security analysis on wireless lan protocols
play

Security Analysis on Wireless LAN protocols HORI Yoshiaki - PowerPoint PPT Presentation

Dec 02, 2023 •116 likes •331 views

Security Analysis on Wireless LAN protocols HORI Yoshiaki hori@csce.kyushu-u.ac.jp Kyushu University / ISIT ETRI-ISIT 1st joint seminar 1 Contents S e c u r i t y a n a l y s i s o n I E E E 8 0 2 . 1 1 i

  1. Security Analysis on Wireless LAN protocols HORI Yoshiaki hori@csce.kyushu-u.ac.jp Kyushu University / ISIT ETRI-ISIT 1st joint seminar 1

  2. Contents ・ S e c u r i t y a n a l y s i s o n I E E E 8 0 2 . 1 1 i ‐ S h o r t s u m m a r y o f C . H e a n d J . C . M i t c h e l l , “ S e c u r i t y A n a l y s i s a n d I m p r o v e m e n t s f o r I E E E 8 0 2 . 1 1 i , ” N D S S 0 5 , F e b r u a r y 2 0 0 5 ・ S e c u r i t y a n a l y s i s o n M I S p r o t o c o l ‐ Y e t a n o t h e r w i r e l e s s L A N p r o t o c o l b a s e d o n I E E E 8 0 2 . 1 1 p h y s i c a l l a y e r ETRI-ISIT 1st joint seminar 2

  3. Wireless LAN and Security • Wireless LAN (WLAN) – WLAN uses wireless media instead of wired media in order to provide connectivity for a terminal. • A wireless terminal is connected with Access Point (AP) by using of wireless media. – WLAN provides mobility, no wire → WLAN enables easily to build LAN – Currently WLAN become widely deployed. • WLAN security – WLAN security has become a serious concern for many organizations. – Security requirements for a WLAN • Data condidentiality • Integrity • Mutual authentication • Availability ETRI-ISIT 1st joint seminar 3

  4. WLAN security model Wireless terminal Access Point (AP) (Supplicant) (Authenticator) Network Network (Authentication Attack Server) Eaves dropping Adversary ETRI-ISIT 1st joint seminar 4

  5. Wireless Threats (by C. He and J. C. Mitchell, Stanford Univ.) • Wireless Threats – Threat 1: Passive Eavesdropping – Threat 2: Message Injection – Threat 3: Message Deletion and Interception – Threat 4: Masquerading and Malicious AP – Threat 5: Session Hijacking – Threat 6: Man-in-the-Middle – Threat 7: Denial of Service Threats 1, 2, and 3: attack all three type of frames in the Link Layer Threats 4, 5, and 6: defeat mutual authentication Threats 7: interferes with availabilit ETRI-ISIT 1st joint seminar 5

  6. IEEE 802.11i overview ・I E E E s t a n d a r d a p p r o v e d a n d p u b l i s h e d o n J u n e 2 0 0 4 ・D e s i g n e d t o p r o v i d e e n h a n c e d s e c u r i t y i n t h e M e d i a A c c e s s C o n t r o l ( M A C ) l a y e r f o r 8 0 2 . 1 1 w i r e l e s s n e t w o r k s ‐8 0 2 . 1 1 i w o r k s w e l l f o r d a t a c o n f i d e n t i a l i t y , i n t e g r i t y , a n d m u t u a l a u t h e n t i c a t i o n . ・D e f i n e d R o b u s t S e c u r i t y N e t w o r k A s s o c i a t i o n ( R S N A ) w h i c h p r o v i d e s ‐t w o d a t a c o n f i d e n t i a l i t y p r o t o c o l s ; ・T e m p o r a r y K e y I n t e g r i t y P r o t o c o l ( T K I P ) ・C o u n t e r - m o d e / C B C - M A C P r o t o c o l ( C C M P ) w i t h A E S - 1 2 8 ( 1 2 8 b i t K e y a n d 1 2 8 b i t B l o c k s i z e ) ‐A u t h e n t i c a t i o n a n d k e y m a n a g e m e n t p r o t o c o l ・E x t e n s i b l e A u t h e n t i c a t i o n P r o t o c o l ( E A P ) s c h e m e , e . g . E A P - T L S , p r o v i d e s m u t u a l a u t h e n t i c a t i o n . ・4 - w a y h a n d s h a k e e n a b l e s t o s h a r e P a i r w i s e T r a n s i e n t K e y ( P T K ) d e r i v e d f r o m t h e i r P a i r w i s e M a s t e r K e y ( P T K ) . ・A l s o s u p p o r t e d p r e - R S N A f o r c o m p a t i b i l i t y w i t h 8 0 2 . 1 1 ‐W i r e d E q u i v a l e n t P r i v a c y ( W E P ) ETRI-ISIT 1st joint seminar 6

