cs 356 lecture 29 wireless security
play

CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter - PowerPoint PPT Presentation

CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5


  1. CS 356 – Lecture 29 Wireless Security Spring 2013

  2. Review • Chapter 1: Basic Concepts and Terminology • Chapter 2: Basic Cryptographic Tools • Chapter 3 – User Authentication • Chapter 4 – Access Control Lists • Chapter 5 – Database Security (skipped) • Chapter 6 – Malicious Software • Networking Basics (not in book) • Chapter 7 – Denial of Service • Chapter 8 – Intrusion Detection • Chapter 9 – Firewalls and Intrusion Prevention • Chapter 10 – Buffer Overflow • Chapter 11 – Software Security • Chapter 12 – OS Security • Chapter 22 – Internet Security Protocols • Chapter 23 – Internet Authentication Applications • Chapter 24 – Wireless Security

  3. Chapter 24 Wireless Network Security

  4. Wireless Security Overview • concerns for wireless security are similar to those found in a wired environment • security requirements are the same: – confidentiality, integrity, availability, authenticity, accountability – most significant source of risk is the underlying communications medium

  5. Wireless Networking Components Endpoint Access point Figure 24.1 Wireless Networking Components

  6. Wireless Network Threats accidental malicious ad hoc association association networks identity theft man-in-the nontraditional (MAC middle networks spoofing) attacks denial of network service (DoS) injection

  7. Securing Wireless Transmissions • principal threats are eavesdropping, altering or inserting messages, and disruption • countermeasures for eavesdropping: – signal-hiding techniques – encryption – the use of encryption and authentication protocols is the standard method of countering attempts to alter or insert transmissions

  8. Securing Wireless Networks • the main threat involving wireless access points is unauthorized access to the network • principal approach for preventing such access is the IEEE 802.1X standard for port-based network access control – the standard provides an authentication mechanism for devices wishing to attach to a LAN or wireless network • use of 802.1X can prevent rogue access points and other unauthorized devices from becoming insecure backdoors

  9. Wireless Network Security Techniques allow only specific computers to use encryption access your wireless network use anti-virus and change your anti-spyware router’s pre-set software and a password for firewall administration change the identifier on your turn off identifier router from the broadcasting default

  10. IEEE 802.11 Terminology

  11. Wireless Fidelity (Wi-Fi) Alliance • 802.11b – first 802.11 standard to gain broad industry acceptance • Wireless Ethernet Compatibility Alliance (WECA) – industry consortium formed in 1999 to address the concern of products from different vendors successfully interoperating – later renamed the Wi-Fi Alliance • term used for certified 802.11b products is Wi-Fi – has been extended to 802.11g products • Wi-Fi Protected Access (WPA) – Wi-Fi Alliance certification procedures for IEEE802.11 security standards – WPA2 incorporates all of the features of the IEEE802.11i WLAN security specification

  12. IEEE 802 Protocol Architecture Specific IEEE 802.11 General IEEE 802 functions functions Logical Link Flow control Control Error control Assemble data Medium Access into frame Reliable data delivery Wireless access control Addressing Control protocols Error detection Medium access Encoding/decoding Frequency band of signals definition Physical Bit transmission/ Wireless signal reception encoding Transmission medium Figure 24.2 IEEE 802.11 Protocol Stack

  13. General IEEE 802 MPDU Format MAC Destination Source MAC Service Data Unit (MSDU) CRC Control MAC Address MAC Address MAC header MAC trailer Figure 24.3 General IEEE 802 MPDU Format

  14. Distribution System IEEE AP 2 802.11 AP 1 Basic Service Extended Set (BSS) Basic Service STA 1 Service Set (BSS) STA 8 STA 2 Set STA 7 STA 6 STA4 STA 3 Figure 24.4 IEEE 802.11 Extended Service Set

