An open, unencrypted wireless network can 'sniff' or capture and record the traffic, gain unauthorized access to internal network resources as well as to the internet, and then use the information and resources to perform disruptive or illegal acts.Many laptop computers have wireless cards pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security. Wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks.The risks to users of wireless technology have increased as the service has become more popular.As a result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources.
social pharmacy d-pharm 1st year by Pragati K. Mahajan
Wireless Networking Security
1. M. S. Ramaiah School of Advanced Studies 1
SPC2520 Advanced Wireless System
Presentation
Wireless Networking Security
Anshuman Biswal
PT 2012 Batch, Reg. No.: CJB0412001
M. Sc. (Engg.) in Computer Science and Networking
Module Leader: Rinki Sharma
Module Name: Advanced Wireless Systems
Module Code : SPC2520
2. M. S. Ramaiah School of Advanced Studies 2
Presentation Outline
• Introduction
• Why security is considered in wireless?
• Wireless network threats
• Wireless LAN security protocols and standards
• 802.11i RSN(WPA2) security services
• Elements of 802.11i
• IEEE 802.11i phases of operation
• IEEE 802.11i Keys
• IEEE 802.11i schemes for protecting data transmitted in 802.11 MPDUs
• Conclusion
• References
3. M. S. Ramaiah School of Advanced Studies 3
Marking
Head Maximum Score
Technical Content 05
Grasp and Understanding 05
Delivery – Technical and
General Aspects
05
Handling Questions 05
Total 20
4. M. S. Ramaiah School of Advanced Studies 4
Introduction
• An open, unencrypted wireless network can 'sniff' or capture and record the traffic, gain
unauthorized access to internal network resources as well as to the internet, and then use the
information and resources to perform disruptive or illegal acts.
• Many laptop computers have wireless cards pre-installed. The ability to enter a network while
mobile has great benefits. However, wireless networking is prone to some security
• Wireless networks relatively easy to break into, and even use wireless technology to hack into wired
networks.
• The risks to users of wireless technology have increased as the service has become more popular.
• As a result, it is very important that enterprises define effective wireless security policies that guard
against unauthorized access to important resources.
5. M. S. Ramaiah School of Advanced Studies 5
Wireless network threats
Accidental
Association
Network InjectionDenial of Service
Non traditional
Networks
Mac
spoofing/Identity
Theft
Man in the
middle attacks
Adhoc NetworkMalicious
Association
Caffe Latte attack
6. M. S. Ramaiah School of Advanced Studies 6
Wireless network threats
Accidental association: Company wireless LANs or
wireless access points to wired LANs in close proximity
(e.g., in the same or neighboring buildings) may create
overlapping transmission ranges. A user intending to
connect to one LAN may unintentionally lock on to a
wireless access point from a neighboring network. Although
the security breach is accidental, it nevertheless exposes
resources of one LAN to the accidental user.
Network InjectionDenial of Service
Non traditional
Networks
Mac
spoofing/Identity
Theft
Man in the
middle attacks
Adhoc NetworkMalicious
Association
Caffe Latte attack
7. M. S. Ramaiah School of Advanced Studies 7
Wireless network threats
Accidental
Association
Network InjectionDenial of Service
Non traditional
Networks
Mac
spoofing/Identity
Theft
Man in the
middle attacks
Adhoc Network
Caffe Latte attack
Malicious association: In this situation, a wireless
device is configured to appear to be a legitimate
access point, enabling the operator to steal passwords
from legitimate users and then penetrate a wired
network through a legitimate wireless access point.
8. M. S. Ramaiah School of Advanced Studies 8
Wireless network threats
Accidental
Association
Network InjectionDenial of Service
Non traditional
Networks
Mac
spoofing/Identity
Theft
Man in the
middle attacks
Caffe Latte attack
Malicious
Association
Ad hoc networks: These are peer-to-peer networks
between wireless computers with no access point
between them. Such networks can pose a
security threat due to a lack of a central point of
control.
