Antti Miettinen (modified by JJ) WLAN Security Antti Miettinen (modified by JJ)

What is WLAN? A wireless data communication system implemented as an extension to, or alternative for, a wired local area network. Operates at uncontrolled ISM (Industrial, Scientific and Medical) band 28.2.2019

What is WLAN? (cont.) Standards by IEEE for 802.11 802.11 First standard, up to 2Mbps@2.4Ghz 802.11a Accepted standard, up to 54Mbps@5GHz 802.11b Accepted standard, up to 11Mbps@2.4GHz 802.11d MAC Enhancements for wider use of 802.11 28.2.2019

What is WLAN? (cont.) Standards by IEEE for 802.11 (cont.) 802.11e MAC Enhancements for Quality of Service 802.11f Recommended Practice for Inter Access Point Protocol = Roaming & hand over 802.11g Accepted standard, up to 54Mbps@2.4Ghz 802.11i Improved WEP and EAP (802.1X) 28.2.2019

What is WLAN? (cont.) Standards by ETSI HiperLAN/1 23,5Mbps@5GHz published 1999 HiperLAN/2 54Mbps@5Ghz (http://www.hiperlan2.com/) Asynchronous data communication Support for QoS (real-time voice & video) support Transmit Power Control and Dynamic Frequency Selection (required in Europe at 5GHz) Uses 56 bit to 168 bit key encryption (DES) 28.2.2019

WLAN structure Two possibility, either ad-hoc or Access Point BSS or ESS ad-hoc network IBSS IBSS: Independent Basic Service Set (ad hoc BSS: (Infrastructure) Basic Service Set ESS: Extended Service Set AP: Access Point Access Point network Fix to: http://www.comlab.hut.fi/opetus/423/2002/9 28.2.2019

802.11 WLAN security features DSSS (Direct sequence Spread Spectrum) Isn’t very secure, although theoretically it could be a good security feature. AP transmits the hop sequence in plain. ESSID (Extended Service Set Identifier) By default all stations are broadcasting ESSID Can be passively received, when legitimate user associates with Access Point WEP (Wired Equivalent Privacy) By default is turned off Includes flaws (AirSnort attack: collect weak initialization vectors) MAC-address controlled authorization to Access Point MAC-address is easy to spoof (command line) 28.2.2019

WEP Goals Includes security flaws! Access control: To prevent unauthorized users who lack a correct WEP key from gaining access to the network. Privacy: To protect wireless LAN data streams by encrypting them and allowing decryption only by users with the correct WEP keys. Includes security flaws! 28.2.2019

WEP Authentication Access request by client Challenge text sent to client by AP Challenge text encoded by client using a shared secret then sent to AP If challenge text encoded properly AP allows access else denied 28.2.2019

WEP (cont.) Based on symmetric RC4-encryption algorithm Support 40bit and 104bit encryption All clients and AP’s in wireless network share the same encryption key (weakness) No protocol for encryption key distribution (weakness) Initialization Vector (IV) transmitted in the clear (weakness) 28.2.2019

WEP overview A master key k0 (either 40 or 104 bits) is shared between two parties wishing to communicate a priori. Each 802.11 packet (header|data) is then protected by: An integrity check field IC = h(header|data) A random initialization vector (IV) The master key and IV are used to generate a keystream using RC4 in stream cypher mode k = RC4(k0, IV) The data and IC are then encrypted by this keystream Ek(m) = m  k 28.2.2019

WEP packet header data IC RC4 generated keystream header IV encrypted random packet = header | IV | Ek(data | IC) 28.2.2019

Possible Attacks War-driving, war-walking etc. Monitoring Moving around the city and scanning the WLANs Many of the WLANs are without protection! (about in 50% of present WLANs WEP isn’t enabled) Usually used to find networks, not to penetrate them Monitoring Just listening the traffic 28.2.2019

Possible Attacks (cont.) DOS-attack Use high power 2,45Ghz (or 5GHz) signal generator for instance, a microwave oven Send continuous streams of CLS (clear-to-send) frames to a fictitious user Legitimate users won’t be able to access the medium Send deassociate frame in name of others (MAC-address can be faked) It is possible! Take the Access Point down! 28.2.2019

Possible Attacks (cont.) Man-in-the-middle attack If WEP is used, the secret key must first be solved Set up fake Access Point No authentication required (from Access Points) Legitimate users change their Access Point to yours, if it has better SNR. You can e.g. deassociate them from the real Access Point. 28.2.2019

Why is WLAN still used? It is fast and easy to set up It supports mobility Reduced installation time and costs compared with cable Broadband connection, up to 54Mbps 28.2.2019

Transmission rate (kbit/s) WLAN is fast 100 000 Fixed LAN 50 000 802.11a, 802.11g and HiperLAN2 10 000 802.11b/WiFi Transmission rate (kbit/s) 1000 500 Bluetooth Bluetooth UMTS GPRS 50 GSM Walking speed Driving speed Stationary 28.2.2019 Source: Public Wireless LAN Access: A Threat to Mobile Operators, Analysys Research, 2001

How to check security of your WLAN-network? AirSnort (http://airsnort.shmoo.com/) For Linux and Windows Recovers encryption keys Operates by passively WEPCrack (http://wepcrack.sourceforge.net/) Open source tool for breaking 802.11 WEP secret keys For Linux only 28.2.2019

How to check security of your WLAN-network? Other software: Netstumbler (http://www.netstumbler.com/) Only for Windows Dstumbler (http://www.dachb0den.com/projects/dstumbler.html) Only for Linux Kismet (http://www.kismetwireless.net/) 28.2.2019

WLAN security To Be Continued… 28.2.2019