SlideShare une entreprise Scribd logo

Wifi Security

Shital Kat
Shital Kat

For explaination of slides see write up http://www.slideshare.net/shitalkr/wifi-technolgoy-writeup

Technologie
1  sur  28
WiFi Security By Shital Katkar Roll no- 5
Recap ...          Introduction Flavours of the wifi Applications Advantages Limitations Elements of a WI-FI Network Working of a Wi-FI Network Adding WiFi to a Computer Wi-Fi Network Topologies
Content      Need of security Wi-Fi Security Threats Security requirements Security Techniques Wi-Fi security tips
Why security is more of a concern in wireless?  ƒ no inherent physical protection  physical connections between devices are replaced by logical associations  sending and receiving messages do not need physical access to the network infrastructure (cables, hubs, routers, etc.
Why security is more of a concern in wireless?  ƒ broadcast communications  wireless usually means radio, which has a broadcast nature  transmissions can be overheard by anyone in range – anyone can generate transmissions,  • which will be received by other devices in range  • which will interfere with other nearby transmissions and may prevent their correct reception (jamming)
Why security is more of a concern in wireless?  eavesdropping is easy  injecting bogus messages into the network is easy  replaying previously recorded messages is easy  illegitimate access to the network and its services is easy  denial of service is easily achieved by jamming
Wi-Fi Security Threats  Wireless technology doesn’t remove any old security issue, but introduces new ones  Eavesdropping  Man-in-the-middle attacks  Denial of Service
Eavesdropping  Easy to perform, most impossible to detect  By default , everything is transmitted in clear text  -Username, passwds,content...  -No secuirty offered by the transmission medium  Different tools available on the internet  -Network sniffers, protocol analysers  -Passwd collectors  With the right equipment, it’s possible to eavesdrop traffic from few kilometres away
Man In The Middle Attack  Attacker spoofs a disassociate message from the victim  The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using he real Aps MAC address  The attacker connects to the real  AP using victim’s MAC address
Denial of Service  Attack on transmission regency used  Frequency jamming  Not very technical, but works  Attack on MAC layer  Spoofed deauthentication / disassociatin messages  Can target on specific user  Attacks on higher layer protocol(TCP/IP protocol)  SYN Flooding
Wireless communication security requirements       ƒ Confidentiality Authenticity Replay detection Integrity ƒ Access control Protection against jamming
Security Techniques     Open/free/Unsecured (No Password) WEP (Wired Equivalent privacy) WPA (Wifi Protected access) WPA II
Unsecured/Open  Leaving your Wi-Fi unsecured is synonymous with leaving your front door wide open, so anyone could simply walk in.  Leaving your Wi-Fi unsecured also transmits data packets between users and the router in unencrypted format, which makes these data packets easy to intercept and read.
WEP (Wired Equivalent Privacy)  Default encryption protocol  Based on RC4 encryption algorithm  with a secret key of 40 bits or 104 bits being combined with a 24-bit Initialisation Vector(IV) to encrypt the plaintext message M and its checksumthe ICV (Integrity check value)  The encrypted message C was therefore determined using the following formula:  C = [ M || ICV(M) ] + [ RC4(K || IV) ]
Figure : WEP encryption protocol
What’s wrong with WEP?       IV values can be reused IV length is too short Weak keys are susceptible to attack Master keys are used directly Key Management and updating is poorly provided Message integrity checking is ineffective
WPA (Wifi Protected access)  Introduced to correct the inherent weaknesses of WEP  Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV).  One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.  When combined with the much larger IV, this defeats the well-known key recovery attacks on WEP.
TKIP packet is comprised of three parts:  1. A 128-bit temporal key that is shared by both clients and access points.  2. An MAC address of a client device.  3. A 48-bit initialization vector describes a packet sequence number.
TKIP packet  This combination guarantees various wireless clients use different keys.  In order to be compatible with existing hardware, TKIP uses the same encryption algorithm (RC4) as WEP. As such, only software or firmware upgrade is required to implement TKIP. Compared with WEP, TKIP changes the temporal keys every10000 packets. This dynamic distribution leaves potential hackers little room to crack TKIP key.  In general, most security experts believe that TKIP is a stronger encryption than WEP. However, they also agree that TKIP should be an interim solution because of its use of RC4 algorithm.
A summary of WPA benefits  In general, the security advantages of WPA over WEP are:  • Apply stronger network access control through mutual authentication  • Support better security technologies like 802.1X, EAP, RADIUS and preshared keys  • Adopt dynamic keys in TKIP to establish better key management  • Enforce data integrity through Michael Message Integrity Check  • Provide forward compatibility to ultimate wireless security solution, 802.11i
WPA potential security issues:  There are still potential encryption weaknesses in TKIP. Fortunately, the successful crack is expected to be heavy and expensive.  Performance may be sacrificed potentially due to a more complex and computation intensive authentication and encryption protocols.
WPA2 Wi-Fi Protected Access 2  Was ratified in 2004 as a solution to the key encryption problems contained in WEP and WPA.  A couple of small flaws appeared in WPA2, which require a quality of service attack or physical positioning between the user and router, but neither of these flaws are considered a severe threat that exposes user data.  WPA2 offers two encryption algorithms: AES and TKIP. TKIP is essentially WPA encryption, so for the benefits of WPA2 encryption, you should choose AES.  Another option on most routers is to choose both, which allows the stronger security of AES when applicable, but uses the weaker TKIP when compatibility issues arise.
Wi-Fi security tips        Use a strong password. Don't broadcast your SSID. Use good wireless encryption. Restrict access by MAC address. Shut down the network when it's not being used Monitor your network for intruders. Cover the bases.
Is Wi-Fi Safe for Human?
Effect on Human       Chronic headaches Memory Problems Dizziness Depression, Anxiety Sleep Disturbances Tremors
Conclusion  Wireless security has undergone major evolutions in last 7 years. WEP, the original security standard, is widely considered as broken. The IEEE 802.11 Group, the Wi-Fi Alliance and major network equipment vendors like Cisco are all working together to develop a new level of security standards.
References  SANS Institute InfoSec Reading Room  www.sans.org/readingroom/whitepapers/wireless/evolution-wirelesssecurity-80211-networks-wep-wpa-80211-standards1109  802.11ac: The Fifth Generation of Wi-Fi Technical White Paper  http://www.cisco.com/en/US/prod/collateral/wireles s/ ps5678/ps11983/white_paper_c11713103_ns767_Networking_Solutions White_Paper.html
Thank You 

