Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © 2002, Cisco Systems, Inc. WLAN Standards and Security Solutions Dan Cusick Mobility Marketing Manager Cisco Systems, Inc.

Published byEvelyn Bradley Modified over 8 years ago

Similar presentations

Presentation on theme: "1 © 2002, Cisco Systems, Inc. WLAN Standards and Security Solutions Dan Cusick Mobility Marketing Manager Cisco Systems, Inc."— Presentation transcript:

1 1 © 2002, Cisco Systems, Inc. WLAN Standards and Security Solutions Dan Cusick Mobility Marketing Manager Cisco Systems, Inc. dcusick@cisco.com

2 2 © 2002, Cisco Systems, Inc. Agenda 802.11 standards activities Wireless LAN Security – Authentication and Encryption Security Enhancements Future trends

3 3 © 2002, Cisco Systems, Inc. Wireless Technologies PAN (Personal Area Network) LAN (Local Area Network) WAN (Wide Area Network) MAN (Metropolitan Area Network)PANLANMANWANStandardsBluetooth802.11HiperLAN2802.11 MMDS, LMDS GSM, GPRS, CDMA, 2.5-3G Speed < 1Mbps 11 to 54 Mbps 11 to 100+ Mbps 10 to 384Kbps RangeShortMediumMedium-LongLong ApplicationsPeer-to-PeerDevice-to-Device Enterprise networks T1 replacement, last mile access PDAs, Mobile Phones, cellular access

4 4 © 2002, Cisco Systems, Inc. WLAN “Alphabet Soup”: IEEE 802.11 Standards Activities 802.11a:5GHz, 54Mbps 802.11b:2.4GHz, 11Mbps 802.11d:Multiple regulatory domains 802.11e:Quality of Service (QoS) 802.11f:Inter-Access Point Protocol (IAPP) 802.11g:2.4GHz, 54Mbps 802.11h:Dynamic Frequency Selection (DFS) and Transmit Power Control (TPC) 802.11i:Security

5 5 © 2002, Cisco Systems, Inc. 802.11a 5 GHz, 54 Mbps, OFDM technology Data rates supported: 54, 48, 36, 24, 12, and 6 Mbps Can “downshift” to lower data rates for longer range 802.11a products now available Worldwide compatibility issues for 5 GHz band Effort underway to allow 802.11a operation in European countries Long-term: Worldwide usage with adoption of Transmit Power Control (TPC) and Dynamic Frequency Selection (DFS) per 802.11h standard 5 GHz band has more channels than 2.4 GHz band UNII-1 + UNII-2 = 8 non-overlapping channels (vs. 3 channels for 2.4GHz) 5 GHz band subject to less interference than 2.4 GHz ISM band However, 2.4GHz interference not a major problem in most business environments

6 6 © 2002, Cisco Systems, Inc. Europe 19 Channels (*assumes no antenna gain) 1W200mW Understanding the 5 GHz Spectrum 5.155.355.4705.7255.825 5 GHz UNII Band 5.25 UNII-1: Indoor Use, antenna must be fixed to the radio UNII-2: Indoor/Outdoor Use, fixed or remote antenna UNII-3: Outdoor Bridging Only (EIRP limit is 52 dBm if PtP) UNII-1 40mW (22 dBm EIRP) UNII-2 200mW (29 dBm EIRP) US (FCC) 12 Channels (*can use up to 6dBi gain antenna) UNII-3 800mW (35 dBm EIRP) 4 Channels *if you use a higher gain antenna, you must reduce the transmit power accordingly 4 Channels 11 Channels

7 7 © 2002, Cisco Systems, Inc. 802.11g 2.4 GHz, up to 54 Mbps, OFDM/CCK technology Preliminary draft standard submitted Dec. 2001; currently on 802.11g draft standard v3.0 Goal: Full forward/backward compatibility with 802.11b Provide upgrade path & investment protection for 802.11b users The coming of 802.11g “future proofs” 802.11b purchases today Initial SOHO 802.11g products released 54 Mbps enterprise-class 802.11g products expected 2 nd half of 2003

