wireless security presented by: amit kumar singh instructor : dr. t. andrew yang
TRANSCRIPT
Wireless SecurityWireless Security
Presented by: Amit Kumar SinghPresented by: Amit Kumar Singh
Instructor : Dr. T. Andrew YangInstructor : Dr. T. Andrew Yang
Going WirelessGoing Wireless
Recent technologies include Recent technologies include 802.11b,802.11g etc.802.11b,802.11g etc.
Most commonly and widely present Most commonly and widely present are 802.11b (11 mbps)are 802.11b (11 mbps)
802.11b uses security techniques 802.11b uses security techniques like WEP to make the network like WEP to make the network secure.secure.
IEEE came up with 802.11x IEEE came up with 802.11x standards for wireless ethernet.standards for wireless ethernet.
What is WEP ?What is WEP ?
Wireless connections need to be secured Wireless connections need to be secured since the intruders should not be allowed since the intruders should not be allowed to access, read and modify the network to access, read and modify the network traffic.traffic.
Mobile systems should be connected at Mobile systems should be connected at the same time.the same time.
Algorithm is required which provides a Algorithm is required which provides a high level of security as provided by the high level of security as provided by the physical wired networks.physical wired networks.
Protect wireless communication from Protect wireless communication from eavesdropping, prevent unauthorized eavesdropping, prevent unauthorized access.access.
Security Goals of WEP:Security Goals of WEP:
Access ControlAccess Control Ensure that your wireless infrastructure Ensure that your wireless infrastructure
is not used.is not used. Data IntegrityData Integrity
Ensure that your data packets are not Ensure that your data packets are not modified in transit.modified in transit.
ConfidentialityConfidentiality Ensure that contents of your wireless Ensure that contents of your wireless
traffic is not leaked.traffic is not leaked.
Understanding WEPUnderstanding WEP
WEP relies on a WEP relies on a secret keysecret key which is which is shared between the sender (mobile shared between the sender (mobile station) and the receiver (access point).station) and the receiver (access point).
Secret Key : packets are encrypted using Secret Key : packets are encrypted using the secret key before they are the secret key before they are transmitted.transmitted.
Integrity Check : it is used to ensure that Integrity Check : it is used to ensure that packets are not modified in transitpackets are not modified in transit
Understanding WEP contd…Understanding WEP contd…
To send a message to M:To send a message to M:• Compute the checksum c(M). Checksum Compute the checksum c(M). Checksum
does not depend on the secret key ‘k’.does not depend on the secret key ‘k’.• Pick a IV ‘v’ and generate a key stream Pick a IV ‘v’ and generate a key stream
RC4(v,k).RC4(v,k).• XOR <M,c(M)> with the key stream to XOR <M,c(M)> with the key stream to
get the cipher text.get the cipher text.• Transmit ‘v’ and the cipher text over a Transmit ‘v’ and the cipher text over a
radio link.radio link.
How WEP WorksHow WEP Works
Key Stream = RC4(v,k)
Message CRC
Transmitted Data
XOR
Cipher TextV
Plain Text
How WEP works ?How WEP works ? WEP uses RC4 encryption algorithm known
as “stream cipher” to protect the confidentiality of its data.
Stream cipher operates by expanding a short key into an infinite pseudo-random key stream.
Sender XOR’s the key stream with plaintext to produce cipher text.
Receiver has the copy of the same key, and uses it to generate an identical key stream.
XORing the key stream with the cipher text yields the original message.
Attack typesAttack types Passive AttacksPassive Attacks
• To decrypt the traffic based on statistical To decrypt the traffic based on statistical analysis (Statistical Attack)analysis (Statistical Attack)
Active AttacksActive Attacks• To inject new traffic from authorized mobile To inject new traffic from authorized mobile
stations, based on known plaintext.stations, based on known plaintext. Active AttacksActive Attacks
• To decrypt the traffic based on tricking the To decrypt the traffic based on tricking the access pointaccess point
Dictionary AttacksDictionary Attacks• Allow real time automated decryption of all Allow real time automated decryption of all
traffic.traffic.
Defenses of WEPDefenses of WEP
Integrity Check (IC) fieldIntegrity Check (IC) field• Used to ensure that packet has not been
modified in transit Initialization Vector (IV)Initialization Vector (IV)
• Used to avoid encrypting two cipher texts with the same key stream
• Used to argument the shared key and produce a different RC4 key for each packet
ReferencesReferences
http://www.cs.fsu.edu/~yasinsac/group/slihttp://www.cs.fsu.edu/~yasinsac/group/slides/cubukcu.pdfdes/cubukcu.pdf
http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
www.itserv.com/wireless http://www.bluefiresecurity.com/bluefire_dhttp://www.bluefiresecurity.com/bluefire_d
ownloads.php?download=mainownloads.php?download=main http://www.isaac.cs.berkeley.edu/isaac/http://www.isaac.cs.berkeley.edu/isaac/
mobicom.pdfmobicom.pdf