Presentation is loading. Please wait.

Presentation is loading. Please wait.

March 2005 1R. Smith - University of St Thomas - Minnesota QMCS 490 - Class Today Wireless LANsWireless LANs Wireless LAN Security/CryptoWireless LAN Security/Crypto.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "March 2005 1R. Smith - University of St Thomas - Minnesota QMCS 490 - Class Today Wireless LANsWireless LANs Wireless LAN Security/CryptoWireless LAN Security/Crypto."— Presentation transcript:

1 March 2005 1R. Smith - University of St Thomas - Minnesota QMCS 490 - Class Today Wireless LANsWireless LANs Wireless LAN Security/CryptoWireless LAN Security/Crypto

2 March 2005 2R. Smith - University of St Thomas - Minnesota 802 Protocol in general Traditionally evolved from EthernetTraditionally evolved from Ethernet –Unreliable (unACKed, unchecksummed) –Broadcast between nearby stations –As fast and cheap as possible Ethernet: CSMA/CDEthernet: CSMA/CD –Detect ‘free’ channel; detect collisions –Exponential backoff Wireless (802.11): CSMA/CAWireless (802.11): CSMA/CA –All stations can’t always hear each other; CD isn’t practical –Wireless is noisier than Ethernet; more dropped packets –Impractical to completely ignore reliability

3 March 2005 3R. Smith - University of St Thomas - Minnesota 802.11 Protocol Virtual Carrier SenseVirtual Carrier Sense –Send “RTS” to ask for permission to send Gives source, destination, and duration of “real” transmissionGives source, destination, and duration of “real” transmission –If no other traffic, recipient sends back CTS –Then sender sends the actual data –Recipient sends an ACK Collisions most likely during RTSCollisions most likely during RTS –They’re very short messages, reduce collision risk –Other stations see the RTS/CTS, wait to transmit till done Packets are smaller on 802.11 than EthernetPackets are smaller on 802.11 than Ethernet –Big packets are more likely to be corrupted by noise

4 March 2005 4R. Smith - University of St Thomas - Minnesota Hooking Up Base StationsBase Stations –May serve as ‘Access Point’ (AP) - Provide a link to a ‘backbone’ – i.e. Internet access “Service Sets”“Service Sets” –“Basic Service Set” (BSS) – Environment where everyone is within range of a single base station –“Extended Service Set” (ESS) – where two or more base stations are connected via a common backbone to provide more coverage (I do this at home) Service Set ID (“SSID”)Service Set ID (“SSID”) –That magic text string that pops up from a base station and identifies the service set you’re in (default ‘linksys’ on many)

5 March 2005 5R. Smith - University of St Thomas - Minnesota Link Layer Security Typical policies (write on board)Typical policies (write on board) –Only members of the group get to use the link layer –Outsiders can’t eavesdrop –“Practical” to use (i.e. really easy) Wired versus WirelessWired versus Wireless –Wired link layer security is mostly about physical access Question: can guests hook into the LAN?Question: can guests hook into the LAN? –A policy issue not answered above –Someone needs to decide, and how enforcable is it? –Wireless link layer needs encryption Question: who gets access keys? Another policy issueQuestion: who gets access keys? Another policy issue

6 March 2005 6R. Smith - University of St Thomas - Minnesota Link Level encryption: properties/features Red/Black separationRed/Black separation –Everything that goes out is encrypted –Everything inside is cleartext Good algorithm; good keysGood algorithm; good keys –A problem with older wireless (we’ll see later) –Good keys = over 100 bits –Good algorithm = AES, maybe triple DES (slower) Protect against replay & rewrite attacksProtect against replay & rewrite attacks –Duplicates must be detectable: packet serial numbers, etc. –Cryptographic checksum that outsiders can’t forge –Good stream cipher or block mode –Random data to confound “known plaintext” attacks

7 March 2005 7R. Smith - University of St Thomas - Minnesota How much is really protected? We protect link level crypto...We protect link level crypto... We transfer data across the Internet...We transfer data across the Internet... How much is protected?How much is protected? How much is unprotected?How much is unprotected? What security goals do we meet?What security goals do we meet?

