Lecture 11 Wireless security
Jan 12, 2016
Lecture 11Wireless security
Wireless Networks Standard
• Wireless networks are standardized by IEEE.• Under 802 LAN MAN standards committee.
Application
Presentation
Session
Transport
Network
Data Link
Physical
ISO - OSI
Logical Link Control
Medium Access (MAC)
Physical (PHY)
IEEE 802 standards
DSSS
• Direct Sequence Signaling (DSSS)
• Using one of 11 overlapping 22MHz channels, multiply the data by an 11-bit number to spread the 1M-symbol/sec data over 11MHz. It use the 2.4 GHz band
• Requires RF linearity over 11MHz• Spreading yields processing gain at receiver• Less immune to interference
IEEE 802.11g
• Introduced in 2003
• Combine the feature of both standards (a,b)
• 100-150 feet range
• 54 Mbps Speed
• 2.4 GHz radio frequencies
• Compatible with ‘b’
3G WiFi
Standard WCDMA,CDMA2000 IEEE 802.11
Max Speed 2 Mbps 54 MbpsOperations Cell phone companies Individuals, WISP
License Yes NoCoverage Area Several km About 100m
Advantages Range, mobility Speed, cheapDisadvantages Relatively slow Expensive Short range
Comparison 3G versus WiFi
3G Wi-Max (Wider-Fi)
Standard WCDMA,CDMA2000 IEEE 802.16
Max Speed 2 Mbps 10 to 100 MbpsOperations Cell phone companies Individuals, WISP
License Yes Yes/NoCoverage Area Several km Several km
Advantages Range, mobility Speed, long range
Disadvantages Relatively slow Expensive Interference issues?
Comparison 3G versus WiMax
MITM Attack
1. Attacker spoofes a disassociate message from the victim
2. The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using the real AP’s MAC address
3. The attacker connects to the real AP using victim’s MAC address
WEP vs WPA vs WPA2
WEP WPA WPA2
Cript RC4 RC4 AES
Key rotation None Dynamic session keys
Dynamic session keys
Key distribution Manual inert over each device
Automatic distribution is possible
Automatic distribution is possible
Authentification Use WEP key 802.1x & EAP supported
802.1x & EAP supported
Authentification (802.1x / EAP)
• EAP - Extensible Authentication Protocol• 802.1X parte din 802.11i• Must certify the user not only the devices • Mutual authentification• 802.1x
– authentification– Key management
• EAP– Model
• Addition to the Wi-Fi Protected Access. – Used in internal network.
• Extra security for enterprise and government Wi-Fi LANs.• Several versions available.
DHCP Exchange
Filepeers
Controlle
d Port
Domain Controller
Certificate AuthoritySupplies client certs and
Certificate Revocation Lists (CRL)
EAP Connection
802.11/.1XAccess PointLaptop
Domain User/Machine
Certificate
ServerCertificate
RADIUS(IAS)
Uncontro
lled P
ort
802.1x
802.1x Access Control
• Designed as a general purpose network access control mechanism• Not Wi-Fi specific
• Authenticate each client connected to AP (for WLAN) or switch port (for Ethernet)
• Authentication is done with the RADIUS server, which ”tells” the access point whether access to controlled ports should be allowed or not• AP forces the user into an unauthorized state • user send an EAP start message• AP return an EAP message requesting the user’s identity• Identity send by user is then forwared to the authentication server by AP• Authentication server authenticate user and return an accept or reject
message back to the AP• If accept message is return, the AP changes the client’s state to
authorized and normal traffic flows
WLAN security methods comparision
Security typeSecurity
levelInstall &
maintenance
Integration & easiest to
use
WEP Static Low High High
IEEE 802.1X PEAP High Midle High
IEEE 802.1x TLS High Low High
References
• Mustafa Ergen, IEEE 802.11 Overview, http://wow.eecs.berkeley.edu/ergen/docs/IEEE-802.11overview.ppt
• Greg Goldman, Is for “Wireless Fidelity” or IEEE 802.11 Standard, http://www.khirman.com/files/image/ppt/WiFi.ppt
• tcil-india.com/new/new.../TCIL%2010%20WiFi%20Technology.ppt
No wireless is 100% secure!