Presentation is loading. Please wait.

Presentation is loading. Please wait.

802.1x What it is, How it’s broken, and How to fix it.

Similar presentations

Presentation on theme: "802.1x What it is, How it’s broken, and How to fix it."— Presentation transcript:

1 802.1x What it is, How it’s broken, and How to fix it.
Bruce Potter The Shmoo Group Practitioner, not researcher Talk will focus on the operational impact of 802.1x, not the low level technical breakdown.

2 Drive 12 miles to work in Northern VA, much of it through un-developed land.
In Sept, there were 12 AP’s. In May there were 50.

3 Why Wireless? No cable plant Enhanced mobility Ad hoc relationships
Lower cost (initially… TCO may be higher) Rapid deployment Enhanced mobility Ad hoc relationships Many different requirements talk about TCO

4 Why Not Wireless No physical security Low throughput
Unregulated, noisy bands Snooping raw packets is trivial

5 802.11, b, etc. IEEE standard – based on well known Ethernet standards – FHSS or DSSS, WEP, 2.4 GHz, Infrastructure (BSS) or Ad-Hoc (iBSS) Limited to 2Mb/s due to FCC limits on dwell times per frequency hop 802.11b – DSSS only, WEP, 2.4 GHz, Infrastructure or Ad-Hoc Up to 11Mb/s Also known as Wi-Fi 802.11a and g

6 An Association Associations are a basic part of 802.11
Client Requests authentication AP responds with auth type (Open/WEP) Authentication is performed If successful, then Association is requested and granted SSID is sent in the clear, so not advertising SSID is NOT a valid security mechanism

7 General Principles Deal with the basics
Integrity Protecting your packets from modification by other parties Confidentiality Keeping eavesdroppers within range from gaining useful information Keeping unauthorized users off the network Free Internet! Risks to both internal and external network Availability Low level DoS is hard to prevent Like any other environment, there are no silver bullets

8 Current Security Practices
WEP –Wired Equivalent Privacy Link Level Very Broken Firewalls/MAC Filtering Reactionary – IDS/Active Portal Higher level protocols

9 WEP In a Nutshell 40 bits of security == 64 bits of marketing spam.
Not just encryption, also rudimentary authentication of AP’s and clients.

10 Thoughts on WEP Key management beyond a handful of people is impossible Too much trust Difficult administration Key lifetime can get very short in an enterprise No authentication for management frames No per packet auth False Advertising!!!

11 What is Lacking? Scalability Protection for all parties
Many clients Large networks Protection for all parties Eliminate invalid trust assumptions

12 802.1x Port based authentication for all IEEE 802 networks (layer 2 authentication) Originally for Campus networks Extended for wireless Allows for unified AAA services Provides means for key transport NOT A WIRELESS PROTOCOL!!! Does not specify means for key transport

13 May not be Access Point… Originally it was a wired switch.

14 Pre-Authentication State

15 Post-Authentication State

16 EAP Extensible Authentication Protocol Originally designed for PPP
Shoehorned into 802.1x Switch/Access point is a pass through for EAP traffic. New authentication mechanisms do not require infrastructure upgrades LEAP – Cisco’s Lightweight EAP Password based and (relatively) widely available De facto mechanism between AS and AServ is RADIUS


18 EAP Methods EAP-TLS: Uses certs! If implemented properly, solves many problems TTLS – Tunneled TLS. Allows encapsulation of other auth mechanisms. “machine” auth’d by TLS, person by the tunneled protocol PEAP – IETF Draft Like TTLS but with another EAP method encapsulated TLS/TTLS and others require certs We all have a PKI setup, right? and use it properly and regularly?

19 What’s Right Protection of the infrastructure
Authentication mechanism can change as needed address flaws in existing wireless security Lightweight No encapsulation, no per packet overhead… simply periodic authentication transactions

20 What’s Right In controlled environment, risks can be mitigated by higher level protocols VPN/SSL/SSH NOTE: exchange of WEP key material is not part of 802.1x specification Remember: designed for wired campus networks

21 What’s Right Association happens BEFORE 802.1x transaction.
Good: If 802.1x session is protected by default WEP key then the attacker must first compromise the WEP key to make use of 802.1x vulns Bad: Key management anyone? Just how does the default key get there?

22 What’s Wrong
First Open source supplicant First holes in 802.1x One way authentication Less of a concern in LAN environment Traffic Interception Session Highjacking

23 What’s Wrong – Technical
One way Authentication Gateway authenticates the client Client has no explicit means to authenticate the Gateway Rouge gateways put client at risk Remember – the loudest access point wins Still no Authentication of management frames (assoc/deassoc/beacons/etc…) Some EAP methods provide mutual authentication… but it’s not a requirement.

24 What’s Wrong - Technical
MITM Send “Authentication Successful” to client Client associates with malicious AP Hijacking Send deassociation message to client… AP is in the dark Change MAC to client and have live connection

25 What’s Wrong – Technical
RADIUS uses shared secret with the Authenticator Same issue as WEP, but on a more reasonable scale Authentication after association presents roaming problems Authentication takes a non-trivial amount of time… can disrupt data in transit Failure of RADIUS server == failure of network Many AP implementations don’t allow multiple RADIUS servers Most RADIUS server failover is non-transparent

26 What’s Wrong – touchy feely
They forgot about the client (trust assumptions) Everyone is ask risk Everyone is a threat Lack of physical security requires encrypted channel to secure 802.1x Wired “port” is not the same as wireless “port” Protocol designed to not require hardware replacement Leads to less than stellar solution, esp WRT authentication of management frames.

27 What’s Wrong – touchy feely
Extensibility leads to complexity Complexity leads to mistakes in implementation Read the MS Guide on create EAP methods as an example. Multivendor support is difficult Using a shoehorn to force protocols to work together leads to problems

28 Why Did it Go Wrong? 802.1x – Designed for Campus networks
EAP – Designed for PPP NEITHER designed with wireless threat model in mind Lesson: Don’t apply old protocols to new problems without understanding the risk.

29 Where Are We Today? Several 802.1x implementations available
Windows XP (not PocketPC 2002) EAP implementations Windows IAS FreeRADIUS – MD5 and TLS Cisco Other RADIUS servers NOTE: highest risk applications don’t have 802.1x – Pocket PC2k

30 Where Are We Today? 802.1x capable Access Points Cisco Lucent
RG1000/RG1100 can be hacked with AP500 firmware to become 1x capable Some drawbacks OS authenticator from others

31 What’s Next Integration of existing solutions to “raise the bar”
Limited 802.1x implementations 802.11i (Task Group I – Security) On track… the right track Mutual auth, per packet auth 802.1x a part of

32 What’s Next WEP has the right idea
End to End Solutions ala SSL, SSH, IPSec Not likely PocketPC2k2 doesn’t have a robust cert infrastrucuture.

33 Temporal Key Integrity Protocol
Fast Packet Keying Packet MAC Dynamic Rekeying Key distribution via 802.1x 3Q product deployment Still RC4 based to be backward compatible AES with 802.1x keying in the distant future

34 Questions

Download ppt "802.1x What it is, How it’s broken, and How to fix it."

Similar presentations

Ads by Google