW 4.10).
 Cisco Aironet Series APs supporting 802.1x EAP
authenticator (Ver 11.0).
 Secure Access Control Server used for AAA and EAP
RADIUS services (Ver 2.6 running in Win NT/2000 server).

 Lightweight because:
 Minimal support from client CPU while mutual authentication.
 Supports embedded systems (printers).
 Runs on OS without support for native EAP authentication.
 Support popular OS (Windows, Linux, MacOS).

Network Architecture and Design 27


Cisco Implementation
 The entire authentication and key distribution process
is accomplished in three phases: Start, Authenticate,
and Finish

Network Architecture and Design 28


Start Phase

Network Architecture and Design 29


Authenticate Phase
 The authenticate sequence varies based on the
mutual authentication method chosen.

 If we were using Transport Level Security (TLS) to


transfer certificates in a PKI implementation, then
EAP-TLS messages would be used.

Network Architecture and Design 30


Authenticate Phase

AP is in the middle acting solely


as a transport vehicle

Network Architecture and Design 31


Finish Phase

Network Architecture and Design 32


Finish Phase
 Both derive the session key from the user's password.
 AP sends an EAPOW-KEY message to the client
supplying the key length.
 The key value (or actual WEP key) is not sent since
the client has already derived it on its own.
 AP encrypts with the session key (unicast) a full-
length derived multicast key and sends to client.
 The client and AP activate WEP and use this session
multicast WEP key for all communications.

Network Architecture and Design 33


Tentative Applications
 Handoff
 Client is assumed authenticated.
 Just update multicast key on the adjacent AP.

 Ad Hoc Mode
 802.1x can be used.
 User credentials are stored in each station.
 New EAP method for this purpose must be
designed.

Network Architecture and Design 34


References
 Mishra A, Arbaugh W.; “An Initial Security Analysis of the IEEE 802.1X
Standard”. This article shows some weaknesses of the 802.1X
protocol.
 William A. Arbaugh, Narendar Shankar, and Y.C. Justin Wan, "Your
802.11 Wireless Network Has No Clothes“; one of the first articles that
shows the 802.11b security problems
 Nikita Borisov, Ian Goldberg, and David Wagner, "Intercepting Mobile
Communications: The Insecurity of 802.11“
 D.Simon, B. Aboba, T. Moore; IEEE 802.11 Security and 802.1X. This
presentation explains the security problems on 802.11 and how 802.1X
helps to fix them.
 Steinke Steve; “Security and 802.11 Wireless Networks”; this article
explains WEP deficiencies.
 Security for Next Generation Wireless LANs; A Cisco paper that
describes the first generation WLAN security.

Network Architecture and Design 35


References
 Scott Fluhrer, Itsik Mantin and Adi Shamir; Weaknesses in the Key
Scheduling Algorithm of RC4 , this paper presents several weaknesses
in the key scheduling algorithm of RC4 and describes their cryptanalytic
significance.
 AirSnort one of the best-known WEP cracking tools, which employs the
RC4 weaknesses to attack WLAN networks. AirSnort recovers
encryption keys, operates by passively monitoring transmissions,
computing the encryption key when enough packets have been
gathered.
 Wireless LAN at Risk: An article that tells how easy can be to access a
WLAN if even the minimal wireless security basics and precautions are
not taken into account.
 Sean Whalen, Analysis of WEP and RC4 Algorithms; This paper
explains briefly the WEP encryption mechanism and some ways to
crack it.
Network Architecture and Design 36
End of Ninth Lecture

Network Architecture and Design 37

You might also like