9. M. S. Ramaiah School of Advanced Studies 9
Wireless network threats
Accidental
Association
Network InjectionDenial of Service
Mac
spoofing/Identity
Theft
Man in the
middle attacks
Caffe Latte attack
Malicious
Association
Nontraditional networks: Nontraditional networks
and links, such as personal network Bluetooth
devices, barcode readers, and handheld PDAs pose a
security risk both in terms of eavesdropping and
spoofing
Adhoc Network
10. M. S. Ramaiah School of Advanced Studies 10
Wireless network threats
Accidental
Association
Network InjectionDenial of Service
Man in the
middle attacks
Caffe Latte attack
Malicious
Association
Identity theft (MAC spoofing): This occurs when an
attacker is able to eavesdrop on network traffic and
identify the MAC address of a computer with
network privileges.
Adhoc Network
Non traditional
Networks
11. M. S. Ramaiah School of Advanced Studies 11
Wireless network threats
Accidental
Association
Network InjectionDenial of Service Caffe Latte attack
Malicious
Association
Man-in-the middle attacks is in the context of the
Diffie-Hellman key exchange protocol. In a broader
sense, this attack involves persuading a user and an
access point to believe that they are talking to each
other when in fact the communication is going
through an intermediate attacking device. Wireless
networks are particularly vulnerable to such attacks.
Adhoc Network
Non traditional
Networks
Mac
spoofing/Identity
Theft
12. M. S. Ramaiah School of Advanced Studies 12
Wireless network threats
Accidental
Association
Network Injection Caffe Latte attack
Malicious
Association
Denial of service (DoS): In the context of a wireless
network, a DoS attack occurs when an attacker
continually bombards a wireless access point or some
other accessible wireless port with various protocol
messages designed to consume system resources. The
wireless environment lends itself to this type of
attack, because it is so easy for the attacker to direct
multiple wireless messages at
the target.
Adhoc Network
Non traditional
Networks
Mac
spoofing/Identity
Theft
Man in the
middle attacks
13. M. S. Ramaiah School of Advanced Studies 13
Wireless network threats
Accidental
Association
Caffe Latte attack
Malicious
Association
Network injection: A network injection attack
targets wireless access points that are exposed to non-
filtered network traffic, such as routing protocol
messages or network management messages.
Adhoc Network
Non traditional
Networks
Mac
spoofing/Identity
Theft
Man in the
middle attacks
Denial of Service
14. M. S. Ramaiah School of Advanced Studies 14
Wireless network threats
Accidental
Association
Malicious
Association
Caffe Latte Attack: The Caffe Latte attack is another
way to defeat WEP. It is not necessary for the attacker
to be in the area of the network . By using a process
that targets theWindows wireless stack, it is possible
to obtain the WEP key from a remote client. By
sending a flood of encrypted ARP requests, the
assailant takes advantage of the shared key
authentication and the message modification flaws
in 802.11 WEP. The attacker uses the ARP responses
to obtain the WEP key in less than 6 minutes.
Adhoc Network
Non traditional
Networks
Mac
spoofing/Identity
Theft
Man in the
middle attacks
Denial of Service Network Injection
15. M. S. Ramaiah School of Advanced Studies 15
Wireless network threats
Accidental
Association
Malicious
Association
Adhoc Network
Non traditional
Networks
Mac
spoofing/Identity
Theft
Man in the
middle attacks
Denial of Service Network Injection Caffe Latte attack
16. M. S. Ramaiah School of Advanced Studies 16
Wireless LAN security protocols and standards
Wired Equivalent Privacy (WEP) algorithm :
• Wired Equivalent privacy
• Was broken years ago and takes 15
min to break in
• Very week and not recommended
• Accepts only hexadecimal password
• 802.11 privacy
17. M. S. Ramaiah School of Advanced Studies 17
• Wi-Fi Protected Access (WPA)
– Wi-Fi Protected Access
– set of security mechanisms that eliminates most 802.11 security issues
– based on the current state of the 802.11i standard
– Much better than WEP
– Accept long password and with all possi ble combinations
– Easy to setup, as easy as WEP
– Available in all the common wi-fi routers
– A must for all home users and it takes a long time to break in
• WPA2: Advance Wi-Fi Protected Access (RSN)
– Better than WPA
– Takes little more pain to setup
– Advised in corporate environments
– Strong encryption and authentication support
– final form of the 802.11i standard
Wireless LAN security protocols and standards
18. M. S. Ramaiah School of Advanced Studies 18
802.11i RSN(WPA2) security services:
• Authentication: A protocol is used to define an exchange between a user and an Authentication
Server that provides mutual authentication and generates temporary keys to be used between the
client and the AP over the wireless link
