Wireless Security Ian Bodley.

Slides:

Advertisements

Similar presentations

Wireless Security By Robert Peterson M.S. C.E. Cryptographic Protocols University of Florida College of Information Sciences & Engineering.

Advertisements

Your Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

1 MD5 Cracking One way hash. Used in online passwords and file verification.

Wireless Security David Wagner University of California, Berkeley.

WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

COMP4690, HKBU1 Security of COMP4690: Advanced Topic.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.

How To Not Make a Secure Protocol WEP Dan Petro.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID

Wired Equivalent Privacy (WEP)

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

RC4 1 RC4 RC4 2 RC4  Invented by Ron Rivest o “RC” is “Ron’s Code” or “Rivest Cipher”  A stream cipher  Generate keystream byte at a step o Efficient.

Foundations of Network and Computer Security J J ohn Black Lecture #34 Dec 5 th 2007 CSCI 6268/TLEN 5831, Fall 2007.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

The Final Nail in WEP’s Coffin Andrea Bittau, Mark Handley – University College London Joshua Lackey - Microsoft CPS372 Gordon College.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

Security – Wired Equivalent Privacy (WEP) By Shruthi B Krishnan.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Mobile and Wireless Communication Security By Jason Gratto.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

CSC-682 Advanced Computer Security

CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.

Wireless Networking.

A History of WEP The Ups and Downs of Wireless Security.

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

Intercepting Mobile Communications: The Insecurity of Nikita Borisov Ian Goldberg David Wagner UC Berkeley Zero-Knowledge Sys UC Berkeley Presented.

NSRI1 Security of Wireless LAN ’ Seongtaek Chee (NSRI)

CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

3DES and Block Cipher Modes of Operation CSE 651: Introduction to Network Security.

Wired Equivalent Privacy (WEP): The first ‘confidentiality’ algorithm for the wireless IEEE standard. PRESENTED BY: Samuel Grush and Barry Preston.

無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.

Intercepting Mobiles Communications: The Insecurity of ► Paper by Borisov, Goldberg, Wagner – Berkley – MobiCom 2001 ► Lecture by Danny Bickson.

WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.

WEP – Wireless Encryption Protocol A. Gabriel W. Daleson CS 610 – Advanced Security Portland State University.

Encryption Protocols used in Wireless Networks Derrick Grooms.

1 Wireless Threats 1 – Cracking WEP Cracking WEP in Chapter 5 of Wireless Maximum Security by Peikari, C. and Fogie, S.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.

How To Not Make a Secure Protocol WEP Dan Petro.

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.

Doc.: IEEE /230 Submission May 2001 William Arbaugh, University of MarylandSlide 1 An Inductive Chosen Plaintext Attack against WEP/WEP2 William.

WLAN Security1 Security of WLAN Máté Szalay

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

Wireless LAN Security Daniel Reichle Seminar Security Protocols and Applications SS2003.

หัวข้อบรรยาย Stream cipher RC4 WEP (in)security LFSR CSS (in)security.

1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.

Module 48 (Wireless Hacking)

Wireless Protocols WEP, WPA & WPA2.

Security and Wireless LANs

ANALYSIS OF WIRED EQUIVALENT PRIVACY

Wireless Privacy: Analysis of Security

CSE 4905 WiFi Security I WEP (Wired Equivalent Privacy)

An Inductive Chosen Plaintext Attack against WEP/WEP2

Symmetric-Key Encryption

Inaugural meeting (for Hasheem: that means ‘the first meeting’

Intercepting Mobile Communications: The Insecurity of

By: Anthony Gervasi & Adam Dickinson

Presentation transcript:

Wireless Security Ian Bodley

Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits Protection

Wireless vs. Wired Accessibility The main difference between wired and wireless is obviously the need for a physical connection to a network. The creates many attractive advantages for corporations and institutions, yet unless properly manages, exposes these networks to anyone with a wireless card. For instance, any of us could sit outside of this building and have wireless access to it.

Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits Protection

WEP Overview Wireless Equivalent Privacy (WEP) 802.11's optional encryption standard implemented in the MAC Layer that most radio network interface card (NIC) and access point vendors support. If a user activates WEP, the NIC encrypts the payload (frame body and checksum) of each 802.11 frame before transmission using an RC4 stream cipher provided by RSA Security. The receiving station, such as an access point or another radio NIC, performs decryption upon arrival of the frame. As a result, 802.11 WEP only encrypts data between 802.11 stations. Once the frame enters the wired side of the network, such as between access points, WEP no longer applies.

WEP Overview Plaintext frame data M concatenated with checksum c(M) Wireless node M Per packet initialization vector IV (24 bits) prepended to secret key to create the packet key M . c(M) RC4 cipher initialized using the packet key IV . k IV: a sequence of random bytes appended to the front of the packet key. Adding the IV to the beginning eliminates the possibility of having the initial ciphertext block the same for any two messages. Few things to note here: the packets will all be encrypted differently due to the presence of the IV, creates a random aspect to the data stream for each packet RC4 Cipher Output bytes of cipher are exclusive-ored with checksummed plaintext C=(M . c(M)) ◦ RC4(IV . K) Access Point

Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits Protection

Vulnerabilities Human Error Short IVs Static keys WEP Configuration Large networks reuse IVs every hour Static keys No support to change keys When transmitting messages having a common beginning, such as the "FROM" address in an e-mail, the beginning of each encrypted payload will be equivalent when using the same key. After encrypting the data, the beginnings of these frames would be the same, offering a pattern that can aid hackers in cracking the encryption algorithm In stream ciphers, it is unsafe to use the same key twice. But WEP's small IV almost guarantees keystream reuse. Manually-configured LANs cannot to change the key often enough to avoid reuse.

Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits Protection

Exploits Fluhrer, Mantin, and Shamir Inductive Cryptanalytic attack (pattern recognition) Capture enough WEP frames, compare streams to determine secret key Inductive Discover message by modifying a captured frame When transmitting messages having a common beginning, such as the "FROM" address in an e-mail, the beginning of each encrypted payload will be equivalent when using the same key. After encrypting the data, the beginnings of these frames would be the same, offering a pattern that can aid hackers in cracking the encryption algorithm 802.11 frames carry IP packets containing a large amount of known plaintext. This lets an attacker recover a partial keystream for every packet. Building up hints, an attacker eventually discovers the entire keystream. CRC lets the receiver verify that the frame was not modified in transit, an attacker can sniff a valid 802.11b frame, set the destination IP address to his own, adjust the CRC to cover his tracks, and transmit the modified frame to the AP. If the AP operates as an Internet gateway, it will decrypt the packet and deliver the plaintext to the attacker's PC

Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits Protection

Protection Mapping table of MACs Firewalls Second level of encryption firewalls to restrict the flow of packets from wireless APs to appropriate destinations

Thank You!