Security of WLAN

WLAN Security

Doc.dr.sc. Sabina Baraković

CSA 585 Wireless Security

Topics

Introduction to WLAN

Basics on WLANs

Wired Equivalent Privacy – WEP

Attacks Targeting WLANs

WiFi Protected Access

Sarajevo, 2015 2

INTRODUCTION TO WLAN

Sarajevo, 2015 3

Introduction to WLAN

Sarajevo, 2015 4

WLAN is a network designed as an enhancement to wired LAN using the radio technology

WLAN combines data connectivity with user mobility, while offering cost advantages over wired networks

A WLAN offers important advantages with respect to wired networks

A WLAN allows the mobile terminals to be fully mobile as long as they remain within the radio range

The setting of a WLAN network is an easy and fast process

A WLAN avoids the load of having cables between the mobile terminals

Introduction to WLAN

Sarajevo, 2015 5

A WLAN includes drawbacks

The power of the radio signal goes weaker with the distance to the WLAN access point

The functioning of the network is highly influenced by the environment it is expected to work in (absorption, reflection and interference of radio waves)

The data rate is often lower than the rate provided by the wired networks, because of the limitation of the radio range, the possibility of interference occurrences, and the quasi omnipresence of packet collisions

A WLAN does not allow transmitting and listening on the same channel and at the same time (limitations of the medium)

The mobile terminals attached to a WLAN have limited batteries and computation power, which can generate high communication latency

WLANs are inherently less secure as data is transmitted over radio links

Security in WLAN

Sarajevo, 2015 6

Security mechanisms implemented for WLAN systems are

deployed at layer two and three

The mechanisms implemented at layer two aims to provide the

wire equivalent privacy

Several protocols have been developed; they differ sensibly from

one WLAN technology to another

The security services provided at layer three include support for

secure IP mobility, roaming between different domains, and

user’s authentication

Security in WLAN

Sarajevo, 2015 7

Security mechanisms are required to avoid threats in a cost effective way

The most important security services that can be considered for WLAN networks include confidentiality, authentication of users, authentication of access points, data integrity, non-repudiation of origin, non-repudiation of delivery, auditing and logging, denial of service prevention, and traffic flow analysis prevention

This set of services can be complemented by mechanisms for host security, data driven attack prevention, and organizational security policies

BASICS OF WLANs

Sarajevo, 2015 8

802.11

Sarajevo, 2015 9

802.11 is standard for wireless networking

Extensions to 802.11

802.11d – adds additional regulatory domains for other countries

802.11e – adds QoS enhancements for multimedia and VoIP

802.11f – Internet-Access Point Protocol for roaming between base stations

802.11h – adds dynamic frequency selection for Europe

802.11i – adds security enhancements

802.11j – same as 802.11h, but for Japan

WLAN Basic Infrastructure

Sarajevo, 2015 10

DCF Basic Access Mechanisms

Sarajevo, 2015 11

Sarajevo, 2015 12

WIRED EQUIVALENT PRIVACY - WEP

Sarajevo, 2015 13

Wired Equivalent Privacy - WEP

Sarajevo, 2015 14

WEP is the security solution adopted by the early versions of

802.11 standards

Provides a security level equivalent to the one provided by the

wired LAN in terms of protection of network access

WLAN present two major security vulnerabilities:

Wireless signals are broadcasted and may be easily eavesdropped

Connecting to a WLAN does not require a physical access; Malicious users may easily

connect to APs

In order to address the WLAN vulnerabilities, WEP protocol

encrypts the transmitted messages and authenticates the mobile

users before giving them access to the wireless LAN

WEP Vulnerabilities

Sarajevo, 2015 15

WEP considers only the authentication of mobile stations without requiring the authentication of the AP

The authentication procedure is vulnerable to message injection attacks, thus enabling identity spoofing attacks

WEP does not define how to securely maintain a key base and renew the keys for a better security (the same key is used for authentication and confidentiality services)