• Access control: enforces the use of the authentication function, routes the messages properly, and
facilitates key exchange
– It can work with a variety of authentication protocols
• Privacy with message integrity: MAC-level data are encrypted along with a message integrity code
that ensures that the data have not been altered
19. M. S. Ramaiah School of Advanced Studies 19
Elements of 802.11i
Access Control Authentication and Key
generation
Confidentiality, Data origin
authentication and integrity and
Replay protection
IEEE 802.1 port-
based access
control
Extensible
Authentication
Protocol ( EAP)
TKIP CCMP
RSN services and protocol
confidentiality
TKIP
(RC4)
CCM
(AES-
CTR)
NIST-
key
wrap
Integrity and data origin
authentication
HMAC
-SHA1
HMAC
-MD5
TKIP-
Michael
MIC
CCM
(AES-
CBC-
MAC)
HMAC
– SHA1
RFC
1750
Key generation
Cryptographic algorithms used for these services
ProtocolsServices
AlgorithmsServices
20. M. S. Ramaiah School of Advanced Studies 20
IEEE 802.11i phases of operation
STA AP AS
End
Station
Phase1: Discovery
Phase 2: Authentication
Phase 3: Key
management
Phase 4: Protected data transfer
Phase 5: Connection
termination
Discovery:
• An AP uses messages called Beacons and Probe
responses to advertise its IEEE 802.11i security policy.
• The STA uses these to identify an AP for a WLAN with which it
wishes to communicate.
• The STA associates with the AP, which it uses to select the cipher
suite and authentication mechanism when the Beacons and
Probe Responses ,present a choice.
Authentication:
• During this phase, the STA and AS prove their identities to each
other.
• The AP blocks non-authentication traffic between the STA and AS
until the authentication transaction is successful.
• The AP does not participate in the authentication transaction
other than forwarding traffic between the STA and AS.
21. M. S. Ramaiah School of Advanced Studies 21
IEEE 802.11i phases of operation
STA AP AS
End
Station
Phase1: Discovery
Phase 2: Authentication
Phase 3: Key
management
Phase 4: Protected data transfer
Phase 5: Connection
termination
Key generation and distribution:
• The AP and the STA perform several operations that cause
cryptographic keys to be generated and placed on the AP and
the STA.
• Frames are exchanged between the AP and STA only.
Protected data transfer:
• Frames are exchanged between the STA and the end
station through the AP.
• Secure data transfer occurs between the STA and the AP only;
security is not provided end-to-end.
Connection termination:
• The AP and STA exchange frames. During this phase,
the secure connection is torn down and the connection is restored
to the original state.
22. M. S. Ramaiah School of Advanced Studies 22
IEEE 802.11i phases of operation
STA AP AS
Probe Request
Probe Response
Open system authentication request
Open system authentication response
Assosiation request
Assosiation response
802.1X controlled port blocked
802.1x EAP request
802.1x EAP response
Access request (EAP request)
Extensible Authentication Protocol Exchange
Accept/EAP- success key material
802.1x EAP success
802.1X controlled port blocked
Station sends a request to
join network
Station sends a request to
perform null
authentication
AP sends possible security parameter
( security parameter set per the security
policy)
AP performs null authentication
Station sends a request to
associate with AP with
security parameters AP sends the associated security
parameterStation sets selected security
parameters
23. M. S. Ramaiah School of Advanced Studies 23
IEEE 802.11i Key Hierarchies
Pre-shared key
Temporal keyEAPOL key confirmation key
AAA key
Pair wise master key
Pair wise transient key
EAPOL key encryption key
Out of band path EAP method path
PSK AAAK or MSK
PMK
PTK
KCK
KEK
TK
EAP Authentication
Following EAP Authentication or PSK
During 4 way hand shake
128 bits
128 bits
128 bits(CCMP) 256 bit (TKIP)
384 bits(CCMP)
512 bit (TKIP)
256 bits
256 bits ≥ 256 bitsUser defined
crypto
Legend
No modification
possible truncation
PRF(Pseudo random
function)using
HMAC-SHA-1
LEGEND
Group master key
Group temporal key
GMK (generated by AS)
Changes periodically or if
compromised
Changes based on policy
(dissassosiation ,
deauthentication)
GTK
40 bits,104 bits(WEP)
128 bits(CCMP)
256 bits(TKIP)
256 bitsThese keys are components of PTK
24. M. S. Ramaiah School of Advanced Studies 24
IEEE 802.11i Keys
25. M. S. Ramaiah School of Advanced Studies 25
Pseudorandom Function
The function PRF( K , A , B , Len ). The parameter K serves as the key input to HMAC. The message input consists
of four items concatenated together: the parameter A , a byte with value 0, the parameter B , and a counter i . The
counter is initialized to 0. The HMAC algorithm is run once, producing a 160-bit hash value. If more bits are required,
HMAC is run again with the same inputs, except that i is incremented each time until the necessary number
of bits is generated.
