Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Wireless Security Lecture 10. Information and Nework Security2 Outline n The importance of Wireless communications n Wireless networks.

Similar presentations


Presentation on theme: "Introduction to Wireless Security Lecture 10. Information and Nework Security2 Outline n The importance of Wireless communications n Wireless networks."— Presentation transcript:

1 Introduction to Wireless Security Lecture 10

2 Information and Nework Security2 Outline n The importance of Wireless communications n Wireless networks and security risks çWhy is it so hard to secure wireless communications? n Wireless communications and network security issues çWEP çWAP çBluetooth (reading) çWWAN and security (reading) n Principles for securing a wireless network çWhat need to be done to secure a wireless network?

3 Information and Nework Security3 References n http://www.practicallynetworked.com/t ools/wireless_articles_security.htm http://www.practicallynetworked.com/t ools/wireless_articles_security.htm http://www.practicallynetworked.com/t ools/wireless_articles_security.htm n http://www.cs.rice.edu/~astubble/wep/ wep_attack.pdf http://www.cs.rice.edu/~astubble/wep/ wep_attack.pdf http://www.cs.rice.edu/~astubble/wep/ wep_attack.pdf n http://www.drizzle.com/~aboba/IEEE/ http://www.drizzle.com/~aboba/IEEE/ n http://www.hpl.hp.com/personal/Jean_ Tourrilhes/Linux/ http://www.hpl.hp.com/personal/Jean_ Tourrilhes/Linux/ http://www.hpl.hp.com/personal/Jean_ Tourrilhes/Linux/ n http://www.cis.ohio- state.edu/~jain/refs/wir_refs.htm http://www.cis.ohio- state.edu/~jain/refs/wir_refs.htm http://www.cis.ohio- state.edu/~jain/refs/wir_refs.htm

4 Information and Nework Security4 n Huge growth of wireless communication devices, wireless laptops, PDA, handheld PC, Mobile phone, etc. Pictures borrowed from other authors Importance of wireless communications Growing of Wireless Devices

5 Information and Nework Security5 Wireless Networks and Mobile Commerce services Wireless services m-commerce Entertainment Music Games Graphics Video etc Communication e-mail Chatrooms Video-conferencing etc Transactions Banking Broking Shopping Auctions Betting Booking & reservations etc Information News City guides Directory services Maps Traffic & weather Corporate information etc

6 Information and Nework Security6 Wireless Communication Usage Internet revolution has lead to the emergence of e-commerce market Internet revolution has lead to the emergence of e-commerce market –Around 105 million Yahoo! subscribers in 2001 Expansion of Wireless devices has lead to the explosive growth of mobile communications Expansion of Wireless devices has lead to the explosive growth of mobile communications – More than 200 million wireless subscribers in 2001 – Around 1 billion by 2004 (estimated) Wireless & Internet convergence has lead to the explosion of the Mobile Commerce market Wireless & Internet convergence has lead to the explosion of the Mobile Commerce market – Very High number in the future!

7 Information and Nework Security7 Wireless connections End-to-End Simple Wireless LAN WNIC

8 Information and Nework Security8 Simple Wireless LAN (e.g) users Access Point

9 Information and Nework Security9 WLAN Protocol Setup Access Point Mobile Station Shared Key LAN

10 Information and Nework Security10 A Possible Wireless Network (e.g) Internet users e-businesses Internet

11 Information and Nework Security11 Example of a WLANs n Try to find out if there is a WLAN on Caulfield campus n Try to find out who else has a WLAN in Melbourne (in the city area) n Check other university campuses, hotels with conference rooms, libraries, etc.

12 Information and Nework Security12 Wireless Computing and Security n Wireless computing offers many benefits: çPortability çFlexibility çIncreased productivity çLower cost installations n Wireless computing provides new working environments and imposes new security issues. çProtecting the networks against attacks, ensuring secure data transmission, detecting and tracking down any penetration to a wireless network are difficult.

13 Information and Nework Security13 Wireless Communications and Risks n Risks çWireless technology has not advanced fast enough to allow better security mechanisms to be implemented. çCurrently wireless traffic is not secure lE.g: sensitive data may be transmitted over unsecured connections ¥Credit Card numbers ¥Corporate email ¥Usernames/passwords çExpert hackers can access wireless networks easier than wired ones çSecurity holes in wireless systems can be quickly found with the ideas and tools that have been used with wired networks

14 Information and Nework Security14 Wireless Network Security Issues n Wireless devices are “radios” and have limitations in capacity çWireless communication medium is the airwave and openly exposed to intruders çA wireless port of a wireless Local Area Network (WLAN) is logically equivalent to an Ethernet port without any protection çPossible loss of confidentiality and integrity and the thread of denial of service

