Wireless Network Security Vedavyas Duggirala CS 6204, Spring 2005 1
Wireless Devices - Benefits and Risks ♦ Benefits ♦ Risks – Allow Mobility – Suffers from all the risks of wired networks – Greater flexibility, efficiency and reduced – Communication media wiring costs (air) is open – Enable new – Mobility and applications from retail compactness raise settings, shop floor & physical security first responders concerns. CS 6204, Spring 2005 2
Wireless Technology Overview ♦ Wireless Wide Area Networks e.g. 2G Cellular, 3G, CDPD, GSM, Mobitex … ♦ Wireless Local Area Networks e.g. 802.11, HiperLAN ♦ Wireless Personal Area Networks e.g. Bluetooth, IR ♦ Wireless Devices e.g. Laptops, PDA, Pagers, Cell Phones, Smart Phones … CS 6204, Spring 2005 3
802.11 Overview ♦ Physical Layer Direct Sequence Spread Spectrum (DSSS), Frequency Hopping Spread Spectrum (FHSS), Orthogonal Frequency Division Multiplexing (OFDM), infrared (IR). ♦ Frequency Band 2.4 GHz (ISM band) and 5 GHz. ♦ Data Rates 1 Mbps, 2 Mbps, 5.5 Mbps (11b), 11 Mbps (11b), 54 Mbps (11a) ♦ Data and Network Security: RC4-based stream encryption algorithm for confidentiality, authentication, and integrity. Limited key management. (AES is being considered for 802.11i.) ♦ Operating Range Up to 150 feet indoors and 1500 feet outdoors. ♦ Positive Aspects: Ethernet speeds without wires; many different products from many different companies. Wireless client cards and access point costs are decreasing. ♦ Negative Aspects: Poor security in native mode; throughput decrease with distance and load. CS 6204, Spring 2005 4
802.11 Overview ♦ Infrastructure mode: – Clients connect via an Access Point (AP) – Coverage area of AP is called BSS (Basic Service Set) – AP’s can be connected by wired or wireless means. Total coverage area is called ESS (Extended Service Set) ♦ Ad-hoc mode: – Clients connect to each other directly – Coverage area is called IBSS (Independent BSS) CS 6204, Spring 2005 5
802.11 Security ♦ Security provided by WEP (Wired Equivalent Privacy) Protocol ♦ No end to end security, only for the wireless portion ♦ Authentication: Verify Identity of communicating clients ♦ Confidentiality: Provides privacy achieved by wired network. Protects against passive attacks (eavesdropping) ♦ Integrity: Message is not modified in transit between client and AP CS 6204, Spring 2005 6
802.11 Authentication Open Shared ♦ ♦ Two stage challenge response One stage challenge-response ♦ A station is allowed to join a ♦ Based on RC4 stream cipher network without any identity ♦ Station is allowed to join based verification. Station just on knowledge of a shared secret responds with a MAC address ♦ Does not provide mutual ♦ Only “authentication” method authentication. Only client is required by the standard authenticated, AP is not. ♦ Vulnerable to Man in the middle attacks ♦ Not required by the standard CS 6204, Spring 2005 7
802.11 Privacy and Integrity ♦ Confidentiality - Data encrypted only for wireless portion from client to Access Point (AP) ♦ Integrity - CRC is used to detect message tampering ♦ Uses the RC4 symmetric key, stream cipher algorithm to generate a pseudo- random data sequence. This “key stream” is simply added modulo 2 (exclusive-OR-ed) to the data to be transmitted ♦ Key size is 40bits. Most vendors provide 104bit keys ♦ 24 bit Initialization Vector is used as a part of the encryption CS 6204, Spring 2005 8
802.11 Vulnerabilities ♦ Suffers from flawed implementation of RC4 and is vulnerable irrespective of key length ♦ IV generation is not specified ♦ IV is transmitted in clear text on all packets ♦ Keys not chosen randomly (based on passphrase rather than mouse movements / computer noise) ♦ CRC not fundamentally cryptographically secure unlike secure hash algorithms ♦ Key management kept out of the standard. – No secure mechanism to change Keys frequently. – Keys are set statically, shared or left at default values CS 6204, Spring 2005 9
Taxonomy of Security Attacks ♦ Passive Attacks – Does not modify content – Difficult to detect ♦ Active Attacks – Modifies the content – Detectable, but not necessarily preventable CS 6204, Spring 2005 10
