Presentation is loading. Please wait.

Presentation is loading. Please wait.

IEEE 802.11 Wireless Local Area Networks (WLAN’s).

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "IEEE 802.11 Wireless Local Area Networks (WLAN’s)."— Presentation transcript:

1 IEEE 802.11 Wireless Local Area Networks (WLAN’s)

2 Two modes of operation: 2. Infrastructure Mode Clients and stations. Stations – Computers with NIC (Network Interface Cards) and Access Points (APs) 1. Ad-Hoc Mode The clients communicate directly with each other. No mediation is needed.

3 Communication With APs 3 stages: 1. Unauthenticated and Unassociated. 2. Authenticated and Unassociated. 3. Authenticated and Associated.

4 IEEE 802.11  WEP for security  Challenge/Response with symmetric key for authentication Wireless Protocols IEEE 802.1X  WEP for security  EAP for authentication

5 WEP- Wired Equivalent Privacy  Link layer security protocol.  Secures IEEE 802.11 communications.  Based upon RC4 stream cipher encryption system, with symmetric key.

6 RC4 Shared Secret key Original text CRC32 Encrypted text IV clear IV Initialization vector RC4 Original text Shared Secret key IV Initialization vector Encrypted text IV clear CRC 40 bits64 bits 24 bits IV used 40 bits64 bits WEP protocol

7 Security problems in WEP  During the years, a lot of security problems have been discovered in WEP.  We will discuss the most important of those problems, which is known as the “IV Collisions” problem.

8 IV Collisions  Every once in a while, an IV gets reused.  C1 = P1  RC4(v,k)  C2 = P2  RC4(v,k)

9 IV Collisions (2) We get the following equation: C1  C2 = (P1  RC4(v,k))  (P2  RC4(v,k)) XOR is associative, and therefore: C1  C2 = P1  P2

10 WEP security is better than no security at all, but not by much The Bottom line

11 The Problem EAP assumes a secured connection to work with

12 Problems over an unsecured connection  Snooping the user ID  Forging / changing EAP packets  Denial of service  Offline dictionary attack  Man-in-the-middle  Authentication method downgrading attack  Breaking a weak key

13 Man-in-the-middle A B E MD5 EAP Request H(ID || KEY || R) EAP Failure H(ID || KEY || R) EAP Success

14 Possible Solutions  Mutual authentication  Cryptographic connection between authentication methods  Using a limited number of unsecured authentication methods  Preferring one strong method over a large number of weak ones.

15 Possible Solutions (2)  Using authentication method that derives a symmetric key, prevents replay attack and promises message integrity  The authentication method should be safe against dictionary attack

16 One method has all the above advantages:

17 Quick summary of TLS CCS Application Handshake protocol Alert Record Protocol TCP

18 Quick summary of TLS (2) Client Server TCP three-way handshake Client Hello Server Hello CA Certificate Server done Client Key Exchange Enc (Pub(s), ) Both sides perform a known calculation to derive the Master Key

19 Quick summary of TLS (3) Client Server CCS (ID) FIN MAC authentication of all former messages CCS (ID) FIN MAC authentication of all former messages Data transfer (encrypted by the Master Key)

20 EAP - TLS Code Identifier Length Type Flags TLS message length TLS Data

21 EAP –TLS (2) Peer Authenticator EAP Request EAP Response EAP Request, type = EAP-TLS EAP Response, type = EAP-TLS EAP Request, type = EAP-TLS

22 EAP-TLS (3) Peer Authenticator EAP Response, type = EAP-TLS EAP Request, type = EAP-TLS EAP Response, type = EAP-TLS EAP Success / EAP Failure

23 Session resumption  The SessionID field in the TLS Client Hello Message should be the same as the ID of the session to return to.  The authenticator sends EAP request with TLS Server Hello, TLS CCS (using the former session CCS ID), and TLS FIN.  The peer sends EAP response with TLS CCS using the same ID, and TLS FIN.  The protocol continues as in the standard EAP-TLS.

24 Session resumption (2) Advantages of session resumption:  Quick renewal of connections.  Handling roaming in WLAN.

25 Key Derivation PRF1 = PRF (Master Secret, "Client EAP Encryption", Random ) PRF2 = PRF ("", "Client EAP Encryption", Random) PRF1 is 128 bytes long. PRF2 is 64 bytes long.

26 Key Derivation (2) PRF1 Client’s ENC KeyServer’s ENC KeyClient’s Auth KeyServer’s Auth Key 0 32 6496128 PRF2 Client’s IV Server’s IV 0 32 64

27 Fragmentation  The first fragment raises the L, M and S flags. The total TLS message length is also included.  All other fragments, except the last, raise the M flag. The identification field in the EAP header increases by 1 with each fragment.  Every EAP with a TLS fragment is responded by an EAP packet with no data as an Ack.

Download ppt "IEEE 802.11 Wireless Local Area Networks (WLAN’s)."

Similar presentations

Web security: SSL and TLS

Web security: SSL and TLS
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Your 802.11 Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.

Your Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
How To Not Make a Secure Protocol 802.11 WEP Dan Petro.

How To Not Make a Secure Protocol WEP Dan Petro.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.

0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.

Similar presentations

Ads by Google