Complicated administration of keys at the AP

The integrity of the WEP encrypted messages is easily compromised

WEP architecture does not integrate a mechanism for replayed messages detection

The confidentiality of WEP encrypted messages can be easily compromised

ATTACKS TARGETING WLANs

Sarajevo, 2015 16

Denial of Service Attacks

Sarajevo, 2015 17

WLAN is vulnerable to network-level DoS attacks since allows any client to

associate

802.11 network is a shared medium and a malicious user can flood the network

with traffic, denying access to other devices associated to the targeted access

point

DoS at WLAN can occur due to large file transfers or bandwidth-intense

applications

At the data-link layer, ubiquitous access to the medium again creates new

opportunities for DoS attacks

With wired equivalent privacy (WEP) turned on, an attacker has access to the link layer

information and can perform some DoS attacks

Without WEP, the attacker has full access to manipulate associations between the MS and AP

If the user is not using WEP, he/she is vulnerable to DoS attacks from spoofed APs

Man-in-the-Middle Attacks

Two main forms:

Eavesdropping – occurs when an attacker receives a data communication

stream

Manipulation – an attacker has the ability to receive the victim‘s data and

to retransmit the data after changing it

Sarajevo, 2015 18

Message Modification and Injection

Sarajevo, 2015 19

Messages encrypted by WEP can be modified without detection

Defense against the attack is to disallow the reuse of an initial

vector in multiple packets and require that all receivers enforce

this interdiction

802.11 does not do this although it recommends it

Message Decryption

Sarajevo, 2015 20

An attacker can decrypt messages sent over the air

The idea is to mislead the AP into decrypting some cipher-text for the attacker

IP redirection

The attack can be used when the WEP access point acts as an IP router with Internet connectivity

The idea is to sniff an encrypted packet off the air and use an attack to modify it so that it has a new

destination address that the attacker can control

The AP will decrypt the packet and send it to its new destination

The modified packet will flow from the WLAN to the Internet without being stopped by a firewall

Once it reaches the destination, the attacker can read the packet in the clear

The easiest way to modify the destination IP address is to figure out the original destination IP

address is and modify it

The attacker needs to ensure that the IP checksum in the modified packet is still correct

Message Decryption

Sarajevo, 2015 21

Reaction attacks

Are performed when WEP is used to protect TCP/IP traffic

Do not require connection to the Internet

The attacker monitors the reaction of a recipient of TCP packet and uses what he/she collects to infer information about the unknown plaintext

The attack relies on the fact that a TCP packet is accepted only if the TCP checksum is correct, and when it is accepted, an acknowledgment packet is sent in response

The acknowledgment packets are easily identified by their size, without requiring any effort of decryption

The reaction of the recipient will disclose whether the TCP checksum was valid when the packet was decrypted

WiFi PROTECTED ACCESS

Sarajevo, 2015 22

WiFi Protected Access

Sarajevo, 2015 23

WiFi alliance used ready portions of 802.11i standard to define WPA to overcome the design weaknesses of the WEP architecture while proposing an effective key distribution method

WPA introduces Temporal Key Integrity Protocol (TKIP) which introduces message integrity check as it provided a good integrity level without requiring a lot of computing resources

Uses 128-bit keys and implements a key management method

Provides confidentiality and integrity services

Two versions of WPA:

WPA per-user based security designed for enterprises

WPA pre-shared key mode designed for consumers

Extensible Authentication Protocol - EAP

Sarajevo, 2015 24

EAP defines the messages to exchange at the data link layer level in order to authenticate users

Involves:

Lower layer - monitors the transmission and the reception of the data frames in the correct order between the peer and the authenticator

EAP layer - guarantees a reliable transmission of the EAP packets via the lower layer and delivers and receives EAP messages to and from the EAP peer and authenticator layers

EAP peer and authenticator layers – receive EAP packets and EAP response

EAP method layer – implements the authentication algorithms and receive and transmit EAP messages via EAP peer and authentication layers; implements the authentication logic and determines whether the supplicant is a legitimate user

Comparison between WEP and WPA

Sarajevo, 2015 25

IEEE 802.11i and WPA2

Sarajevo, 2015 26

In addition to TKIP encryption and 802.1x/EAP authentications

supports Advanced Encryption Standard (AES) which will secure the

communication between mobile users operating in the ad hoc mode

May secure the devices implementing the IEEE 802.11b, IEEE 802.11a

and IEEE 802.11g versions but requires hardware upgrade

WPA and WPA2 Vulnerabilities

Sarajevo, 2015 27

Weak password

WPA packet spoofing and decryption

WPS PIN recovery

MS-CHAPv2

Hole196

THANK YOU FOR ATTENTION!

Sarajevo, 2015 28