Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Security Ian Bodley.

Published by정윤 운 Modified over 5 years ago

Similar presentations

Presentation on theme: "Wireless Security Ian Bodley."— Presentation transcript:

1 Wireless Security Ian Bodley

2 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

3 Wireless vs. Wired Accessibility
The main difference between wired and wireless is obviously the need for a physical connection to a network. The creates many attractive advantages for corporations and institutions, yet unless properly manages, exposes these networks to anyone with a wireless card. For instance, any of us could sit outside of this building and have wireless access to it.

4 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

5 WEP Overview Wireless Equivalent Privacy (WEP)
802.11's optional encryption standard implemented in the MAC Layer that most radio network interface card (NIC) and access point vendors support. If a user activates WEP, the NIC encrypts the payload (frame body and checksum) of each frame before transmission using an RC4 stream cipher provided by RSA Security. The receiving station, such as an access point or another radio NIC, performs decryption upon arrival of the frame. As a result, WEP only encrypts data between stations. Once the frame enters the wired side of the network, such as between access points, WEP no longer applies.

6 WEP Overview Plaintext frame data M concatenated with checksum c(M)
Wireless node M Per packet initialization vector IV (24 bits) prepended to secret key to create the packet key M . c(M) RC4 cipher initialized using the packet key IV . k IV: a sequence of random bytes appended to the front of the packet key. Adding the IV to the beginning eliminates the possibility of having the initial ciphertext block the same for any two messages. Few things to note here: the packets will all be encrypted differently due to the presence of the IV, creates a random aspect to the data stream for each packet RC4 Cipher Output bytes of cipher are exclusive-ored with checksummed plaintext C=(M . c(M)) ◦ RC4(IV . K) Access Point

7 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

8 Vulnerabilities Human Error Short IVs Static keys WEP Configuration
Large networks reuse IVs every hour Static keys No support to change keys When transmitting messages having a common beginning, such as the "FROM" address in an , the beginning of each encrypted payload will be equivalent when using the same key. After encrypting the data, the beginnings of these frames would be the same, offering a pattern that can aid hackers in cracking the encryption algorithm In stream ciphers, it is unsafe to use the same key twice. But WEP's small IV almost guarantees keystream reuse. Manually-configured LANs cannot to change the key often enough to avoid reuse.

9 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

10 Exploits Fluhrer, Mantin, and Shamir Inductive
Cryptanalytic attack (pattern recognition) Capture enough WEP frames, compare streams to determine secret key Inductive Discover message by modifying a captured frame When transmitting messages having a common beginning, such as the "FROM" address in an , the beginning of each encrypted payload will be equivalent when using the same key. After encrypting the data, the beginnings of these frames would be the same, offering a pattern that can aid hackers in cracking the encryption algorithm frames carry IP packets containing a large amount of known plaintext. This lets an attacker recover a partial keystream for every packet. Building up hints, an attacker eventually discovers the entire keystream. CRC lets the receiver verify that the frame was not modified in transit, an attacker can sniff a valid b frame, set the destination IP address to his own, adjust the CRC to cover his tracks, and transmit the modified frame to the AP. If the AP operates as an Internet gateway, it will decrypt the packet and deliver the plaintext to the attacker's PC

11 Overview Wireless vs. Wired WEP Overview Vulnerabilities Exploits
Protection

12 Protection Mapping table of MACs Firewalls Second level of encryption
firewalls to restrict the flow of packets from wireless APs to appropriate destinations

13 Thank You!

Download ppt "Wireless Security Ian Bodley."

Similar presentations

Wireless Security By Robert Peterson M.S. C.E. Cryptographic Protocols University of Florida College of Information Sciences & Engineering.

Wireless Security By Robert Peterson M.S. C.E. Cryptographic Protocols University of Florida College of Information Sciences & Engineering.
Your 802.11 Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.

Your Wireless Network has No Clothes CS 395T William A. Arbaugh, Narendar Shankar, Y.C. Justin Wan.
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Wireless Security David Wagner University of California, Berkeley.

Wireless Security David Wagner University of California, Berkeley.
WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.

WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
COMP4690, HKBU1 Security of 802.11 COMP4690: Advanced Topic.

COMP4690, HKBU1 Security of COMP4690: Advanced Topic.
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
How To Not Make a Secure Protocol 802.11 WEP Dan Petro.

How To Not Make a Secure Protocol WEP Dan Petro.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
RC4 1 RC4 RC4 2 RC4  Invented by Ron Rivest o “RC” is “Ron’s Code” or “Rivest Cipher”  A stream cipher  Generate keystream byte at a step o Efficient.

RC4 1 RC4 RC4 2 RC4  Invented by Ron Rivest o “RC” is “Ron’s Code” or “Rivest Cipher”  A stream cipher  Generate keystream byte at a step o Efficient.
Foundations of Network and Computer Security J J ohn Black Lecture #34 Dec 5 th 2007 CSCI 6268/TLEN 5831, Fall 2007.

Foundations of Network and Computer Security J J ohn Black Lecture #34 Dec 5 th 2007 CSCI 6268/TLEN 5831, Fall 2007.
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
The Final Nail in WEP’s Coffin Andrea Bittau, Mark Handley – University College London Joshua Lackey - Microsoft CPS372 Gordon College.

The Final Nail in WEP’s Coffin Andrea Bittau, Mark Handley – University College London Joshua Lackey - Microsoft CPS372 Gordon College.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

Similar presentations

Ads by Google