Security for (Wireless) LANs [email protected] 802.1X workshop 30 & 31 March 2004 Amsterdam.

Security for (Wireless) LANs

[email protected] workshop30 & 31 March 2004Amsterdam

2

Program Workshop

• Security for (W)LANs – Klaas Wierenga• 802.1X client side – Tom Rixom• Coffee• 802.1X server side – Paul Dekkers• Lunch• Hands-on

3

TOC

• Background • Threats• Requirements• Solutions for today• Solutions for tomorrow• Conclusion

4

Background

AccessProvider

POTS

Institution A

WLAN

Institution B

WLAN

AccessProvider

ADSL

International connectivity

AccessProviderWLAN

AccessProvider

GPRS

SURFnet backbone

5

Threats

• Mac-address and SSID discovery– TCPdump– Ethereal

• WEP cracking– Kismet– Airsnort

• Man-in-the-middle attacks

6

Example: Kismet+Airsnort

root@ibook:~# tcpdump -n -i eth1

19:52:08.995104 10.0.1.2 > 10.0.1.1: icmp: echo request

19:52:08.996412 10.0.1.1 > 10.0.1.2: icmp: echo reply

19:52:08.997961 10.0.1.2 > 10.0.1.1: icmp: echo request

19:52:08.999220 10.0.1.1 > 10.0.1.2: icmp: echo reply

19:52:09.000581 10.0.1.2 > 10.0.1.1: icmp: echo request

19:52:09.003162 10.0.1.1 > 10.0.1.2: icmp: echo reply ^C

7

Requirements

• Identify users uniquely at the edge of the network– No session hijacking

• Allow for guest usage• Scalable

– Local user administration and authN!– Using existing RADIUS infrastructure

• Easy to install and use• Open

– Support for all common OSes– Vendor independent

• Secure

• After proper AuthN open connectivity

8

Solutions for today

• Open access • MAC-address• WEP

European NRENs:• Web-gateway• PPPoE• VPN-gateway• 802.1X

9

Open network

• Open ethernet connectivity, IP-address via DHCP

• No client software (DHCP ubiquitous)• No access control• Network is open (sniffing easy, every client

and server on LAN is available)

10

Open network + MAC authentication

• Same as open, but MAC-address is verified• No client software• Administrative burden of MAC address tables• MAC addresses easy spoofable• Guest usage hard (impossible)

11

WEP

• Layer 2 encryption between Client en Access Point

• Client must know (static) WEP-key• Administrative burden on WEP-key change• Some WEP-keys are easy to crack (some less

easy)• Not secure

12

Open network + web gateway

• Open (limited) network, gateway between (W)LAN and de rest of the network intercepts all traffic (session intercept)

• Can use a RADIUS backend• Guest use easy• Browser necessary• Hard to make secure

13

Example: FUNET

Internet

Public Access Network

Public AccessController

AAAServer

WWW-browser

1.

2.

3.

4.

5.

14

Open netwerk + VPN Gateway

• Open (limited) network, client must authenticate on a VPN-concentrator to get to rest of the network

• Client software needed• Proprietary (unless IPsec or PPPoE)• Hard to scale • VPN-concentrators are expensive• Guest use hard (sometimes VPN in VPN)• All traffic encrypted

15

Example: SWITCH and Uni Bremen

16

IEEE 802.1X

• True port based access solution (Layer 2) between client and AP/switch

• Several available authentication-mechanisms (EAP-MD5, MS-CHAPv2, EAP-SIM, EAP-TLS, EAP-TTLS, PEAP)

• Standardised• Also encrypts all data, using dynamic keys• RADIUS back end:

– Scaleable– Re-use existing Trust relationships

• Easy integration with dynamic VLAN assignment• Client software necessary (OS-built in or third-party)• Both for wireless AND wired

17

How does 802.1X work (in combination with 802.1Q)?

data

signalling

EAPOL EAP over RADIUS

f.i. LDAP

RADIUS server

Institution A

Internet

Authenticator

(AP or switch) User DB

[email protected]_a.nl

StudentVLAN

GuestVLAN

EmployeeVLAN

Supplicant

18

Through the protocol stack

EAPEAP

EthernetEthernet

EAPOLEAPOL RADIUS (TCP/IP)

RADIUS (TCP/IP)

80

2.1

XAuth. Server

(RADIUS server)

Authenticator

(AccessPoint,

Switch)

Supplicant

(laptop,

desktop)

EthernetEthernet

19

EAP-typesTopic EAP MD5 LEAP EAP TLS PEAP EAP TTLS

Security Solution Standards-based

Proprietary Standards-based

Standards-based

Standards-based

Certificates – Client No n/a Yes No No

Certificates – Server No n/a Yes Yes Yes

Credential Security None Weak Strong Strong Strong

Supported Authentication Databases

Requires clear-text database

Active Directory,NT Domains

Active Directory, LDAP etc.

Active Directory, NT Domain, Token Systems, SQL, LDAP etc.

Active Directory, LDAP, SQL, plain password files, Token Systems etc.

Dynamic Key Exchange

No Yes Yes Yes Yes

Mutual Authentication

No Yes Yes Yes Yes

20

Available supplicants

• Win98, ME: FUNK, Meetinghouse• Win2k, XP: FUNK, Meetinghouse, MS (+SecureW2)• MacOS: Meetinghouse• Linux: Meetinghouse, Open1X• BSD: under development• PocketPC: Meetinghouse, MS (+SecureW2)• Palm: Meetinghouse

21

Example: SURFnet

RADIUS server

Institution B

RADIUS server

Institution A

Internet

Central RADIUS

Proxy server

Authenticator

(AP or switch) User DB

User DB

Supplicant

Guest

piet@institution_b.nl

StudentVLAN

GuestVLAN

EmployeeVLAN

data

signalling

22

FCCN

RADIUS Proxy servers connecting to a European level RADIUS proxy server

University of Southampton

• Participation guidelines are being drafted

• Aim is to increase membership. Spain, Norway, Slovenia, Czech Republic & Greece have indicated their willingness to join.

SURFnet

FUNET

(DFN)

CARnet

Radius proxy hierarchy

23

Solutions for tomorrow

• 802.11a|b|g• 802.16 (WiMax), 802.20

• IPv6

• MobileIPv6

• WPA (pre standard 802.11i, TKIP)• 802.11i: 802.1x + TKIP+ AES

24

Conclusion

• You can make it safe• One size doesn’t fit all (yet?)• There is convergence in Europe• 802.1X is the future proof solution

• It’s all about scalability, i.e. size does matter

25

More information

• SURFnet and 802.1X– http://www.surfnet.nl/innovatie/wlan

• TERENA TF-Mobility– http://www.terena.nl/mobility

• The unofficial IEEE802.11 security page– http://www.drizzle.com/~aboba/IEEE/