Wireless & Network Security 1 Kemal Akkaya

Department of Computer ScienceSouthern Illinois University Carbondale

Wireless and Network SecurityLecture 9: IEEE 802.11 Security - 2

Dr. Kemal AkkayaE-mail: kemal@cs.siu.edu

Wireless & Network Security 2 Kemal Akkaya

How about using Virtual Private Networking (VPN) for better Security?

Deploying a secure VPN over a wireless network can greatly increase the security of your data

Idea behind this is to treat the wireless network the same as an insecure wired network (the internet). Any user get authenticates through a server Can use the network as if he/she is on the network

Campus network, business etc.

Not a good solution: Overhead

Deployment Performance

Susceptible to denial of service (DOS) attacks, along with any attack against the specific VPN

Wireless & Network Security 3 Kemal Akkaya

Solutions for better IEEE 802.11 Security

IEEE 802.1x Per-user authentication Key distribution mechanism

Wi-Fi Protected Access (WPA) Proposed in 2003 Subset of 802.11i Two forms:

802.1x + EAP + TKIP + MIC Pre-shared Key + TKIP + MIC

IEEE 802.11i – WPA2 802.1x + EAP + AES + CCM

But WEP is still in wide use

802.11i

WPA

802.1x

Wireless & Network Security 4 Kemal Akkaya

IEEE 802.1X 802.1X is a port-based, layer 2 (MAC address layer)

authentication framework on IEEE 802 networks. Uses EAP (Extensible Authentication Protocol) for

implementation It works along with the 802.11 protocol to manage

authentication for WLAN clients Centralized authentication All clients go through APs

Interoperability: Can work along with NICs running WEP Three main components:

Supplicant Authenticator Authentication Server

Wireless & Network Security 5 Kemal Akkaya

IEEE 802.1X Authentication ProcessClient makes an association with APAP places client in an unauthenticated holding

area; AP sends an authentication request to clientClient sends user ID to AP, which forwards it to

serverServer sends challenge via AP to client

Challenge type up to vendorSecret info is not sent over air in plaintext

Client responds to challengeServer verifies response, provides fresh session

keys

Wireless & Network Security 6 Kemal Akkaya

IEEE 802.1X Authentication Process Authentication session

Auth Server“RADIUS”

APClient

Let me in!

What’s your ID?

ID = xxx@yyy.localIs xxx@yyy.local OK?

Prove to me that you are xxx@yyy.local

The answer is “xxx”

Let him in. Here is the session key.

Come in. Here is the session key.

http://www.yahoo.comnetwork

EAP Challenge/Authentication

Encryptedsession

Wireless & Network Security 7 Kemal Akkaya

WPA (Wi-Fi Protected Access) Pre-standard subset of IEEE 802.11i Interim solution to run on existing wireless hardware Uses Temporal Key Integrity Protocol (TKIP) for data

encryption and confidentiality On October 31, 2002, the Wi-Fi Alliance endorsed TKIP under the

name Wi-Fi Protected Access (WPA). TKIP Changes

Still uses RC4, 128 bits for encryption Key mixing function for combining the secret root key with the IV

Merely concatenation in WEP Provisions for changing base keys

Secret part of encryption key changed in every packet Avoids weak keys IV acts as a sequence counter

Starts at 0, increments by 1 Against replay attacks Packets received out of order will be rejected by the AP

Wireless & Network Security 8 Kemal Akkaya

WPA Changes for Integrity

Includes Michael: a Message Integrity Code (MIC) 64 bits Replaces the CRC Different keys for MIC and encryption Observer cannot create new MIC to mask changes to data Computationally Efficient

Increases IV from 24 bits to 64 bits 900 years to repeat an IV at 10k packets/sec For WEP this is done in 30 mins

Authentication 2 forms based on 802.1X:

Per-user based: Public key Pre-shared key: same key – WPA-PSK

Wireless & Network Security 9 Kemal Akkaya

Final Standard: 802.11i The long-awaited security standard for wireless

Ratified in June 2004 Also known as WPA2 for the market Another name is Robust Security Network (RSN) Hardware manufactured before 2002 is likely to be

unsupported AES requires a new dedicated chip

From March 2006, WPA2 certification is mandatory for all new devices

Addresses the main problems in WEP Components:

802.1X based Authentication CCMP (Counter Mode with Cipher Block Chaining Message

Authentication Code Protocol) RSN based associations

Wireless & Network Security 10 Kemal Akkaya

More WPA2 CCMP

Uses Advanced Encryption Standard (AES) Unlike in TKIP, key management and message integrity is handled

by a single component built around AES using a 128-bit key and a 128-bit block.

Uses CCM Encrypts data and MIC

Key Caching Skips re-entering of the user credential by storing the host

information on the network APs can store keys Fast re-connection

Pre-authentication If previously authenticated

Allows client to become authenticated with an AP before moving to it Uses previous authentication info

Useful in encrypted VoIP over Wi-Fi Fast Roaming

Wireless & Network Security 11 Kemal Akkaya

802.11i Summary