Wireless Networks Security Tahani Qaisi
Dec 22, 2015
Wireless NetworksSecurity
Tahani Qaisi
Outlines• Introduction to wireless security• Modes of unauthorized access.• Security measures• Security risks• Implementing a secure network• Conclusion• references
Wireless Security
Security context between two (network) entities should provide• Authentication - to prove identity• Integrity - to detect altered packets• Privacy - to prevent eavesdropping
Wireless Security• Wireless security is the prevention of unauthorized access or damage to
computers using wireless networks.• The mobility advantage:
• Crackers have found wireless networks relatively easy to break into, and even use wireless technology to crack into wired networks.
• Wireless Intrusion Prevention Systems (WIPS)• Great number of security risks associated with the current wireless
protocols and encryption methods, as carelessness and ignorance exists at the user and corporate IT level.
• Cracking methods have become much more sophisticated and innovative with wireless.
Unauthorized AccessThere are four modes for unauthorized access: Accidental Associations:
When a user turns on a computer and it latches on to a wireless access point from a neighboring company’s overlapping network.
Non-traditional Networks: Such as personal network Bluetooth devices are not safe from cracking and should be regarded as a security risk.
Unauthorized Access Malicious Associations:• When the attackers use their wireless devices to connect
to a company network through their cracking laptop instead of a company access point (AP).
• These laptops are known as “soft APs” and are created when a cracker runs some software that makes his wireless network card look s like a legitimate access point.
Unauthorized Access Ad hoc Networks:• The security hole provided by Ad hoc networking is not the
Ad hoc network itself but the bridge it provides into other networks.
• Bridging is in two forms:• Direct: when the user actually configure the bridge
between the two connections.• Indirect: which is the shared resources on the user
computer, the critical data will be exposed to discovery, and will provide a route to the secured network.
Wireless intrusion prevention system
• (WIPS) is a network device that monitors the radio spectrum for the presence of unauthorized access points (intrusion detection), and can automatically take countermeasures (intrusion prevention).
• A wireless intrusion detection system (WIDS) monitors the radio spectrum used by wireless LANs, and immediately alerts a systems administrator whenever a rogue access point is detected. Conventionally it is achieved by comparing the MAC address of the participating wireless devices.
• A WIPS also includes features that prevent against the threat automatically.
Security Measures
• Default 802.11b Authentication Schemes • Service Set Identifier (SSID)• MAC ID filtering• Static IP addressing• Open Authentication (null)• Shared-Key Authentication
• Wired Equivalent Privacy (WEP)
• Temporal Key Integrity Protocol – TKIP• Remote Authentication Dial-In Service (RADIUS)• WPA (Wi-Fi Protected Access)• 802.11i security• WPAv2
Security Measures• SSID hiding:
A simple but ineffective method to attempt to secure a wireless network is to hide the SSID (Service Set Identifier).
• MAC ID filtering:One of the simplest techniques is to only allow access from known, pre-approved MAC addresses. Most wireless access points contain some type of MAC ID filtering.
• Static IP addressingTypical wireless access points provide IP addresses to clients via DHCP. Requiring clients to set their own addresses makes it more difficult for a casual or unsophisticated intruder to log onto the network, but provides little protection against a sophisticated attacker.
Security Measures • Open System Authentication
Any client can associate with AP• Null authentication algorithm• Consists of two messages
Authentication Request Authentication Response
Security Measures• Shared-Key Authentication
A shared secret (!) key to authenticate the client to the AP• Uses a challenge response protocol
– A random number as a challenge A simple Attack
• Record one challenge/response by a sniffer• Use the challenge to decrypt the response and recover the
key stream• Use the recovered key stream to encrypt any subsequent
challenge
STA
AP
Wired Equivalent Privacy (WEP)• Introduced in 1997 to provide “privacy of wire”
• Uses RC4 for encryption WEP Key + initialization vector (IV) are fed into a pseudorandom
number generator 40 bits or 128 bits (104 + 24 IV)
• The IV, Encrypted Message, and checksum are sent in the 802.11 packet
• IV is changed periodically Reuse of key streams
• No Key Management Protocol• Uses pre-shared static keys (PSK)
Manually distributed keys
802.11 WEP FrameIV
KEY ID802.11header
PayloadICV
(FCS)
Encrypted
UnencryptedICV is a CRC-32 checksum over the Payload (802 Header and the Data)
Security in WEP
Caffe Latte attack• The Caffe Latte attack is a way to defeat WEP. It is not
necessary for the attacker to be in the area of the network using this exploit, it is possible to obtain the WEP key from a remote client.