802.11 Security Attacks ♦ Security features are not frequently enabled. The AP is not secure out of the box ♦ Passive eavesdropping - Can be launched from outside the building ♦ Traffic analysis - Open source tools (AirSnort, WEPcrack) available which sniff the traffic and crack the encryption keys. ♦ Active attack using systematically modified packets to see when the AP acknowledges ♦ Rouge AP which masquerades as legitimate one can collect passwords and other data. Often deployed by insiders without knowledge of IT staff ♦ Physical security of AP needed. Most can be reset with a pin and default passwords are widely know or are not enabled ♦ Denial of Service attacks by sending continuous jamming signal CS 6204, Spring 2005 11
Risk Mitigation ♦ Defense-in-depth ♦ Cost-benefit analysis of the methods ♦ Management Policies – Specify who can use and deploy WLAN – Specify limitations on access and physical security – Guidelines on reporting theft and loss of equipment – Guidelines on encryption and key management – Define scope and frequency of security audit CS 6204, Spring 2005 12
Risk Mitigation ♦ Operational Countermeasures – Provide Physical security to AP – Use Photo-ID, Biometrics, Smart cards to restrict access – Set the power and range of wireless equipment – Use tools to map wireless coverage ♦ Technical Countermeasures – AP configuration - change default password – Establishing the proper default encryption – Controlling reset function CS 6204, Spring 2005 13
Risk Mitigation ♦ Technical countermeasures – Using MAC ACL functionality – Change SSID. Disable the broadcast – Maximize Beacon Interval – Changing default cryptographic keys – Using SNMPv3 – Change default Channel (avoid interference) – Install all Software patches and upgrades – Third party security assessments CS 6204, Spring 2005 14
Risk Mitigation ♦ Use Personal Firewalls ♦ Intrusion Detection Systems should be used and properly configured ♦ Virtual Private Networks – Provides strongest protection – Based on higher layers (IPSec) CS 6204, Spring 2005 15
Emerging Security Standards ♦ WiFi Protected Access (WPA) – Not perfect. Short term measure – Can be implemented in software – 802.1X port-based access control. Provides a framework to allow the use of robust upper layer authentication protocols. – Integrated with RADIUS, Diameter, Kerberos – Temporal Key Integrity Protocol (TKIP) extends the IV space, allows for per-packet key construction, provides cryptographic integrity, and provides key derivation and distribution. ♦ 802.11 TG i is working on long term solution – Requires hardware and protocol changes – Enhanced AES based ciphers – Protects against forgeries, replay attacks CS 6204, Spring 2005 16
Wireless Personal Area Networks ♦ Eliminate cables between stationary and mobile devices – e.g. keyboard, mouse, speaker, printer, fax, head phones,PDA, Smart Phones… ♦ Facilitate both data and voice communication ♦ Ad-hoc networks and data synchronicity between devices – Two bluetooth laptops /PDA’s can exchange files CS 6204, Spring 2005 17
Bluetooth(802.15) Specs ♦ Physical Layer Frequency Hopping Spread Spectrum (FHSS). ♦ Frequency Band 2.4 – 2.4835 GHz (ISM band). ♦ Hop Frequency 1,600 hops/sec. ♦ Data Rate 1 Mbps (raw). Higher bit rates are anticipated. ♦ Data and Network Security: Three modes of security (none, link- level, and service level), two levels of device trust, and three levels of service security. Stream encryption for confidentiality, challenge- response for authentication. PIN-derived keys and limited management. ♦ Operating Range About 10 meters (30 feet); can be extended to 100 meters. ♦ Throughput Up to approximately 720 kbps. ♦ Positive Aspects: No wires and cables for many interfaces. Ability to penetrate walls and other obstacles. Costs are decreasing with a $5 cost projected. Low power and minimal hardware. ♦ Negative Aspects: Possibility for interference with other ISM band technologies. Relatively low data rates. Signals leak outside desired boundaries. CS 6204, Spring 2005 18
Bluetooth Security Features ♦ Frequency hopping makes eavesdropping slightly more difficult ♦ Range can be easily limited by power to safe distances ♦ Provides Authentication, Authorization and Confidentiality for the wireless portion of traffic ♦ Auditing or non-repudiation are not provided CS 6204, Spring 2005 19
Security Modes ♦ Security Mode 1 - No security ♦ Security Mode 2 - Service-level enforced security – Security Manager controls access to services and devices after a channel is established – Security Manager contains access control policies and can interface with other protocols and users ♦ Security Mode 3 - Link level enforced security – Devices are authenticated based on a shared secret link key – Unidirectional or mutual authentication is possible CS 6204, Spring 2005 20
Recommend
More recommend