  7. Data confidentiality and Integrity ・ C C M P a p p e a r s t o p r o v i d e s a t i s f a c t o r y d a t a c o n f i d e n t i a l i t y , i n t e g r i t y , a n d r e p l a y p r o t e c t i o n f o r d a t a p a c k e t s a g a i n s t t h r e a t s 1 , 2 a n d 3 . ・ H o w e v e r , t h r e a t s 1 , 2 a n d 3 r e m a i n w i t h m a n a g e m e n t f r a m e s a n d c o n t r o l f r a m e s b e c a u s e t h e s e f r a m e s a r e n e i t h e r e n c r y p t e d n o r a u t h e n t i c a t e d b y t h e l i n k l a y e r e n c r y p t i o n a l g o r i t h m . ETRI-ISIT 1st joint seminar 7

  8. Authentication and Key Management ・I f t h e c o m p l e t e R S N A h a n d s h a k e s a r e p e r f o r m e d , t h e a u t h e n t i c a t i o n a n d k e y m a n a g e m e n t p r o c e s s a p p e a r t o b e s e c u r e . ・H o w e v e r , s i n c e a n a d v e r s a r y c a n i n t e r f e r e w i t h e a r l y s t a g e s i n R S N A h a n d s h a k e s , i t m a y p r e v e n t c o m p l e t i o n o f t h e R S N A . ・S o m e a t t a c k s f o r 8 0 2 . 1 1 i ‐S e c u r i t y l e v e l r o l l b a c k a t t a c k ・B o g u s b e a c o n a n d b o g u s p r o b e r e s p o n s e f r o m a n a u t h e n t i c a t o r ( a c c e s s p o i n t ) , a n d b o g u s a s s o c i a t i o n r e q u e s t . ‐R e f l e c t i o n a t t a c k o n t h e 4 - w a y h a n d s h a k e ETRI-ISIT 1st joint seminar 8

  9. Availability ・ K n o w n D o SA t t a c k s ・ M i c h a e l A l g o r i t h m C o u n t e r m e a s u r e ( i n T K I P ) ‐ N o t a f f e c t e d w i t h C C M P ・ R S N I E ( R S N I n f o r m a t i o n E l e m e n t ) P o i s o n i n g ・ 4 - W a y H a n d s h a k e B l o c k i n g ・ F a i l u r e R e c o v e r y ETRI-ISIT 1st joint seminar 9

  10. Known DoS Attacks ・A n a d v e r s a r y c a n e a s i l y f o r g e t h e m a n a g e m e n t f r a m e s a n d t h e c o n t r o l f r a m e s t o l a u n c h a D o S a t t a c k . ‐T h e m o s t e f f i c i e n t a t t a c k i s t o f o r g e a n d r e p e a t e d l y s e n d D e a u t h e n t i c a t i o n o r D e a s s o c i a t i o n f r a m e s . T h e s e a t t a c k s p e r s i s t e v e n i f 8 0 2 . 1 1 i i s u s e d . ‐T h e r e a r e a l s o s e v e r a l D o Sa t t a c k s t h a t e x p l o i t t h e u n p r o t e c t e d E A P m e s s a g e s i n 8 0 2 . 1 X a u t h e n t i c a t i o n . H o w e v e r , t h e s e v u l n e r a b i l i t i e s f o r t u n a t e l y c a n b e e l i m i n a t e d i n 8 0 2 . 1 1 i b y s i m p l y i g n o r i n g t h e s e m e s s a g e s . ・E A P O L ( E A P o v e r L A N ) - S t a r t , E A P O L - S u c c e s s , E A P O L - F a i l u r e , E A P O L - L o g o f f ETRI-ISIT 1st joint seminar 10

