project proposal: security threats for wireless devices matt fratkin april 11 th, 2005 e6886
Post on 22-Dec-2015
216 views
TRANSCRIPT
Project Overview
To investigate the current security threats among Wireless LANS, Wireless Personal Area Networks (Bluetooth), and Wireless Handheld devices
To describe the various problems associated with the built in security features for each of these devices
Wireless Technology Overview
Wireless technology can be defined as the ability for more than one device to communicate with each other without having any sort of physical connection
Wireless Technology Threats Overview
Since wireless technology does not use cables for transmission, it relies on radio frequencies to transmit the data
This makes it susceptible for intruders to intercept the signal and interfere with it how ever they want whether it be eavesdropping, stealing information, or causing damage to the network
Wireless LANs Overview
Connects user’s computers to the network using an access point device
The access point connects with devices equipped with wireless network adapters (wired Ethernet LAN via an RJ-45 port)
These access points usually have coverage areas of up to 300 feet
Some of these access points can be linked together so users can remained linked through multiple access points
Wireless Personal Area Networks Overview (Bluetooth) These are networks that are supposed to dynamically
connect devices such as cell phones, laptops, PDAs These ad-hoc networks have random network
configurations and rely on a master-slave system connected by wireless links to allow devices to communicate with one another
Since the devices move in an unpredictable way the networks need to be reconfigured on the go in order to handle the change
The routing that the Bluetooth uses allows the master to establish and maintain these ever shifting networks
Bluetooth Network Example
Bluetooth enabled mobile phone connecting to mobile phone network, synching with a PDA address book, and downloading email
Wireless Handheld Devices
These devices can broken down into two categories: PDAs and Smart Phones
PDAs operate on a proprietary networking standard that sends email to remote servers by accessing the corporate network
Smart Phones are mobile phones that contain information processing and data networking capabilities
Wireless LAN Security Features
There are three different types of security features for Wireless LANs
1. Authentication
2. Confidentiality
3. Integrity
Wireless LAN Security Features - Authentication
Provides a service to the users by needing to verify the identity of the users for each communicating station
Denies access to those who can not properly authenticate themselves
Therefore only authorized personal are allowed to use the communicating client stations
Wireless LAN Security Features- Confidentiality
This feature provides privacy to any user on the network
Supposed to prevent eavesdropping by outsiders
Therefore only authorized people are allowed to view the data on the network
Wireless LAN Security Features - Integrity
This feature is used to ensure that the data coming in is the data that was transmitted
Makes sure that no alterations of the data has been made while it is in transit
Therefore users should feel confident that they are viewing the data that was meant for them to see, not some altered version
Problems with the Wireless LAN Security Features The standardization of Wireless LAN security is the
IEEE 802.11Standard Security This provides for cryptographic keys of 40-bits However, some vendors have implemented products with
keys of up to 104 and 128-bit keys Many users in a network often share these
cryptographic keys so if one becomes lost or stolen then the whole network can be at risk
Also, the eavesdropper usually knows 24-bits of every packet key, so this combined with the weakness in the key schedule allows for an analytical attack
Problems with the Wireless LAN Security Features- cont. The analytical attack recovers the key after only
analyzing a small amount of traffic in the key schedule (RC4)
This attack is a very public attack similar to an attack script and open source code
Since the integrity is checked by a Cyclic Redundancy Check (CRC) along with checksums, the integrity can be challenged due to the fact that the checksums are noncryptographic
This leads to vulnerabilities in the system, allowing the attacker to be able to systematically decrypt the incoming packets and those change the information
Bluetooth Security Features
There are some built in security features for Bluetooth technology that address the following topics
1. Authentication
2. Confidentiality
3. Authorization
Bluetooth Security Features - Authentication
The purpose of this feature is to be able to verify the identity of who the device is communicating with
There is also an abort feature in case the device does not authenticate properly
Bluetooth Security Features - Confidentiality
This feature once again protects the privacy of the user
It is intended to prevent others from viewing/eavesdropping on the information being sent to and from the user
Therefore the user can feel safe that only authorized users are seeing the data
Bluetooth Security Features – Authorization
This feature addresses the question as to whether or not the device is authorized to use the service
This prevents non-authorized users from stealing resources intended for authorized users
Bluetooth Security Modes
On top of the built in security features, Bluetooth can operate in the following three security modes
1. Security Mode 1: Nonsecure mode
2. Security Mode 2: Service-level enforced security mode
3. Security Mode 3: Link-level enforced security mode
Problems with Bluetooth Security Features
Based on a table generated by the National Institute of Standards and Technology (NIST), some of the problems/vulnerabilities with the Bluetooth Technology are:
The random number generator may produce static or periodic numbers that reduce the effectiveness of the authentication scheme
Short PINS are allowed for generating link and encryption keys. These short PINS can be guessed and therefore decreases the security
There is no way clear way to generate and distribute PINS, therefore in networks with many users it is difficult to keep secure PINS from being guessed
Problems with Bluetooth Security Features - cont
Authentication can be repeated- there is no limit set for the number of times a user can attempt to become authenticated
The key length used for encryption doesn’t have a set minimum length, causing some to have short/weak keys
Security is not maintained all the way through the system- individual links are encrypted and authenticated and data is decrypted at intermediate points. There is no encryption and decryption maintained all the way through the system
Wireless Handheld Device Security Features
There are not a lot of built in security features in wireless handheld device, but their security can be threatened as well in the following areas:
Confidentiality Integrity Availability
Wireless Handheld Devices Security Threats - Confidentiality
The information contained on the wireless devices can be compromised at a variety of different levels whether it be on the handheld device itself, the storage module, the PC, or while being sent over Bluetooth, USB, or serial communication ports
PDAs are susceptible during the period when data is being transmitted as the data being sent is unencrypted so anyone in close proximity can retrieve that information
Likewise, a Bluetooth device that is not properly configured is liable to have the data stolen from someone who has a Bluetooth-enabled device
Wireless Handheld Devices Security Threats - Integrity
Handheld devices face the same problems as Wireless LANs as the transmitted data can be altered before it reaches the user or device thus interfering with the integrity of the transmitted data
The handheld hardware must be protected from the insertion or replacement of the read-only-memory (ROM) by outside parties
Handheld applications must be protected from the installation of software from unauthorized sources that may contain malicious software (malware)
Wireless Handheld Devices Security Threats - Availability
The wireless handheld devices need to also be protected from attacks that limit their computational or network resources thus making these devices unusable for certain periods of time
These attacks can be in the form of Trojan horses, worms, viruses and other malware that effect the networks
All types of wireless handheld devices are targets for these types of attacks
Conclusion
As it is evident from the previous slides wireless technology is a wonderful feature for many of today's most common devices
However, since information is being transmitted through radio frequencies it is open to interception and tampering from outside parties
Although many of these devices are built with security features it seems like many of these features are not good enough to protect the transmitted data
Conclusion- cont
Encryption keys for the networks seem to be built using very small amount of bits, even though the vendors are building the devices with large amounts of bits
PINS over large networks with many users are no good as short PINS are used which can easily be guessed
With the ever changing technology the wireless technology needs to make security a huge priority to protect the customers
References
Karygiannis, Tom and Owens, Les, “Wireless Network Security: 802.11, Bluetooth and Handheld Devices,” http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf, 2002.
Uskela, Sami, “Security in Wireless Local Area Networks,” http://www.tml.hut.fi/Opinnot/Tik-110.501/1997/wireless_lan.html, 1997
V-One Corporation, “Smart Security for Wireless Communications,” http://www.v-one.com/docs/whitepaper_wireless.pdf, 2003.