8 8 © 2002, Cisco Systems, Inc. 802.11 Positioning 5GHz - 802.11a 54Mbps Higher expected throughput than 802.11g 8 channels for indoor use (allows “honeycomb” network deployment) 12 channels total Global Acceptance 5 GHz band has less interference 2.4GHz - 802.11b & g 11Mbps  36Mbps  54Mbps 3 channels Worldwide 802.11g is forward-and-backward compatible with 802.11b Easy upgrade path to 802.11g 802.11b has advantages on cost, size, & power consumption, so will continue to be popular, especially with PDA’s, phones Both frequency bands will be successful!

9 9 © 2002, Cisco Systems, Inc. Agenda 802.11 standards activities Wireless LAN Security – Authentication and Encryption Security Enhancements Future trends

10 10 © 2002, Cisco Systems, Inc. Wireless LAN (WLAN) Wireless LAN Security Issues Issue Wireless sniffer can view all WLAN data packets Anyone in AP coverage area can get on WLAN 802.11 WEP Solution Encrypt all data transmitted between client and AP Without encryption key, user cannot transmit or receive data Wired LAN Goal: Make WLAN security equivalent to that of wired LANs (Wired Equivalent Privacy) clientaccess point (AP)

11 11 © 2002, Cisco Systems, Inc. TKIP and AES Limitations of 802.11 WEP Security Shared, static WEP keys No centralized key management Poor protection from variety of security attacks No effective way to deal with lost or stolen adapter Possessor has network access Re-keying of all WLAN client devices is required No mutual authentication Lack of integrated user administration Need for separate user databases; no use of RADIUS Potential to identify user only by device attribute like MAC address Inherent weaknesses in RC4-based WEP keys 802.1X WPA

12 12 © 2002, Cisco Systems, Inc. “Business Class” Security: 802.11i Task Group Recommendations Mutual Authentication Dynamic Session Key Message Integrity Check (MIC) Temporal Key Integrity Protocol (TKIP) —Per-packet Key Hashing —Initialization Vector Sequencing —Rapid Re-Keying Future —Stronger encryption schemes such as AES

13 13 © 2002, Cisco Systems, Inc. 802.1X/EAP Advantages for 802.11i Part of 802.11i draft Mutual authentication Supports various authentication types Encryption keys dynamically derived after authentication Centralized policy control, scalable, user based authentication

14 14 © 2002, Cisco Systems, Inc. 802.1X-based: Mutual Authentication RADIUS server authenticates client Client authenticates RADIUS server Derive key Derive key Mutual Authentication is required to prevent rogue clients (e.g. in the parking lot) from accessing your network, AND to prevent rogue AP’s from “stealing” data from your clients Client Enterprise Network RADIUS Server Access Point AP blocks all requests until authentication completes

15 15 © 2002, Cisco Systems, Inc. 802.1X Authentication Types LEAP (EAP Cisco Wireless) –User authentication via user ID and password –Supports Windows, CE, Linux, Mac OS, and DOS –Aggressive licensing program by Cisco to other vendors EAP-TLS (EAP-Transport Layer Security) –User authentication via client certificates and server certificates –Supported in XP and soon other Windows versions PEAP (Protected EAP) –User authentication via user ID and password or OTP –Supported by Cisco Aironet client adapters and by Microsoft in various Windows versions –Uses server-side TLS, which requires only server certificates EAP-TTLS –User authentication via user ID and password or OTP –Supported by Funk Software’s Odyssey –Uses server-side TLS

16 16 © 2002, Cisco Systems, Inc. 802.1X/LEAP Mutual Authentication client AP RADIUS server Start identity AP blocks all requests until authentication completes identity RADIUS server authenticates client Request identity Client authenticates RADIUS server Derive key Derive key Mutual Authentication is required to prevent rogue clients (e.g. in the parking lot) from accessing your network, AND to prevent rogue AP’s from “stealing” data from your clients

