CS549 Chapter 13 Notes

8/10/2019 CS549 Chapter 13 Notes

1/25

Cryptography and Network Security 1

CS549:Cryptography and NetworkSecurity

by Xiang-Yang Li

Department of Computer Science,IIT


2/25


Notice

This lecture note (Cryptography and Network Security) is prepared byXiang-Yang Li. This lecture note has benefited from numeroustextbooks and online materials. Especially the Cryptography andNetwork Security 2nd edition by William Stallings and theCryptography: Theory and Practice by Douglas Stinson.

You may not modify, publish, or sell, reproduce, create derivativeworks from, distribute, perform, display, or in any way exploit anyof the content, in whole or in part, except as otherwise expresslypermitted by the author.

The author has used his best efforts in preparing this lecture note.The author makes no warranty of any kind, expressed or implied,

with regard to the programs, protocols contained in this lecturenote. The author shall not be liable in any event for incidental orconsequential damages in connection with, or arising out of, thefurnishing, performance, or use of these.


3/25


Cryptography & Network Security

Wireless LAN SecurityRoad to 802.11i

Xiangyang Li


4/25


Contents

Introduction Problem: 802.11b Not Secure! Wired Equivalent Privacy WEP Types of Attacks

802.11b Proposed Solutions 802.1X Wi-Fi Protected Access (WPA) 802.11i: The Solution

Conclusion


5/25


Introduction

Popular in offices, homes and public spaces(airport, coffee shop)

Most popular: 802.11b Example: Yahoo! DSL Wireless Kit

Theoretical max @ 11Mbps

Operate at 2.4GHz band

DSSS/FSSS modulationsimilar to CDMA phones


6/25


Introduction

Standards: IEEE 802.11 Series 802.11b11Mbps @ 2.4GHz

802.11a54Mbps @ 5.7GHz band

802.11g54Mbps @ 2.4GHz band 802.1Xsecurity add-on

802.11i high security


7/25


Problem: 802.11b Not Secure!

No inherent security WiredWireless media change was the objective

Wired Equivalent Privacy (WEP) The only security built into 802.11

Uses RC4 Stream Cipherin a bad way

Vulnerable to several types of attacks

Sometimes not even turned ON


8/25


9/25


Wired Equivalent Privacy WEP

RC4 Key Stream Encryption (source:

http://mason.gmu.edu/~gharm/wireless.html)


10/25


Types of Attacks

AttacksConfidentiality

Integrity

Availability


11/25


Types of Attacks

Attacks on Confidentiality Traffic Analysis

Passive Eavesdropping

Very easy to do Active Eavesdropping

Unauthorized Access


12/25


Types of Attacks

Attacks on Confidentiality and/orIntegrity Man-In-The-Middle

Attacks on Integrity Session Hijacking

Replay

Attacks on Availability Denial of Service


13/25


802.11b Proposed Solutions

Virtual Private Network

Closed Network Through the use of SSID

Ethernet MAC address control lists Replace RC4 with block cipher

Dont reuse IV

Automatic Key Assignment


14/25


802.1X: Interim Solution

Port-based authenticationNot specific to wireless networks

Authentication servers RADIUS

Client authentication EAP


15/25


802.1X Problems

802.1X still has problems Extensible Authentication Protocol (EAP)

One-way authentication

Attacks Man-in-Middle

Session Hijacking


16/25


802.1X Proposed Solutions

Per-packet authenticity and integrity Lots of overhead

Authenticity and integrity of EAPOL

messages Two-way authentication


17/25


Wi-Fi Protected Access (WPA)

Addresses issues with WEP Key management

TKIP

Key expansion Message Integrity Check

Software upgrade only

Compatible with 802.1X

Compatible with 802.11i


18/25


802.11i

Finalized: June, 2004

Robust Security Network

Wi-Fi Alliance: WPA2

Improvements made Authentication enhanced

Key Management created

Data Transfer security enhanced


19/25


802.11i - Authentication

Authentication Server

Two-way authentication Prevents man-in-the-middle attacks

Master Key (MK)

Pairwise Master Key (PMK)


20/25


802.11i Key Management

Key Types Pairwise Transient Key

Key Confirmation Key

Key Encryption Key Group Transient Key

Temporal Key


21/25


802.11i Key Management

Source: http://csrc.nist.gov/wireless/S10_802.11i%20Overview-jw1.pdf
mailto:[email protected]:[email protected]:[email protected]:[email protected]


22/25


802.11i Data Transfer

CCMP Long term solutionmandatory for 802.11i

compliance

Latest AES encryption Requires hardware upgrades

WRAP Provided for early vendor support

TKIP Carried over from WPA


23/25


802.11i Additional Enhancements

Pre-authentication Roaming clients

Client Validation

Password-to-key mappings Random number generation


24/25


Conclusion

Basic 802.11b (with WEP) Massive security holes

Easily attacked

802.1X Good interim solution

Allows use of existing hardware

Can still be attacked


25/25


Conclusion

Wi-Fi Protected Access Allows use of existing hardware

Compatible with 802.1X

Compatible with 802.11i 802.11i

May require hardware upgrades

Very secure

Nothing is ever guaranteed

Documents

CS549 Chapter 13 Notes