Download - By Sean Fisk. Not a new technology Inherently insecure In recent years, increased popularity
Wireless Encryption SchemesBy Sean Fisk
Wireless Communication Not a new technology Inherently insecure In recent years, increased popularity
Encryption Symmetric key Public key
Symmetric Key Cryptography
Only known type until 1976 Shared secret Secure exchange
Symmetric Key Ciphers Block cipher
• Fixed length• Joining protocols
Stream cipher• Variable length
Asymmetric Key Public key
• Diffie and Hellman in 1976• Message is encrypted with public key• Can only be decrypted with private key
Public Key Security Computational complexity of
mathematical problems Diffie-Hellman
• Discrete logarithm problem Rivest, Shamir, and Adleman (RSA)
• Integer factorization problem
Combined Use Public key encryption is much slower
than symmetric key encryption Diffie-Hellman Key Exchange protocol
Wired Equivalent Privacy “The main intention of the WEP was
not to provide a level of security superior to or higher than that of a wired LAN, but equivalent to it.” (Bulbul, Batmaz and Ozel)
WEP Encryption Rivest’s Cipher 4 (RC4)
• 64-bit 40-bit WEP key 24-bit Initialization Vector
Cyclic Redundancy Code (CRC)
WEP Weaknesses CRC not intended for message
integrity Key too short Key as direct input to cipher Initialization vector
• Interesting values
Wi-Fi Protected Access Run on same hardware Temporal Key Integrity Protocol (TKIP) Still uses RC4 cipher
• 128-bit key Message Integrity Code replaces CRC Exstensible Authentication Protocol
• Uses public key encryption
WPA Weaknesses Continuation of RC4 cipher
• First few bytes are strongly non-random (Fluhrer, Mantin, Shamir)
Robust Security Networks Also known as WPA2 Advanced Encryption Standard
• Joined with CCMP Continues use of EAP
Encryption Standards Data Encryption Standard Advanced Encryption Standard Standardized by National Institute of
Standards and Technology (NIST)
Data Encryption Standard Symmetric, block cipher 56-bit key Feistel function “In 1999, the Electronic Frontier
Foundation’s ‘Deep Crack’ machine, in combination with distributed.net, successfully solved RSA’s DES Challenge III in 22 hours and 15 minutes.” (RSA Labs)
Triple DES
Advanced Encryption Standard
Public competition• 5 year process• 15 ciphers• Winner: Rijndael by Daemen and Rijmen
Symmetric, block cipher 128, 192, or 256-bit key
Virutal Private Networking End-to-end encryption Trusted endpoints Wireless hotspots
References Bulbul, Halil Ibrahim, Ihsan Batmaz and Mesut Ozel.
"Wireless network security: comparison of WEP (Wired Equivalent Privacy) mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) security protocols
dlaverty. WPA vs WPA2 (802.11i): How your Choice Affects your Wireless Network Security.
Fluhrer, Scott, Adi Shami and Itsik Mantin. Weaknesses in the Key Scheduling Algorithm of RC4.
Masadeh, S.R., et al. "A comparison of data encryption algorithms with the proposed algorithm: Wireless security.“
National Institute of Standards and Technology. "FIPS 197 - Advanced Encryption Standard.“
RSA Labs. 2010. 31 January 2011 <http://www.rsa.com/rsalabs/node.asp?id=2100>.