Recommandé

Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking Security
Anshuman Biswal
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
kentquirk
 
Wireless LAN Security
Wireless LAN SecurityWireless LAN Security
Wireless LAN Security
Abu Rayhan Ahmmed Rimu
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
Shahid Beheshti University
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
Prakashchand Suthar
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN security
Rajan Kumar
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 

Recommandé

Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking Security
Anshuman Biswal
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
kentquirk
 
Wireless LAN Security
Wireless LAN SecurityWireless LAN Security
Wireless LAN Security
Abu Rayhan Ahmmed Rimu
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
Shahid Beheshti University
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
Prakashchand Suthar
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN security
Rajan Kumar
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
WPA 3
WPA 3WPA 3
WPA 3
diggu22
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
yousef emami
 
Ipsec
IpsecIpsec
Ipsec
Rupesh Mishra
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
Nzava Luwawa
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
Vishal Agarwal
 
WPA2
WPA2WPA2
WPA2
Mshari Alabdulkarim
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected access
Lopamudra Das
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
Rama Krishna M
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
Paul Gillingwater, MBA
 
Wlan security
Wlan securityWlan security
Wlan security
Upasona Roy
 
Wireless Network security
Wireless Network securityWireless Network security
Wireless Network security
Fathima Rahaman
 
Wifi & 802.11 Standards
Wifi & 802.11 StandardsWifi & 802.11 Standards
Wifi & 802.11 Standards
Vipul Kumar Maurya
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
Nilesh Sapariya
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Firewalls
FirewallsFirewalls
Firewalls
Kalluri Madhuri
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Cyber security ppt final
Cyber security ppt finalCyber security ppt final
Cyber security ppt final
SanishShrestha2
 
WEP
WEPWEP
WEP
Sudeep Kulkarni
 
Wireless security using wpa2
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2
Tushar Anand
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
n|u - The Open Security Community
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
AirTight Networks
 

Contenu connexe

Tendances

5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
Rama Krishna M
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 

Tendances (20)

WPA 3
WPA 3WPA 3
WPA 3
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
 
Ipsec
IpsecIpsec
Ipsec
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
WPA2
WPA2WPA2
WPA2
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected access
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wireless Network security
Wireless Network securityWireless Network security
Wireless Network security
 