17 17 © 2002, Cisco Systems, Inc. PEAP Authentication Use server-side EAP-TLS to authenticate RADIUS server… user- supplied token user database …and build SSL-encrypted tunnel Use tunnel to authenticate user via token, OTPassword, or other data PEAP sets up a secure, encrypted tunnel between client and RADIUS server

18 18 © 2002, Cisco Systems, Inc. WEP: AirSnort “Weak IV” Attack Attack is based on Fluhrer/Mantin/Shamir paper Initialization vector (IV) is 24-bit field that changes with each packet RC4 Key Scheduling Algorithm creates IV from base key Flaw in WEP implementation of RC4 allows creation of “weak” IVs that give insight into base key More packets = more weak IVs = better chance to determine base key To break key, hacker needs 100,000-1,000,000 packets IVencrypted data WEP frame dest addrsrc addr

19 19 © 2002, Cisco Systems, Inc. TKIP: WEP Key Hashing IVbase key RC4 stream cipher plaintext data encrypted data RC4 stream cipher IVbase key hash Because packet key is hash of IV and base key, IV no longer gives insight into base key XOR packet keyIV no key hashingkey hashing

20 20 © 2002, Cisco Systems, Inc. WEP: Bit-Flipping and Replay Attack Hacker intercepts WEP-encrypted packet Hacker flips bits in packet and recalculates ICV CRC32 Hacker transmits to AP bit-flipped frame with known IV Because CRC32 is correct, AP accepts, forwards frame Layer 3 device rejects and sends predictable response AP encrypts response and sends it to hacker Hacker uses response to derive key (stream cipher) message XOR plain text 1234 stream cipher XXYYZZ cipher text XOR 1234 stream cipher message predicted plain text

21 21 © 2002, Cisco Systems, Inc. Message Integrity Check (MIC) IVencrypted data dest addr WEP frame stream cipher XOR Sender adds MIC to packet stream cipher XOR Recipient examines MIC; discards packet if MIC is not intact src addr MICseq #plaintextICV MICseq #plaintextICV

22 22 © 2002, Cisco Systems, Inc. Agenda 802.11 standards activities Wireless LAN Security – Authentication and Encryption Security Enhancements Future trends

23 23 © 2002, Cisco Systems, Inc. WPA = “Wi-Fi Protected Access” WPA = 802.1X + TKIP WPA requires authentication & encryption 802.1X authentication choices include LEAP, PEAP, TLS Industry suppliers are strong supporters of WPA Builds on 802.1X and TKIP, similar to what Cisco has been supporting since December 2000 Widespread adoption of WPA will remove the “security cloud” from the WLAN industry WPA is as secure as Cisco’s current security offering, WPA will become accepted as the standard WPA compliance is needed for Wi-Fi certification of new products beginning in August 2003 Cisco AP currently being tested for use as a WPA reference platform at the Wi-Fi Plugfest

24 24 © 2002, Cisco Systems, Inc. 4 Security Profiles Virtual Private Network (VPN) No WEP and Broadcast Mode Public Access Open Access 40-bit and 128-bit Static Encryption Key Telecommuter & SOHO Basic Security Dynamic Encryption Key Scalable Key Managem’t Mutual 802.1x/EAP Authentication TKIP/WPA Mid-Market and Enterprise Enhanced Security Public Network Security Special Apps./ Business Traveler

25 25 © 2002, Cisco Systems, Inc. Firewall Enterprise High Speed Hotel/Airport Wireless Secure Intranet Using VPN Remote Access Security using VPN Internet

26 26 © 2002, Cisco Systems, Inc. VPN for 802.11 Access Pros Familiar In use in most organizations Makes WLAN and remote access UIs consistent Trusted for authentication and privacy Supports central security management Ensures 3DES encryption from client to concentrator Compatible with Aironet and other WLAN products Cons Cost: Requires VPN concentrators behind APs Performance: Encryption is done in software on client Roaming: Roaming between VPN concentrators forces application restarts QoS: All traffic is IPSec traffic; no QoS, multicast, or multiprotocol support) Clients: Not supported on phones, scanners, or other specialized devices

