Presentation is loading. Please wait.

Presentation is loading. Please wait.

IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

Published byBaby Cusson Modified over 9 years ago

Similar presentations

Presentation on theme: "IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005"— Presentation transcript:

1 IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005 http://www.maccabe.org/index.php/Phil_MacCabe:BYU_Information_Technology

2 Overview ● Introduction – The Need for a New Standard – WEP, WPA, TKIP and other alphabet soup ● Wi-Fi Protected Access 2 (WPA2) – Four Way Handshake – Group Key Handshake

3 Obsolete Wireless Security ● Wired Equivalent Privacy (WEP) – Stream Cipher RC4 for Confidentiality – CRC-32 Checksum for Integrity – 64 bit WEP = 40 bit key + 24 bit Initialization Vector (IV) – Exploits can recover key in a few hours from more than a mile away – Is optional, therefore not always turned on – Has no Key Management, rather a single shared key – 2005, FBI demonstrated cracking WEP in less than 3 min.

4 Stopgap Security ● Wi-Fi Protected Access (WPA) – Runs on legacy hardware – Wi-Fi Alliance's solution until a standard could be formed, and new hardware made ● Temporal Key Integrity Protocol (TKIP) – Per Packet Key Mixing – Message Integrity Code – Re-keying Mechanism – Hashes IV to prevent related key attack ● This was intended to be replaced by IEEE 802.11i (WPA2)

5 IEEE 802.11i ● Draft Standard Approved on 24 July 2004 ● Uses Advanced Encryption Standard (AES) block cipher ● Designed for use on top of 802.1X authentication i.e. Extensible Authentication Protocol (EAP) and an authentication server ● Robust Security Network (RSN) ● Counter-Mode/CBC-Mac Protocol (CCMP) is AES-based encyption providing confidentiality, integrity, and origin authentication

6 Counter-Mode Encryption

7 Cipher Block Chaining

8 Attacks & Errors

9 Four Way Handshake ● After EAP authentication the AP still needs to authenticate itself to the client station (STA). ● Keys still need to be derived ● EAP provides Pairwise Master Key (PMK) ● This handshake creates a Pairwise Transient Key (PTK) ● PMK+Anonce+Snonce+AP MAC Address+STA MAC Address  Hash Algorithm  PTK ● Nonce are random throwaway numbers

10 Four Way Handshake

11 PTK is split into 3 keys ● EAPOL-Key Confirmation Key (KCK) – For generating MIC for packets ● EAPOL-Key Encryption Key (KEK) – Provides confidentiality for packets ● Temporal Key (TK) – Used to encrypt actual wireless traffic

12 Group Key Handshake ● Group Transient Key (GTK) is used by all devices on network ● Updated after a certain time limit or when a device leaves the network ● Allows devices to receive broadcast and multicast packets ● Update Process – AP sends out new GTK using each station's PTK – STA acknowledges the new GTK and responds – A MIC is used to prevent tampering

13 Pre-Shared Key Mode ● Designed for home and small office use ● Replaces 802.1X EAP server with a passphrase used to access the network ● Susceptible to password cracking

Download ppt "IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005"

Similar presentations

Chapter 07 Designing and Implementing Security for WLAN

Chapter 07 Designing and Implementing Security for WLAN
CN8816: Network Security 1 Security in Wireless LAN 802.11i Open System Authentication Security Wired Equivalent Privacy (WEP) Robust Security Network.

CN8816: Network Security 1 Security in Wireless LAN i Open System Authentication Security Wired Equivalent Privacy (WEP) Robust Security Network.
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.

Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
WEP and 802.11i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.

WEP and i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
15 November 2004 1 Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
WLAN security S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

Similar presentations

Ads by Google