Wifi & 802.11 Standards
Wifi & 802.11 StandardsWifi & 802.11 Standards
Wifi & 802.11 Standards
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Network Security
Network SecurityNetwork Security
Network Security
 
Firewalls
FirewallsFirewalls
Firewalls
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Cyber security ppt final
Cyber security ppt finalCyber security ppt final
Cyber security ppt final
 
WEP
WEPWEP
WEP
 
Wireless security using wpa2
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2
 

En vedette

WiFi (In)Security
WiFi (In)SecurityWiFi (In)Security
WiFi (In)Security
Mauro Foti
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
SecurityTube.Net
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)
akruthi k
 
Mind reading computer
Mind reading computerMind reading computer
Mind reading computer
Judy Francis
 
motion sensing technology
motion sensing technologymotion sensing technology
motion sensing technology
Santosh Kumar
 

En vedette (20)

Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
WiFi (In)Security
WiFi (In)SecurityWiFi (In)Security
WiFi (In)Security
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
 
WiFi Security Explained
WiFi Security ExplainedWiFi Security Explained
WiFi Security Explained
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)
 
Lecture 11 wifi security
Lecture 11 wifi securityLecture 11 wifi security
Lecture 11 wifi security
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
Underwater wireless communication
Underwater wireless communicationUnderwater wireless communication
Underwater wireless communication
 
Mind reading computer
Mind reading computerMind reading computer
Mind reading computer
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI Explainer
 
underwater wireless communication.
underwater wireless communication.underwater wireless communication.
underwater wireless communication.
 
Imaging beyond the visible - An Overview of Short-Wave Infrared (SWIR) Techno...
Imaging beyond the visible - An Overview of Short-Wave Infrared (SWIR) Techno...Imaging beyond the visible - An Overview of Short-Wave Infrared (SWIR) Techno...
Imaging beyond the visible - An Overview of Short-Wave Infrared (SWIR) Techno...
 
E waste management in india
E waste management in indiaE waste management in india
E waste management in india
 
Mind reading computer
Mind reading computerMind reading computer
Mind reading computer
 
Ewaste ppt
Ewaste ppt Ewaste ppt
Ewaste ppt
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial Intelligence
 
motion sensing technology
motion sensing technologymotion sensing technology
motion sensing technology
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial Intelligence
 

Similaire à Wifi Security

Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Dr. Amarjeet Singh
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
Information Technology
 
4 wifi security
4 wifi security4 wifi security
4 wifi security
al-sari7
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
mark scott
 
Security standard
Security standardSecurity standard
Security standard
lyndyv
 

Similaire à Wifi Security (20)

Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
 
Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be Jeopardized
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
4 wifi security
4 wifi security4 wifi security
4 wifi security
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
 
chapter 7 -wireless network security.ppt
chapter 7 -wireless network security.pptchapter 7 -wireless network security.ppt
chapter 7 -wireless network security.ppt
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-access
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measure
 
Wireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by VijayWireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by Vijay
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 
Wireless security
Wireless securityWireless security
Wireless security
 
Security standard
Security standardSecurity standard
Security standard
 
609 618
609 618609 618
609 618
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
 

Plus de Shital Kat

Query By Humming - Music Retrieval Technique
Query By Humming - Music Retrieval TechniqueQuery By Humming - Music Retrieval Technique
Query By Humming - Music Retrieval Technique
Shital Kat
 
School admission process management system (Documention)
School admission process management system (Documention)School admission process management system (Documention)
School admission process management system (Documention)
Shital Kat
 
WiFi technology Writeup
WiFi technology WriteupWiFi technology Writeup
WiFi technology Writeup
Shital Kat
 

Plus de Shital Kat (9)

Opinion Mining
Opinion MiningOpinion Mining
Opinion Mining
 
Introduction to HADOOP
Introduction to HADOOPIntroduction to HADOOP
Introduction to HADOOP
 
Big data processing using - Hadoop Technology
Big data processing using - Hadoop TechnologyBig data processing using - Hadoop Technology
Big data processing using - Hadoop Technology
 
Query By humming - Music retrieval technology
Query By humming - Music retrieval technologyQuery By humming - Music retrieval technology
Query By humming - Music retrieval technology
 
Query By Humming - Music Retrieval Technique
Query By Humming - Music Retrieval TechniqueQuery By Humming - Music Retrieval Technique
Query By Humming - Music Retrieval Technique
 