8 March 2005 8R. Smith - University of St Thomas - Minnesota IP Routing and Link Encryption We strip off the crypto before routingWe strip off the crypto before routing Non-secure optionNon-secure option –Hook the front door to the link encryptor –Hook the back door to an unprotected Internet link –Nothing prevents sensitive data from spilling onto the Internet Medium secure optionMedium secure option –Establish a “secure area” on the network –Link encryptor connects directly to the secure area –External Internet access is heavily firewalled/filtered Super Secure OptionSuper Secure Option –Keep all TCP/IP traffic inside protected areas –Don’t link to the global Internet Sensitive data can’t leak without a connectionSensitive data can’t leak without a connection

9 March 2005 9R. Smith - University of St Thomas - Minnesota Wireless Security: What To Do We can turn off SSID broadcastWe can turn off SSID broadcast We can filter on MAC addressesWe can filter on MAC addresses –If a device wants to connect, its link layer address must match one on the ‘approved’ list, or not be on the ‘forbidden’ list We can use one of the crypto protocolsWe can use one of the crypto protocols –WEP –WEP 2 –WPA –WPA 2

10 March 2005 10R. Smith - University of St Thomas - Minnesota WEP, WEP2 “Wired Equivalent Privacy”“Wired Equivalent Privacy” –Describes the hope, not the achievement Shared key encryption protocolShared key encryption protocol –64-bit keys (original WEP) –128-bit keys (WEP 2) –Uses RC-4 stream cipher (hard to use safely) –Each packet has an IV –Per-packet key = secret + IV Poorly constructed encryptionPoorly constructed encryption –64-bit keys broken in 40-bit time –128-bit keys broken in 64-bit time –Possible to modify a packet's contents and CRC without knowing the crypto key (think of the bit flip example)

11 March 2005 11R. Smith - University of St Thomas - Minnesota WPA, WPA2 WPA – a stopgap to replace WEP ASAPWPA – a stopgap to replace WEP ASAP –128-bit keys using RC-4 Used existing hardwareUsed existing hardware Better integrity protectionBetter integrity protection Larger effective keysLarger effective keys –TKIP Key update protocol Each packet has a unique keyEach packet has a unique key Derived from packet serial #, shared secret, MAC addrDerived from packet serial #, shared secret, MAC addr WPA2 – implements 802.11i enhancementsWPA2 – implements 802.11i enhancements –Use AES instead of RC-4 –Permanent keys to authenticate; temporary for data –Can use RADIUS authentication server

12 March 2005 12R. Smith - University of St Thomas - Minnesota Diagramming the Crypto ElementsElements –Protocol stack elements –Where the crypto goes –What is encrypted –What is plaintext

13 March 2005 13R. Smith - University of St Thomas - Minnesota That’s it Questions?Questions? Creative Commons License This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.

Download ppt "March 2005 1R. Smith - University of St Thomas - Minnesota QMCS 490 - Class Today Wireless LANsWireless LANs Wireless LAN Security/CryptoWireless LAN Security/Crypto."

Similar presentations

IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
© Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS591 – Wireless & Network Security.

© Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS591 – Wireless & Network Security.
16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.

16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Wireless Network Security: WEP And Beyond Heidi Parsaye Jason DeVries Roxanne Ilse Heidi Parsaye - Jason DeVries - Roxanne Ilse.

Wireless Network Security: WEP And Beyond Heidi Parsaye Jason DeVries Roxanne Ilse Heidi Parsaye - Jason DeVries - Roxanne Ilse.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
March 2005 1R. Smith - University of St Thomas - Minnesota CISC 210 - Class Today Wireless LANs - recapWireless LANs - recap Link Encryption – book styleLink.

March R. Smith - University of St Thomas - Minnesota CISC Class Today Wireless LANs - recapWireless LANs - recap Link Encryption – book styleLink.
March 2005 1R. Smith - University of St Thomas - Minnesota QMCS 490 - Class Today Cryptography – introductory termsCryptography – introductory terms “Enigma”

March R. Smith - University of St Thomas - Minnesota QMCS Class Today Cryptography – introductory termsCryptography – introductory terms “Enigma”
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
5-1 Data Link Layer r What is Data Link Layer? r Wireless Networks m Wi-Fi (Wireless LAN) r Comparison with Ethernet.

5-1 Data Link Layer r What is Data Link Layer? r Wireless Networks m Wi-Fi (Wireless LAN) r Comparison with Ethernet.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Similar presentations

Ads by Google