15 Information and Nework Security15 Wireless LAN Security Issues (e.g) n Cracking the encryption key çReading and decrypting wireless LAN packets are not as hard as in the case of wired networks due to the key generation problems n Unauthorised accessing çAn unregistered user can easily access to a wireless LAN resource if an Access Point is not correctly configured. çThe user can also access to the main wired network via the wireless LAN n Authorised users abusing the systems, eg: çUnauthorised sniffing of other traffic by users çEavesdropping on other users traffic n Setting up phantom Access Points to gather data from genuine users n Setting up an unknown wireless LAN inside a corporation => making wired network more vulnerable

16 Information and Nework Security16 Wireless LAN Security - Background n Most Wireless Network Interface Card (WNIC) and Access Point (AP) are used for WLAN n Each WNIC or AP must be manually configured with some shared key n The sending and receiving stations/AP share a secret key n A sending station encrypts each frame before transmission n Receiving station decrypts the frame

17 Information and Nework Security17 Wireless LAN Security - 802.x, 802.11b (commercial name as WiFi),etc. n The 802.x çFamily of standards set forth by IEEE to define the specifications for wireless LANs: çWireless Medium Access Control (WMAC): lregulate access to the medium lUse 48 bits as Ethernet addresses on wired LANs çPhysical Layer Specifications lSpectrum, distance, bit rate, etc

18 Information and Nework Security18 IEEE 802.X standards Borrowed from RFC

19 Information and Nework Security19 Security problems with WLANs n Easy access: signals fly into the air n Rouge Access Point çSet up by experts or normal users n Unauthorised access to services çMajority of access points are put in services with minimum modifications to their default configuration n Denial of services çAttackers can inject traffic into a wireless network without being attached to an AP; A ping flood can be launched from a wired network to overwhelm the limited-capacity wireless devices n WMAC spoofing and session hijacking çAttackers can observe MAC addresses of stations and adopt those addresses for malicious transmissions n Traffic analysis and eavesdropping çFrame headers can be transmitted in the clear form and are visible to anybody with a wireless network analyser n Chain attacks to wired networks via a wireless one

20 Information and Nework Security20 Wireless LAN Security - WEP n Wired Equivalent Privacy (WEP) çDesigned by the IEEE aimed to prevent eavesdroppers and unauthorised connections to a wireless network çWEP tries to achieve similar security as a wired LAN lConfidentiality: protect the contents of wireless trafic lAccess Control: prevent an adversary from using your wireless network lData Integrity: prevent the modification of data in transit

21 Information and Nework Security21 Security with WEP  RC4(iv,k) n iv – the initialization vector, a random sequence of bits n k – the secret key n RC4 – a stream cipher, believed to be secure çTakes in an initialization vector and key; produces a key stream ciphertex

22 Information and Nework Security22 Security with WEP n n A secret key (k) shared between the communicating parties is distributed and each packet is encrypted with shared secret key + initialization vector (IV) [24 bits] The sender: n n Computes a checksum c(M) n n Picks an IV v, and generate a keystream RC4(v,k) n n XORs with the keystream to get the ciphertext n n Transmits v and the ciphertext over the radio link Upon receipt, the receiver: n n Uses the transmitted v and the shared k to generate the keystream RC4(v,k) n n XORs the ciphertext with RC4(v,k) to get n n Checks to see if c' = c(M') n n If it is, accepts M' as the message transmitted

23 Information and Nework Security23 WEP and Security Issues n The keystream for WEP is RC4(v,k), which depends only on v and k. k is a fixed shared secret, that is rarely changed n In many setups, many users share the same k n So the keystream depends only on v n If two packets ever get transmitted with the same value of v, you reuse the keystream, which is vulnerable n Since v gets transmitted in the clear form for each packet, an attacker can easily tell when a value of v is reused n How many possible values of v are there? v only occupies 24 bits of the header, so at most there are 2^24 n After 2^24 packets, there will be a repeat one!

24 Information and Nework Security24 Wireless LAN Security with WEP n Since IV is relatively short & shared keys that remain static, eventually WEP may use the same IV for different data packets for a large busy network in a short period of time n If you can collect enough packets based on the same IV, you can work out the secret key n 802.11 with WEP does not provide any functions that support the exchange of keys among stations => system administrators or users generally use the same keys for a long time

25 Information and Nework Security25 WEP and its Vulnerabilities n WLAN tools that recover encryption keys çExploits weakness in Key Scheduling Algorithm of RC4 çRequires 5-10 million encrypted packets çOnce enough packets have been gathered, can guess the encryption key in under a second çFor more information: lhttp://airsnort.sourceforge.net/ lhttp://wepcrack.sourceforge.net/