27 27 © 2002, Cisco Systems, Inc. Client Differentiation without VLANs SSID: phone Security: WEP SSID: laptop Security: PEAP, TKIP SSID: pda Security: LEAP, CKIP Channel: 11 SSID: phone VLAN: 3 802.1Q wired network w/ VLANs Channel: 6 SSID: pda VLAN: 2 Channel: 1 SSID: laptop VLAN: 1

28 28 © 2002, Cisco Systems, Inc. Client Differentiation with VLANs SSID: phone Security: WEP SSID: laptop Security: PEAP, TKIP SSID: pda Security: LEAP, CKIP Channel: 6 SSID laptop = VLAN 1 SSID pda = VLAN 2 SSID phone = VLAN 3 802.1Q wired network w/ VLANs

29 29 © 2002, Cisco Systems, Inc. Firewall Internet Data Center Simplified L2 VLAN’s Access Points Firewall to Protect Network Services

30 30 © 2002, Cisco Systems, Inc. Wireless LAN Security Architecture IEEE 802.1x/EAP –Standard network protocol that makes wireless networking as secure as wired. Encryption – Enhancements to WEP with TKIP secure all data transmissions Dynamic Session Keys Key hashing to prevent weak IV’s Message Integrity Check Authentication – Network access is blocked until mutual authentication complete Selection of authentication type derived from mobile application and devices (TLS, PEAP, LEAP,…) VLANs - users can segment traffic and offer differentiated services and policies to different user groups WPA – WiFi Protected Access Standard encryption architecture based on TKIP to be supported as a WECA test standard in August ’03

31 31 © 2002, Cisco Systems, Inc. Agenda 802.11 standards activities Wireless LAN Security – Authentication and Encryption Security Enhancements Future trends

32 32 © 2002, Cisco Systems, Inc. Momentum Continues in Deploying Wireless LANs Wireless LANs are an “addictive” technology Strong commitment to Wireless LANs by technology heavy-weights –Cisco, IBM, Intel, Microsoft Embedded market is growing –Laptop PC’s with “wireless inside” –PDA’s are next The WLAN market is expanding from Industry-Specific Applications, to Universities, Homes, & Offices

33 33 © 2002, Cisco Systems, Inc. Future Trends Enterprise wireless applications begin to explode Availability of notebooks with imbedded wireless PDA’s, Web Pads, Phones w/ 802.11 Dual band (802.11a/b/g) supported Widespread availability of 802.11 access VLAN’s in the enterprise common areas Franchise locations offering wireless access Service Providers offering wireless access in the public venue Mobile worker staying connected at work, home and on the road! Multiple Authentication types to be supported in the Enterprise

34 34 © 2002, Cisco Systems, Inc.

Download ppt "1 © 2002, Cisco Systems, Inc. WLAN Standards and Security Solutions Dan Cusick Mobility Marketing Manager Cisco Systems, Inc."

Similar presentations

Security concerns in Wireless LAN Guðbjarni Guðmundsson.

Security concerns in Wireless LAN Guðbjarni Guðmundsson.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – 802.11b  Security Mechanisms in 802.11b  Security Problems in 802.11b  Solutions for 802.11b.

無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
Wireless Security Chi-Shu Ho, Raymond Chi CS265 Cryptography and Computer Security SJSU November 18, 2003.

Wireless Security Chi-Shu Ho, Raymond Chi CS265 Cryptography and Computer Security SJSU November 18, 2003.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—1-1 Wireless LAN Introduction Olga Torstensson Halmstad University.

© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—1-1 Wireless LAN Introduction Olga Torstensson Halmstad University.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 Security Olga Torstensson Halmstad University.

© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 Security Olga Torstensson Halmstad University.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Wi-Fi the 802.11 Standard and Security. What is Wi-Fi? Short for wireless fidelity. It is a wireless technology that uses radio frequency to transmit.

Wi-Fi the Standard and Security. What is Wi-Fi? Short for wireless fidelity. It is a wireless technology that uses radio frequency to transmit.

Similar presentations

Ads by Google