School admission process management system (Documention)
School admission process management system (Documention)School admission process management system (Documention)
School admission process management system (Documention)
 
WiFi technology Writeup
WiFi technology WriteupWiFi technology Writeup
WiFi technology Writeup
 
WiFi part II
WiFi part IIWiFi part II
WiFi part II
 
WIFI Introduction (PART I)
WIFI Introduction (PART I)WIFI Introduction (PART I)
WIFI Introduction (PART I)
 

Dernier

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Dernier (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Wifi Security

  • 1. WiFi Security By Shital Katkar Roll no- 5
  • 2. Recap ...          Introduction Flavours of the wifi Applications Advantages Limitations Elements of a WI-FI Network Working of a Wi-FI Network Adding WiFi to a Computer Wi-Fi Network Topologies
  • 3. Content      Need of security Wi-Fi Security Threats Security requirements Security Techniques Wi-Fi security tips
  • 4. Why security is more of a concern in wireless?  ƒ no inherent physical protection  physical connections between devices are replaced by logical associations  sending and receiving messages do not need physical access to the network infrastructure (cables, hubs, routers, etc.
  • 5. Why security is more of a concern in wireless?  ƒ broadcast communications  wireless usually means radio, which has a broadcast nature  transmissions can be overheard by anyone in range – anyone can generate transmissions,  • which will be received by other devices in range  • which will interfere with other nearby transmissions and may prevent their correct reception (jamming)
  • 6. Why security is more of a concern in wireless?  eavesdropping is easy  injecting bogus messages into the network is easy  replaying previously recorded messages is easy  illegitimate access to the network and its services is easy  denial of service is easily achieved by jamming
  • 7. Wi-Fi Security Threats  Wireless technology doesn’t remove any old security issue, but introduces new ones  Eavesdropping  Man-in-the-middle attacks  Denial of Service
  • 8. Eavesdropping  Easy to perform, most impossible to detect  By default , everything is transmitted in clear text  -Username, passwds,content...  -No secuirty offered by the transmission medium  Different tools available on the internet  -Network sniffers, protocol analysers  -Passwd collectors  With the right equipment, it’s possible to eavesdrop traffic from few kilometres away
  • 9. Man In The Middle Attack  Attacker spoofs a disassociate message from the victim  The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using he real Aps MAC address  The attacker connects to the real  AP using victim’s MAC address
  • 10. Denial of Service  Attack on transmission regency used  Frequency jamming  Not very technical, but works  Attack on MAC layer  Spoofed deauthentication / disassociatin messages  Can target on specific user  Attacks on higher layer protocol(TCP/IP protocol)  SYN Flooding
  • 11. Wireless communication security requirements       ƒ Confidentiality Authenticity Replay detection Integrity ƒ Access control Protection against jamming
  • 12. Security Techniques     Open/free/Unsecured (No Password) WEP (Wired Equivalent privacy) WPA (Wifi Protected access) WPA II
  • 13. Unsecured/Open  Leaving your Wi-Fi unsecured is synonymous with leaving your front door wide open, so anyone could simply walk in.  Leaving your Wi-Fi unsecured also transmits data packets between users and the router in unencrypted format, which makes these data packets easy to intercept and read.
  • 14. WEP (Wired Equivalent Privacy)  Default encryption protocol  Based on RC4 encryption algorithm  with a secret key of 40 bits or 104 bits being combined with a 24-bit Initialisation Vector(IV) to encrypt the plaintext message M and its checksumthe ICV (Integrity check value)  The encrypted message C was therefore determined using the following formula:  C = [ M || ICV(M) ] + [ RC4(K || IV) ]
  • 15. Figure : WEP encryption protocol
  • 16. What’s wrong with WEP?       IV values can be reused IV length is too short Weak keys are susceptible to attack Master keys are used directly Key Management and updating is poorly provided Message integrity checking is ineffective
  • 17. WPA (Wifi Protected access)  Introduced to correct the inherent weaknesses of WEP  Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV).  One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.  When combined with the much larger IV, this defeats the well-known key recovery attacks on WEP.
  • 18. TKIP packet is comprised of three parts:  1. A 128-bit temporal key that is shared by both clients and access points.  2. An MAC address of a client device.  3. A 48-bit initialization vector describes a packet sequence number.
  • 19. TKIP packet  This combination guarantees various wireless clients use different keys.  In order to be compatible with existing hardware, TKIP uses the same encryption algorithm (RC4) as WEP. As such, only software or firmware upgrade is required to implement TKIP. Compared with WEP, TKIP changes the temporal keys every10000 packets. This dynamic distribution leaves potential hackers little room to crack TKIP key.  In general, most security experts believe that TKIP is a stronger encryption than WEP. However, they also agree that TKIP should be an interim solution because of its use of RC4 algorithm.
  • 20. A summary of WPA benefits  In general, the security advantages of WPA over WEP are:  • Apply stronger network access control through mutual authentication  • Support better security technologies like 802.1X, EAP, RADIUS and preshared keys  • Adopt dynamic keys in TKIP to establish better key management  • Enforce data integrity through Michael Message Integrity Check  • Provide forward compatibility to ultimate wireless security solution, 802.11i
  • 21. WPA potential security issues:  There are still potential encryption weaknesses in TKIP. Fortunately, the successful crack is expected to be heavy and expensive.  Performance may be sacrificed potentially due to a more complex and computation intensive authentication and encryption protocols.
  • 22. WPA2 Wi-Fi Protected Access 2  Was ratified in 2004 as a solution to the key encryption problems contained in WEP and WPA.  A couple of small flaws appeared in WPA2, which require a quality of service attack or physical positioning between the user and router, but neither of these flaws are considered a severe threat that exposes user data.  WPA2 offers two encryption algorithms: AES and TKIP. TKIP is essentially WPA encryption, so for the benefits of WPA2 encryption, you should choose AES.  Another option on most routers is to choose both, which allows the stronger security of AES when applicable, but uses the weaker TKIP when compatibility issues arise.
  • 23. Wi-Fi security tips        Use a strong password. Don't broadcast your SSID. Use good wireless encryption. Restrict access by MAC address. Shut down the network when it's not being used Monitor your network for intruders. Cover the bases.
  • 24. Is Wi-Fi Safe for Human?
  • 25. Effect on Human       Chronic headaches Memory Problems Dizziness Depression, Anxiety Sleep Disturbances Tremors
  • 26. Conclusion  Wireless security has undergone major evolutions in last 7 years. WEP, the original security standard, is widely considered as broken. The IEEE 802.11 Group, the Wi-Fi Alliance and major network equipment vendors like Cisco are all working together to develop a new level of security standards.
  • 27. References  SANS Institute InfoSec Reading Room  www.sans.org/readingroom/whitepapers/wireless/evolution-wirelesssecurity-80211-networks-wep-wpa-80211-standards1109  802.11ac: The Fifth Generation of Wi-Fi Technical White Paper  http://www.cisco.com/en/US/prod/collateral/wireles s/ ps5678/ps11983/white_paper_c11713103_ns767_Networking_Solutions White_Paper.html

Notes de l'éditeur

  1. In Last 2 slots of seminar we have seen .In todays seminar I’ll be emphasizing on security of wifi as security is essential part of any technologyWi-Fi can be less secure than wired connections (such as Ethernet) because an intruder does not need a physical connection.
  2. Content for today/s seminar is
  3. Due to wireless nature there is no inherent physical protection
  4. Evesdropping-Eavesdropping is the act of secretly listening to the private conversation of others without their consentMITM-An attack where a user gets between the sender and receiver of information and sniffs any information being sent. DOS- a denial-of-service attack (DoS attack) is an attempt to make a machine or network resource unavailable to its intended users.
  5. Easy to perform, lmost impossible to detectBy default , everything is transmitted in clear text-Username, passwds,content...-Nosecuirty offered by the transmission mediumDifferent tools available on the internet-Network snffers, protocol analysers-Passwd collectors
  6. ƒ confidentiality – messages sent must be encrypted authenticity – origin of messages received must be verified replay detection – freshness of messages received must be checked integrity – modifying messages on-the-fly (during radio transmission) is not so easy, but possible … – integrity of messages received must be verifiedƒ access control – access to the network services should be provided only to legitimate entities
  7. Open- means no password. Anyone can get access .WEP uses secret keys to encrypt data. Both AP and the receiving stations must know the secret keys.WPA – It uses Temporal Key Integrity Protocol (TKIP)WPA 2-Uses the Advanced Encryption Standard (AES)
  8. WEP (Wired Equivalent Privacy) was the default encryption protocol introduced in the first IEEE 802.11 standard back in 1999. It is based on the RC4 encryption algorithm, with a secret key of 40 bits or 104 bits being combined with a 24-bit Initialisation Vector (IV) to encrypt the plaintext message M and its checksum – the ICV (Integrity Check Value). The encrypted message C was therefore determined using the following formula: C = [ M || ICV(M) ] + [ RC4(K || IV) ] where || is a concatenation operator and + is a XOR operator
  9. As u can see here this is a cipher text
  10. What’s wrong with WEP?IV values can be reusedIn fact the standard does not specify that the value needs to change at all. Reusing keys is a major cryptographic weakness in any security system.IV length is too short24 bit keys allow for around 16.7 million possibilities. Sounds a lot, but on a busy network this number can be achieved in a few hours. Weak keys are susceptible to attackCertain keys value combinations, ’Weak IVs’, do not produce sufficiently random data for the first few bytes. This is the basis of the highly publicized attacks on WEP and the reason that keys can be discovered.Manufacturers often deliberately disallow Weak IV values. This is good in that it reduces the chances of a hacker capturing weak keys, but also has the effect of reducing the already limited key possibilities further, increasing the chance of reuse of keys.Master keys are used directlyFrom a cryptographic point of view using master keys directly is not at all recommended. Master keys should only be used to generate other temporary keys. WEP is seriously flawed in this respect.Key Management and updating is poorly provided forAdministration of WEP keys is not well designed and difficult to do on large networks. Users tend to change keys very infrequently which gives a potential hacker lots of time to collect enough packets to launch an attack.Message integrity checking is ineffectiveWEP does have a message integrity check but hackers can change messages and recompute a new value to match. This makes the checking ineffective against tampering.ConclusionAlthough WEP is far from an ideal security solution you should still use it. Some security is better than none. A determined attacker may be able to discover your keys given time and enough weak IVs, but that’s no reason to leave all of your doors open.
  11. Wi-Fi Protected Access, or WPA, was introduced to correct the inherent weaknesses of WEP. Although it does improve security, it has its own problems. The encryption key used by WPA relies on a passphrase, the service set identification name (SSID), SSID length and a random value. The majority of the information used to create this 256-bit key is readily known, so a would-be hacker needs only guess the passphrase to have access to the network. Dictionary attacks systematically attempt numerous combinations of words, characters and phrases to guess this passphrase. It was determined that a passphrase comprised of less than 20 characters could be defeated.
  12. However, WPA also presents some potential security issues:
  13. Wireless networking can be kind of scary from a security standpoint. It opens up whole new attack vectors that were not present with wired network infrastructures. That doesn't mean you can't do it securely, however, and I aim to give you some ideas that can help you in that regard.Don't broadcast your SSID. -Use good wireless encryption. -WEP is not exactly "good" encryption. With a freely available tool like aircrack, you can sniff wireless traffic protected by WEP and crack security on that network in a matter of minutes. WPA is the current, common encryption standard you should probably be using -- though, of course, you should use something stronger as soon as it becomes available to you. Technology is advancing every day, on both sides of the encryption arms race, after all.Restrict access by MAC address. -restricting the MAC addresses allowed to connect to the network helps ensure you are not one of the "low hanging fruits" that people prefer to attack. Shut down the network when it's not being used-If you have the sort of network that does not need to be running twenty-four hours a day, seven days a week, you can reduce the availability of it to security crackers by turning it off when it isn't in use.Monitor your network for intruders. You should always make sure you have an eye on what's going on, that you are tracking attack trends. The more you know about what malicious security crackers are trying to do to your network, the better the job of defending against them you can do. Collect logs on scans and access attempts, use any of the hundreds of statistics generating tools that exist to turn those logs into more useful information, and set up your logging server to email you when something really anomalous happens. Cover the bases. Make sure you have some kind of good firewall running, whether on a wireless router or on a laptop you use to connect to wireless networks away from home
  14. Last but not the leastI would like to point out this question in my presentation. Is Wi-fi Safe for Human?Wifi health effects on the human body are commonly dismissed because we love the convenience. Wi-Fi dangers are ignored. After all we can walk around our house with our laptop and not lose connection. No messy inconvenient cords. We can keep up with mails and conduct our work at coffee shops, airports, hotels, even hospitals. Who wants to give up ths kind of convenience?Nd yet, have we stopped to think about the fact that there was no safety testing conducted before it went into used.
  15. Here are some of the most common symptoms people report when exposed to microwave radiation from cell phones and towers