26 Information and Nework Security26 Wireless attacks (e.g) n Session hijacking çOccurs because of race conditions in 802.x and 802.x state machines çA hacker waits for successful authentication çThen, breaks the user’s connection and impersonates her çThe hacker can exploit the user’s session until timeout n Man-in-the-Middle çSince 802.x uses only one-way authentication a hacker can act as an AP to users çAPs are trusted entities => bad design=> security problems for WLANs

27 Information and Nework Security27 WEP and Security Concerns n 802.x with WEP is not enough n Should put more things together for security n Need another encryption protocol provide better security n Problems çNeed hardware acceleration çOptimize for speed and efficiency çTradeoff in security scheme

28 Information and Nework Security28 Wireless LAN Security – Enhanced WEP n Digital Certificates can be used for distributing keys dynamically to WLAN çSolves key re-use problem n Enhance authentication between clients and APs via an authentication server n Increase key length and change keys after a certain number of frames

29 Information and Nework Security29 Wireless Application Protocol (WAP) n WAP tries to provides çAuthentication çConfidentiality çIntegrity n WAP security gateway n Server product dedicated to providing WTLS sessions n Works with today’s WAP phones Web Server Web Server users WAP Gateway WTP/WTLS Internet HTTP/SSL

30 Information and Nework Security30 Wireless Application Protocol (WAP) n Designed to provide Internet connections for wireless users, particularly mobile phone users n Employs WML, WTLS n Uses WAP Identity Module to provide resistance to device-tampering

31 Information and Nework Security31 Wireless Application Protocol (WAP) n A WAP-enable mobile phone can execute an application that requests a URL or runs a script on a standard web server n The agent on the phone sends an URL requests to a WAP gateway in the form specified by WTP (wireless Transaction Protocol) n WAP gateway translates the request into HTTP request (if the transmission is sent using WTLS, the gateway also translates the data into HTTPS) n The gateway forwards (or encrypts then forwards) the (HTTP/HTTPS) request to the web server n Web server processes the request and returns the results to the gateway (using HTTP/SSL) n The gateway receives the results and does necessary translations (if it is not done by a WAP server) and decryptions n The gateway then sends the results to the phone

32 Information and Nework Security32 WAP Security n The security of WAP systems is left to architects and developers n WTLS does not provide end-to-end security n WAP has common limitations as other wireless technologies such as size, space, and speed. n WAP gateways are trusted to encrypt and decrypt data n WML and WML script are limited subsets of languages with known security control

33 Information and Nework Security33 How about Using PKI to Enhance Security of Wireless Environments? users e-businesses Public Key Infrastructure can be used to enhance wireless security Borrowed from Paul Ho

34 Information and Nework Security34 Problems with Using PKI to Enhance Security of Wireless Environments. n Wireless devices may not have sufficient power capacity to use PKI for security n Applications may require fast processing n Security protocols can employ private key distribution to resolve the low- computational power problem

35 Information and Nework Security35 Secure a Wireless Network Maintain a secure wireless network requires significant effort and resources and we need to: n n Develop an organisational security policy that addresses the use of all handheld devices n n Ensure users on the network are fully trained in computer security awareness and the risks associated with handheld devices n n Conduct ongoing, random security audits to monitor and track mobile devices n n Ensure external boundary protection is in place around the perimeter of the building or buildings of the organisation n n Deploy physical access controls to the building and other secure areas (e.g., photo ID, card badge readers, etc)

36 Information and Nework Security36 Secure a Wireless Network n n Label all handheld devices with the owner and organization's information n n Ensure that users know where to report a lost or stolen device n n Ensure that devices are stored securely when left unattended n n Make sure that add-on modules are adequately protected when not in use n n Enable a “power-on” password for each handheld device n n Ensure proper password management (aging, complexity criteria, etc.) for all handheld devices

37 Information and Nework Security37 Secure a Wireless Network n n Synchronise devices with its corresponding PC regularly n n Delete sensitive data from the handheld device and archive it on the PC when no longer needed on the handheld n n Turn off Infrared ports during periods of inactivity n n Install antivirus software on all handheld devices n n Install personal firewall software on all handheld devices n n Ensure that PDAs are provided with secure authorization software/firmware n n Make sure that a user can be securely authenticated when operating locally and remotely n n Use enterprise security applications to manage handheld device security n n Ensure security assessment tools are used on handheld devices

38 Information and Nework Security38 Key Security Requirements To be able to deal with wireless security problems, there are needs for: n Security from a wireless station or AP to çA wireless network çA wired network çInternet n From one wireless network to another n A global standards-based open architecture for all mobile devices is critical n Device and bandwidth independence regulations need to be enforced


Download ppt "Introduction to Wireless Security Lecture 10. Information and Nework Security2 Outline n The importance of Wireless communications n Wireless networks."

Similar presentations


Ads by Google