1. 1. Introduction In this presentation, we will review 802.11,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace Radius Server and avoid denial of services in Wireless LANs.

2. 2. Overview 802.11 2.1 802.11 state machine

3. 2.2 introduction of 802.11 802.11 frame management frame or data frame Security WEP protocol and a Shared key authentication Confidentiality Access control Data integrity

4. 2.3 The WEP protocol The wired equivalent privacy (WEP) protocol is used in 802.11 networks to protect link-level data during wireless transmission. Under the WEP, communicating parties rely on a shared authentication key (represented by k) to protect the transmission data. The general procedures are involve encryption and decryption.

5. encryption · Plain text generation The plain text consists of raw message and the checksum of the raw message. Assuming M represents raw message, c(M) is the checksum of the raw message. The plain text P is represented by the following formula: P = (M. (c(M))

6. · Encryption: Plaintext P is encrypted using RC4. We choose an initialization vector (simplified as IV in the following context) represented by v. The RC4 algorithm generates a keystream which is denoted by RC4(v, k) as a function of the v and the security key k. Then, we get the ciphertext-C. C= P xor RC4(v, k) · Transmission: Finally, we transmit the IV and the ciphertext over the radio link.

7. The decryption part is defined as follows. The recipient simply reverses the encryption process. The recipient generates the keystream RC4(v, k) and XORs it against the ciphertext to recover the initial plaintext: P ’ = C xor RC4(v,k)=(P xor RC4(v,k)) xor RC4(v,k) = P

8. 2.3 Shared Key Authentication All the clients will share the same authentication key k.

9. 2.4 The problem with WEP and Shared key Authentication Encrypting two messages under the same IV and authentication key can reveal information about both messages. For example, C1 = P1 xor RC4(v,k) C2 = P2 xor RC4(v,k) C1 xor C2 = (P1 xor RC4(v,k)) xor (P2 xor RC4(v,k)) = P1 xor P2

10. 2.5 Other Security issues in 802.11 · No per-packet authentication · Vulnerability to disassociation attacks · No user identification and authentication · No central authentication, authorization, accounting · RC4 stream cipher vulnerable to known plaintext attack · Some implementations derive WEP keys from passwords · No support for extended authentication · Key management issues · Re-key of global keys · No dynamic per-STA key management

11. 3. The 802.1x solution Port-based access control mechanism defined by IEEE Works on anything, wired and wireless Access point must support 802.1x No special WIC requirements Allows choice of authentication methods using EAP Chosen by peers at authentication time Access Point doesn ’ t care about EAP methods Manages keys automatically No need to preprogram WICs

12. 3.1 Extensible authentication protocol(EAP) Link-layer security framework Simple encapsulation protocol for authentication mechanisms Runs over any link layer No built-in security Doesn ’ t assume physically security link Authentication methods must incorporate their own security EAP allows choice of authentication methods

13. 3.2 EAP architecture

14. 3.3Principal of operation of 802.1x

15. 3.4 802.1x over 802.11

16. 3.5 802.11/802.1x state machine

17. 3.6 Problems with 802.11/802.1x Man-in-Middle attack

18. Session Hijacking

19. 3.7 Denial of services attacks EAPOL Logoff EAP-Start, EAP-Failure Message spoofing MAC disassociation Large number of associate requests

20. 3.8 Our solution Central Server and mobile agent