  11. Summary: 802.11i security ・ S a t i s f a c t o r y d a t a c o n f i d e n t i a l i t y , i n t e g r i t y , a n d r e p l a y p r o t e c t i o n f o r d a t a p a c k e t s i s p r o v i d e d b y u s i n g o f C C M P ( A E S ) . ・ M u t u a l a u t h e n t i c a t i o n i s p r o v i d e d b y E A P - T L S a n d 4 - w a y h a n d s h a k e . ・ I n o r d e r t o s u p p o r t a b o v e f e a t u r e s a n d t o k e e p u p p e r c o m p a t i b i l i t y w i t h I E E E 8 0 2 . 1 1 a n d I E E E 8 0 2 . 1 X ( p r e - R S N A ) , w e s h o u l d c o n s i d e r a v a i l a b i l i t y . ETRI-ISIT 1st joint seminar 11

Recommend

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols 01 Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief introduction to security protocols; Model checking of security protocols, particularly using the process

1.28k views • 110 slides
Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security Symposium, 2008 Many Protocols Authentication and key exchange SSL/TLS, Kerberos, IKE, JFK, IKEv2, Wireless and mobile computing Mobile IP, WEP,

959 views • 71 slides
Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless

Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless

Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless Protocols Contents WPA and WPA2? Common parts in WPA & WPA2 WPA Encryption and Decryption WPA2 Encryption and Decryption Attacks on WPA Attacks on

235 views • 21 slides
Wireless Wireless Medium Access Control Medium Access Control Protocols Protocols

Wireless Wireless Medium Access Control Medium Access Control Protocols Protocols

Wireless Wireless Medium Access Control Medium Access Control Protocols Protocols Telecomunicazioni Undergraduate course in Electrical Engineering University of Rome La Sapienza Rome, Italy 2007-2008 Classification of of wireless

597 views • 35 slides
Wireless Networks: Network Protocols/Mobile IP Mo$va$on

Wireless Networks: Network Protocols/Mobile IP Mo$va$on

Wireless Networks: Network Protocols/Mobile IP Mo$va$on Problems Data transfer DHCP Encapsula$on Security IPv6 Adapted from J. Schiller,

441 views • 29 slides
Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola 600.647

Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola 600.647

Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola 600.647 Advanced Topics in Wireless Networks Our focus: MANETs Multi-hop routing: unicast multicast infrastructure access Our focus: MANETs

894 views • 26 slides
Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor

Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor

Computer Aided Security: Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks Pascal Lafourcade November 6, 2012

624 views • 44 slides
Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols

Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols

Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols Data handled by computers: Banking details Emails Messaging Adult websites Private files Mobile devices 2 Goal of dissertation Is the

758 views • 51 slides
Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over

Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over

Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over an untrusted channel (eg. Internet) 2 Security Protocols are out there Authentication Confidentiality Example: HTTPS (HTTP + TLS)

669 views • 42 slides
Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering They are where cryptography and system mechanisms meet They allow trust to be taken from where it exists to where it s needed But they are

941 views • 67 slides
Wireless Privacy: Analysis of 802.11 Security Nikita Borisov UC Berkeley

Wireless Privacy: Analysis of 802.11 Security Nikita Borisov UC Berkeley

Wireless Privacy: Analysis of 802.11 Security Nikita Borisov UC Berkeley nikitab@cs.berkeley.edu Wireless Networking is Here Internet 802.11 wireless networking is on the rise installed base: ~ 15 million users currently a $1

803 views • 37 slides
Selfishness in packet forwarding/ Secure protocols for behavior enforcement Security and

Selfishness in packet forwarding/ Secure protocols for behavior enforcement Security and

Selfishness in packet forwarding/ Secure protocols for behavior enforcement Security and Cooperation in Wireless Networks Georg-August University Gttingen Part I: Selfishness in packet forwarding the operation of multi-hop wireless networks

860 views • 36 slides
Automated Analysis of Wireless Communication Protocols via SDR Bachelor thesis colloquium Roman

Automated Analysis of Wireless Communication Protocols via SDR Bachelor thesis colloquium Roman

Chair for Network Architectures and Services Technische Universit at M unchen Automated Analysis of Wireless Communication Protocols via SDR Bachelor thesis colloquium Roman Leuprecht November 4, 2015 Chair for Network Architectures and

583 views • 22 slides
Towards computationally sound symbolic security analysis Daniele Micciancio, UCSD DIMACS

Towards computationally sound symbolic security analysis Daniele Micciancio, UCSD DIMACS