26. M. S. Ramaiah School of Advanced Studies 26
IEEE 802.11i Key management phase
STA AP
Message1: EAPOL-
key(Anonce,Unicast)
Message2: EAPOL-
key(snonce,unicast,MIC)
Message 3: EAPOL-
key(InstallPTK,unicast,MIC)
802.1X controlled port blocked
Message 4: EAPOL-key(unicast,MIC)
Message 2 delivers another nonce to the AP so that
it can also generate the PTK. It demonstrates to the
AP that the STA is alive,ensures that the PTK is
fresh(new) and that there is no man-in-the-middle
Message1 delivers a nonce to the STA so
that it can generate the PTK
Message3 demonstrates to the STA that
the authenticator is alive,ensures that the
PTK is fresh(new) and that there is no
man-in-the-middle
Message4 serves as an acknowledgement to
message 3. It serves no cryptographic function.
This message also ensures the reliable start of
the group key handshake.
Ap’s 802.1X controlled port un-blocked for unicast traffic
Message 1: EAPOL-key(GTK,MIC)
Message 2: EAPOL-key(MIC)
The STK decrypts GTK and installs it for use
Message2 is delivered to the AP. This frame
serves only as an acknowledgement to the AP
Message 1 delivers a new GTK to the STA. The
GTK is encrypted before it is sent and the entire
message is integrity protected
The AP installs the GTK
27. M. S. Ramaiah School of Advanced Studies 27
Temporal Key Integrity Protocol (TKIP)
• Designed to require only software changes to devices that are implemented with the older wireless
LAN security approach called WEP
• Provides two services:
IEEE 802.11i schemes for protecting data transmitted in 802.11
MPDUs
message
integrity
adds a message
integrity code to
the 802.11 MAC
frame after the
data field
data
confidentiality
provided by
encrypting the
MPDU
28. M. S. Ramaiah School of Advanced Studies 28
Counter Mode-CBC MAC Protocol (CCMP)
• Intended for newer IEEE 802.11 devices that are equipped with the hardware to support this scheme
• Provides two services: Message
integrity
Uses the cipher-block-
chaining message
authentication code
(CBC-MAC)
Data
confidentiality
Uses the CTR block
cipher mode of
operation with AES
for encryption
IEEE 802.11i schemes for protecting data transmitted in 802.11
MPDUs
29. M. S. Ramaiah School of Advanced Studies 29
Conclusion
• Change the router login password frequently
– Atleast once a month
• Change the wireless WPA password also
– Atleast once a month
• Avoid temptation to connect to open wireless just looking for
free internet.
• Configure DHCP more tightly.Example
– I have 3 machines in my home (desktop/laptop/phone)
– I’ll create a IP pool of 3 IPs only
– I’ll do DHCP reservation using the MAC of these 3 IP
– Effectively I’m not allowing any outsider machine to
connect
• Try to configure MAC binding
– Allow only MY machines to connect
– Many access points support MAC binding
– Any other machine will not be able to connect to my
Wi-Fi
30. M. S. Ramaiah School of Advanced Studies 30
References
[FRAN07] Frankel,S.;Eydt,B.;Owens,L.;And Scarfone,K. “Establishing wireless robust security networks: A guide
to 802.11i”. NIST special publication Sp 800-97, February 2007.
[Edney04] Edney, J.; Arbaugh,W.; “Real 802.11 Security: WiFi Protected Access and 802.11i”. Addison-Wesley,
2004.
[WPA2015] “Wi-fi Protected Access”[Online] Available from: http://en.wikipedia.org/wiki/Wi-
Fi_Protected_Access (Accessed: 1 January 2015)
[WSA2015]“Wireless Security Access”[Online] Available from: http://en.wikipedia.org/wiki/Wireless_security
(Accessed: 25 December 2015)