• By sending a flood of encrypted ARP requests, the assailant takes advantage of the shared key authentication and the message modification flaws in 802.11 WEP.
• The attacker uses the ARP responses to obtain the WEP key in less than 6 minutes.
Security Measures• Temporal Key Integrity Protocol – TKIP– Defined in IEEE 802.11i specs for WiFi networks to replace
WEP– Short-term solution to WEP
• Deployed on existing H/W– Uses a key scheme based on RC4 like WEP, but encrypts every data
packet with its own unique encryption key• Hashes IVs
– Encrypted IVs, not easy to sniff– IV sent as plaintext in weak WEP
• Message Integrity Check (MIC)– Provides per-packet key-mixing
TKIP cont..• MIC – Message Integrity Check
– Prevent Insertion Attack• Hacker can determine the encrypted value & the plaintext
– When results are XORed the PRGA streaming key is revealed
• Disable extracting the streaming key from the message
Security Measures• Remote Authentication Dial-In Server (RADIUS)– Authentication, Authorization, Accounting (AAA)– Originally developed for remote modem users by
Livingston Enterprises, 1997– Responsible for authenticating remote connections – Provide authorization to network resources– Logging for accountability purposes– Controls various aspects of authorization
• Time-limits• Re-keying
– Many RADIUS servers use EAP
EAP• The Extensible Authentication Protocol (EAP), defined in RFC
2284.• EAP provides support of multiple authentication methods by
using anything from smartcards to digital certificates to authenticate a user, instead of using a username and password.
• Originally created for use with PPP• Inherent weaknesses:– Lack of protection of the user identity or EAP negotiation– No standardized mechanism for key exchange– No built-in support for fragmentation and reassembly– Lack of support for fast reconnect
Some Authentication Protocols• EAP-TLS (Transport Level Security)
– a TLS handshake is used to mutually authenticate a client and server• EAP-TTLS extends this (Tunneled TLS)
– Uses the secure connection established by the TLS handshake to perform additional authentication, such as another EAP or another authentication protocol such as CHAP
– Establish keying material • PEAP (Protected EAP)
– Similar to EAP-TTLS but only allows EAP for authentication– Also has key exchange, session resumption, fragmentation and
reassembly
WTLS’s Security Problems Security GAP
• reason: WTLS session exists only between the WAP device and the Gateway.
Solutions:• Place Gateway and the back-end system within a secure
environment.• Provide integrity protection on information(digital signatures).
Challenge Message
• Authentication depends on a secret key known only to authenticator and client
• Radius server sends challenge to client via access point• This challenge packet will vary for each authentication attempt• The challenge is pulled from information contained a table of known
secrets• New challenge can be sent at intervals based on Radius server
settings, or upon client roaming
Calculated Hash
• Client responds with a calculated value using a “one way hash” function
• This value is derived from a known secrets list
Start
Authentication Granted/Denied
• Radius server checks response against it own calculated hash
• If it matches, then authentication is acknowledged to AP and client
• If authentication is not achieved, the AP will not permit any traffic for that client to pass
Access AllowedAccess Allowed
Radius Server
AssociationLaptop
Computer
Wireless
Access BlockedAccess Blocked
EAPOL-Start
EAP-Request/Identity
EAP-Response/Identity
EAP-Request
Radius-Access-Request
Radius-Access-Challenge
EAP-Response (Cred) Radius-Access-Request
EAP-Success Radius-Access-Accept
RadiusEAPOW
802.11802.11 Associate
EAPOW-Key (WEP)
Access Point
Ethernet
Wi-Fi Protected Access (WPA)• Wi-Fi Protected Access
– Works with 802.11b, a and g• “Fixes” WEP’s problems• Existing hardware can be used• 802.1x user-level authentication• TKIP
– RC4 session-based dynamic encryption keys– Per-packet key derivation– Unicast and broadcast key management– New 48 bit IV with new sequencing method– Michael 8 byte message integrity code (MIC)
• Optional AES support to replace RC4
WPA• Created by Wi-Fi Alliance• Used basic outline of 802.11i (partly implemented of 802.11i)• 802.11i requires more powerful H/W for AES• Instead, employ a software/firmware upgrade• Michael Algorithm