  15. IEEE 802.11 Services

  16. Distribution of Messages Within a DS • the two services involved with the distribution of messages within a DS are: – distribution – integration • the primary service used by stations to exchange MPDUs when distribution the MPDUs must traverse the DS to get from a station in one BSS to a station in another BSS • enables transfer of data between a station on an IEEE 802.11 integration LAN and a station on an integrated IEEE 802x LAN • service enables transfer of data between a station on an IEEE 802.11 LAN and a station on an integrated IEEE 802.x LAN

  17. Association-Related Services • transition types, based on mobility: – no transition • a station of this type is either stationary or moves only within the direct communication range of the communicating stations of a single BSS – BSS transition • station movement from one BSS to another BSS within the same ESS; delivery of data to the station requires that the addressing capability be able to recognize the new location of the station – ESS transition • station movement from a BSS in one ESS to a BSS within another ESS; maintenance of upper-layer connections supported by 802.11 cannot be guaranteed

  18. Services • establishes an initial association association between a station and an AP • enables an established association to be transferred from one AP reassociation to another, allowing a mobile station to move from one BSS to another • a notification from either a disassociation station or an AP that an existing association is terminated

  19. Wireless LAN Security • Wired Equivalent Privacy (WEP) algorithm – 802.11 privacy • Wi-Fi Protected Access (WPA) – set of security mechanisms that eliminates most 802.11 security issues and was based on the current state of the 802.11i standard • Robust Security Network (RSN) – final form of the 802.11i standard – Wi-Fi Alliance certifies vendors in compliance with the full 802.11i specification under the WPA2 program

  20. Robust Security Network (RSN) Confidentiality, Data Authentication Services Elements Origin Authentication Access Control and Key and Integrity and Generation Replay Protection Protocols IEEE 802.1 Extensible of TKIP CCMP Port-based Authentication Access Control Protocol (EAP) (a) Services and Protocols IEEE Robust Security Network (RSN) 802.11i Services Integrity and Key Confidentiality Data Origin Generation Authentication Algorithms CCM CCM NIST TKIP TKIP (AES- HMAC- HMAC- HMAC- RFC (AES- Key (Michael (RC4) CBC- SHA-1 MD5 SHA-1 1750 CTR) Wrap MIC) MAC) (b) Cryptographic Algorithms CBC-MAC = Cipher Block Block Chaining Message Authentication Code (MAC) CCM = Counter Mode with Cipher Block Chaining Message Authentication Code CCMP = Counter Mode with Cipher Block Chaining MAC Protocol TKIP = Temporal Key Integrity Protocol Figure 24.5 Elements of IEEE 802.11i

  21. STA AP AS End Station IEEE Phase 1 - Discovery 802.11i Phase 2 - Authentication Phases of Phase 3 - Key Management Operation Phase 4 - Protected Data Transfer Phase 5 - Connection Termination Figure 24.6 IEEE 802.11i Phases of Operation

  22. STA AP AS IEEE Station sends a request Probe request to join network AP sends possible security parameter Probe response (security capabilties set per the security policy) Open system 802.11i Station sends a authentication request request to perform null authentication Open system AP performs authentication response null authentication Station sends a request to Association request associate with AP with security parameters AP sends the associated Association response security parameters Station sets selected security parameters Phases 802.1X controlled port blocked 802.1x EAP request 802.1x EAP response of Access request (EAP request) Extensible Authentication Protocol Exchange Accept/EAP-success Operation key material 802.1x EAP success 802.1X controlled port blocked Figure 24.7 IEEE 802.11i Phases of Operation: Capability Discovery, Authentication, and Association

  23. 802.1X Uncontrolled port Authentication server Access Access point Control Station Controlled Controlled port port To other To DS wireless stations on this BSS Figure 24.8 802.1X Access Control

  24. MPDU Exchange • authentication phase consists of three phases: – connect to AS • the STA sends a request to its AP that it has an association with for connection to the AS; the AP acknowledges this request and sends an access request to the AS – EAP exchange • authenticates the STA and AS to each other – secure key delivery • once authentication is established, the AS generates a master session key and sends it to the STA

Recommend


More recommend