Towards computationally sound symbolic security analysis Daniele Micciancio, UCSD DIMACS Tutorial June 2004 Security protocols Protocols: distributed programs Goal: maintain prescribed behavior in adversarial execution environment

1.34k views • 51 slides
Security Analysis of Network Protocols John Mitchell Reference:

Security Analysis of Network Protocols John Mitchell Reference:

CS259 Winter 2008 Security Analysis of Network Protocols John Mitchell Reference: http://www.stanford.edu/class/cs259/ Course organization Lectures Tues, Thurs for approx first six weeks of quarter Project presentations in 3

805 views • 42 slides
Wireless Networks and Protocols MAP-TELE Jaime Dias, Manuel Ricardo Faculdade de Engenharia da

Wireless Networks and Protocols MAP-TELE Jaime Dias, Manuel Ricardo Faculdade de Engenharia da

WNP-MPR-Sec 1 Wireless Networks and Protocols MAP-TELE Jaime Dias, Manuel Ricardo Faculdade de Engenharia da Universidade do Porto WNP-MPR-Sec 2 Topics Scheduled for Today Authentication and access control Security basic

775 views • 49 slides
Proving Properties of Security Protocols by Induction Lawrence C. Paulson Computer Laboratory

Proving Properties of Security Protocols by Induction Lawrence C. Paulson Computer Laboratory

Proving Security Protocols 1 L. C. Paulson Proving Properties of Security Protocols by Induction Lawrence C. Paulson Computer Laboratory University of Cambridge Proving Security Protocols 2 L. C. Paulson Cryptographic Protocol Analysis

389 views • 24 slides
Wireless Networks and Protocols MAP-Tele Manuel P. Ricardo Faculdade de Engenharia da

Wireless Networks and Protocols MAP-Tele Manuel P. Ricardo Faculdade de Engenharia da

WNP-MPR-Fundaments 1 Wireless Networks and Protocols MAP-Tele Manuel P. Ricardo Faculdade de Engenharia da Universidade do Porto WNP-MPR-Fundaments 2 Topics Scheduled for Today Introduction to Wireless Networks and Protocols

1.16k views • 97 slides
Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval, Steve Kremer, Itsaka Rakotonirina Inria Nancy Grand-Est Security protocols TLS Wifi @ PASS E-voting E-passport 2 24 Security protocols

830 views • 69 slides
Writing a book on wireless security available online is like writing a book on safe Internet

Writing a book on wireless security available online is like writing a book on safe Internet

Agenda The purpose of this presentation is to: FIRST Technical Colloquium Uppsala, Sweden Give an overview of Wireless technology Highlight the security issues Securing Your associated with IEEE 802.11b Wireless LAN wireless LANs Suggest

413 views • 16 slides
Verifying Security Protocols and their Implementations Information Security and Cryptography

Verifying Security Protocols and their Implementations Information Security and Cryptography

Verifying Security Protocols and their Implementations Information Security and Cryptography Reading Group Presenter: C t lin Hri cu References Verified Interoperable Implementations of Security Protocols. Karthikeyan Bhargavan,

922 views • 70 slides
Network Security Protocols: Analysis methods and standards John Mitchell Stanford University

Network Security Protocols: Analysis methods and standards John Mitchell Stanford University

Network Security Protocols: Analysis methods and standards John Mitchell Stanford University Joint work with many students, postdocs, collaborators TRUST : Team for Research in Ubiquitous Secure Technologies NSF Science and Technology Center

536 views • 40 slides
Methods and tools for design time and runtime formal analysis of security protocols and web

Methods and tools for design time and runtime formal analysis of security protocols and web

Methods and tools for design time and runtime formal analysis of security protocols and web applications Marco Rocchetto REsearch Group in I nformation S ecurity Department of Computer Science University of Verona, Italy Verona, May 8, 2015

731 views • 62 slides
Wireless Networks L ecture 10: LAN MAC Protocols Wireless versus Wired Peter Steenkiste CS and

Wireless Networks L ecture 10: LAN MAC Protocols Wireless versus Wired Peter Steenkiste CS and

Wireless Networks L ecture 10: LAN MAC Protocols Wireless versus Wired Peter Steenkiste CS and ECE, Carnegie Mellon University Peking University, Summer 2016 1 Peter A. Steenkiste Outline Data link fundamentals And what changes in

743 views • 11 slides

More recommend