802.11i• WPA2 Robust Security Network extends WPA– Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol (CCMP)– Based on a mode of AES, with 128 bits keys and 48 bit IV.– Also adds dynamic negotiation of authentication and
encryption algorithms– Allows for future change
• Does require new hardware• Not backward compatible with WEP
WEP vs. WPA• Poor encryption
• 40 bit keys• Keys are static and shared• Manual key distribution• WEP key is used for
authentication and encryption
• No known flaws in encryption• 128-bit keys• Session keys are dynamic• Automatic key distribution• 802.1x/EAP user authentication
WPA and 802.1x• 802.1x is a general purpose network access control mechanism
– Port based network access• Provides Authentication to devices attached to a LAN port
– Establishes point-to-point connection– Based on EAP
• WPA has two modes– Pre-shared mode, uses pre-shared keys– Enterprise mode, uses Extensible Authentication Protocol (EAP) with a RADIUS
server making the authentication decision– EAP is a transport for authentication, not authentication itself– EAP allows arbitrary authentication methods
Practical WAP Attacks• Dictionary attack on pre-shared key mode• Denial of service attack– If WPA equipment sees two packets with invalid MICs in 1
second• All clients are disassociated• All activity stopped for one minute• Two malicious packets a minute enough to stop a
wireless network
Typical WLAN Attacks• WEP Cracking• MAC Attack• Man-in-the-Middle Attack (Rogue AP)• Dictionary Attack• Session Hijacking• Denial-of-Service (DoS)
WEP Cracking• Static Encryption Keys– Periodical & manual change on all devices
• Manually Distributed Keys• Key stream Reuse• RC4 Key Scheduling Algorithm• Message Authentication
• Solutions: – Authentication mechanisms using VPN– AES like advanced encryption methods
MAC Attack• Same as WEP cracking• Address spoofing• MAC Filtering won’t work
• Solution: authentication mechanisms such as 802.1x or VPN
Man-in-the-Middle Attack• Rogue AP• Capture Necessary Info– Network’s SSID– IP addresses– Wireless NIC’s association ID– Re-associate user’s NIC with bogus AP– Access to all data b/w them, including login info
• Solution: VPN and authentication mechanisms
Dictionary Attack• Relies on conventional names & words being used as
login name & password• Gathers a challenge & response exchange from a
password-based protocol.• Use of open source tools to decrypt login information
• Solutions: – Use a combination of letters and numbers– Use authentication mechanisms as 802.1x or VPN
Session Hijacking• Insertion attacks• Redirect the session from a legitimate end point• Set up an access point• WLAN clients try to connect by sending their authentication
information
• Solution: Authentication mechanisms 802.1X and VPN
Denial-of-Service (DoS) Attack
• Flooding APs with illegitimate traffic• Overwhelm available bandwidth• Slow or Stop legitimate users from accessing the network
• Solution: MAC filtering
Secure Implementation1. Implement Strong Physical Security Controls 2. Avoid Excessive Coverage of Wireless Networks 3. Secure Access Points 4. Use Non-suggestive Service Set Identifier (SSID) Naming
Conventions 5. Disable Direct Client-to-Client “Ad-Hoc Mode” Transmissions 6. Keep Security Patches Up-to-date 7. Employ MAC Address Filtering on Access Points 8. Deploy Wireless Intrusion Detection Systems
Conclusion• 802.11 is insecure:
– 802.11 encryption is readily breakable, and 50-70% of networks never even turn on encryption.
– Hackers are exploiting these weaknesses in the field.• Today wireless networks are helping and definitely providing the
opportunity to cut costs, to increase the productivity and mobility.• The key to keep up and creating a security wireless network is take in
consideration the security measures.
References
• www.en.wikipedia.org/wiki/Wireless_security• Frankel, Sheila, et al. "Establishing wireless robust
security networks: a guide to IEEE 802.11 i." National Institute of Standards and Technology (2007).
• http://www.metageek.net/blog/2012/12/wireless-security-basics/
• Karygiannis, Tom, and Les Owens. "Wireless network security." NIST special publication 800 (2002): 48.
• http://en.wikipedia.org/wiki/IEEE_802.1X• http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy