1 wlan 보안. 2 wlan security requirements for secure wireless lans –authentication –access...
TRANSCRIPT
![Page 1: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/1.jpg)
1
WLAN 보안
![Page 2: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/2.jpg)
2
WLAN Security
• Requirements for Secure Wireless LANs–Authentication–Access Control–Data Privacy–Data Integrity–Protection Against Replay
![Page 3: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/3.jpg)
3
WLAN Attack
• Wardriving– Driving around looking for unsecured wireless
networks.– term coined by Pete Shipley
• 워드라이빙 :– 이동수단을 이용하여 , 무인증 무선네트워크를 찾아다니는 행위– 해킹 경유지의 순차적 추적 불가능– 무선 AP 에는 접속 로그 미존재– 실시간 추적시에도 무선 AP 로부터 접속자 위치 확인 불가능– 실시간 이동 공격자에 대한 추적 대책 미흡( 핸드폰 위치추적기술과 같은 방법 개발 필요 )
![Page 4: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/4.jpg)
4
MAC address Authentication Attack
• Strengths ( 장점 )– MAC 주소를 기반으로 AP 에 접속하고자 하는 Station 들을
제어
• Weaknesses ( 단점 )– MAC 주소는 쉽게 위조 가능– 무선랜 네트워크를 모니터링 (sniffing) 함으로써 쉽게 MAC
주소를 획득– 공격자들은 무선랜 통신을 계속 감시 가능– MAC 주소의 Brute-force 공격이 가능– Man in the middle attack 기술로 네트워크가 공격에 노출- TOOL
- WindowsAiroPeek : Wireless Network Management ToolSMAC : MAC address Changer
- LinuxKismet : Wireless Network Sniffing Toolmacchanger : MAC address Changer
![Page 5: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/5.jpg)
5
MAC Address Attack
![Page 6: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/6.jpg)
6
Rogue AP – Spoofing Attack
• Station 은 항상 가장 신호가 센 AP 로 접속• Attacker 는 목표 AP 와 동일한 SSID 를 사용• Attacker 는 목표 AP 보다 강한 신호를 발생시켜• Victim 이 접속하기 가장 용이한 AP 로 위장• Victim 은 아무런 의심없이 AP 에 접속• Attacker 는 정상적인 홈페이지를 위장한 가상홈페이지를
열어놓고 ID 와 PW 입력 유도
![Page 7: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/7.jpg)
7
Rogue AP – Spoofing Attack
![Page 8: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/8.jpg)
8
802.11 Passive Monitoring
Attacker Passive MonitoringCaptures data
Station
Access Point
Username: dziminski
Password:cleartext
![Page 9: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/9.jpg)
9
802.11 DOS Attack
Attacker spoofs 802.11Disassociate frame
Station
Access Point
X Connection is broken
![Page 10: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/10.jpg)
10
802.11 Man in the Middle Attack
Access Point
• Attacker broadcasts spoofed AP SSID and MAC Address • Station unknowingly connects to attacker• MIM attacks can always be established• But if strong authentication and encryption are used, attacker will be nothing more than a bridge.
AP MAC Address
Station MAC Address
AP MAC Address
Station MAC Address
Attacker
Station
![Page 11: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/11.jpg)
11
Authentication and Encryption Standards
EAP
802.1x
WPA-TKIP 802.11i
RC4
TLS
Encryption Algorithms
Authentication Protocols
PEAP
CertificateCredentials Username/Password
Encryption Standards WEP
RC4 AES
WEP: Wired Equivalent Privacy , WPA: Wi-Fi Protected Access, TKIP: Temporal Key Integrity Protocol PEAP: Protected Extensible Authentication Protocol; uses server-side public key certificates to authenticate the server
![Page 12: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/12.jpg)
12
Evolution of WLAN Security– WEP: not adequate– IEEE formed a Task Group “i” to develop
802.11i standard • Objective: to produce a detailed specification to
enhance the security features for WLANs
IEEE 802Working group
IEEE 802.11WLAN WG
IEEE 802.11iWLAN security
RSN TSNRobust
Security NetworkTransitionalSecurity Network
![Page 13: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/13.jpg)
13
Evolution of WLAN Security
– Responses from Wi-Fi Alliance– The industry cannot wait for the 802.11i standard. It is
demanding a more secure wireless environment right now– Wi-Fi Alliance, together with IEEE, developed Wi-Fi Protected
Access (WPA) to offer a strong interoperable security standard to the market
• 802.11i contributed TKIP (encryption) and MIC (integrity) algorithms, which were being developed for RSN but applicable to WPA
WPA
Wi-Fi Alliance
Wi-Fi Protected AccessTKIP
+MIC
IEEE 802.11i
Temporal KeyIntegrity Protocol
MessageIntegrity Check
![Page 14: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/14.jpg)
14
High-level Differences Between RSN and WPA
• RSN– Designed from the start,
without regards to existing WEP systems
– Will require new hardware to support new methods of encryption
– Supports options for encryption (privacy)
• TKIP
• AES
• WPA– Designed with constraints
around existing WEP systems
– Objective: use same hardware and upgrade software only
– Only supports one encryption standard: TKIP
Essentially, the two approaches are very similar and built around the same security architecture
![Page 15: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/15.jpg)
15
WEP Encryption
IV Payload CRC-32
Encrypted with 40 or 104 bit key. RC4 Algorithm.
integrity check24 bit IV clear text
WEP has several problems1. IV is too small. At 10,000 packets per second IV repeats in 0.5
hours. - For 24 bits, an IV will be reused after 16777216 packets if IV value is incremented by 1 each time. For a device sending 10,000 packets
per second 24-bit IV takes half an hour to rollover
2. There are several “weak keys”. Those are especially vulnerable.3. No key update mechanism built in.4. Message replay attacks. DOS.
![Page 16: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/16.jpg)
16
WPA
• Key features to address WEP vulnerabilities– Access Control and Authentication:
• Implements 802.1X EAP based authentication to enforce mutual authentication
– Encryption• Applies Temporal Key Integrity Protocol (TKIP) on existing WEP to
impose strong data encryption– Integrity
• Uses Message Integrity Check (MIC) rather than CRC-32 for message integrity
• WPA also presents some potential security issues– There are still potential encryption weaknesses in TKIP.
Fortunately, the successful crack is expected to be heavy and expensive.
– Performance may be sacrificed potentially due to a more complex and computation intensive authentication and encryption protocols.
Note: The ultimate wireless security solution is still 802.11i RSN. All products are supposed to comply with RSN standard since it is released, often under the name WPA2.
![Page 17: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/17.jpg)
17
Wi-Fi Protected Access (WPA) TKIP-Encryption
• Wi-Fi Protected Access is an interim standard created by the Wi-Fi alliance (group of manufacturers).
• WPA-TKIP fixes problems with WEP.- IV changes to 48 bits with no weak keys. 900 years to repeat an IV at 10k packets/sec- Use IV as a replay counter- Message integrity- Per-packet keying
• Supported on many wireless card and on Windows XP (after applying 2 hot fixes).
• Uses 802.1x for key distribution.
• Can also use static keys.
![Page 18: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/18.jpg)
18
802.11i RSN• Key features to address WEP
vulnerabilities– Access Control and Authentication
• Implements 802.1X EAP based authentication to enforce mutual authentication (same as WPA)
• WRAP: RSN includes a Wireless Robust Authentication Protocol. Uses AES in offset codebook mode (OCB) for encryption and integrity.
– Encryption• TKIP: In order to support legacy device, the 802.11i chooses
TKIP as one of the encryption options• AES: Stands for Advanced Encryption Standard, which is a
much stronger encryption algorithm. AES requires a hardware coprocessor to operate
– Integrity• Uses Michael Message Integrity Check (MIC) for message
integrity– Other security features: Secure IBSS (Ad Hoc mode), secure
fast handoff, secure de-authentication and disassociation.– Supports Roaming– Is referred to as WPA2 by the Wi-Fi Alliance
IBSS: Independent Basic Service Set
![Page 19: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/19.jpg)
19
802.11i AES-encryption
• Ratified by the IETF in June of 04.
• Uses the AES algorithm for encryption and 802.1x for key distribution.
• Backwards compatible with TKIP to support WPA clients.
• 802.11i not in many products yet.
![Page 20: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/20.jpg)
20
Access Control and Authentication – 802.1X / EAP
– Initially designed for wired networks but is now applicable to WLANs.
– Provides port-based access control and mutual authentication between client and APs via an authentication server.
– 802.1X standard is comprised of three elements• A supplicant: the client (laptop, PDA,…) who wants to be
authenticated• An authenticator: the AP, which acts as an intermediary
between a supplicant and an authentication server.• An authentication server: such as a RADIUS (Remote
Access Dial-In User Service) server.
StationSupplicant
Access PointAuthenticator RADIUS Server
Authorizer
![Page 21: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/21.jpg)
21
Access Control and Authentication – 802.1X / EAP
• EAP– EAP (Extensible Authentication Protocol): protocol that 802.1X
uses to manage mutual authentication.– Initially developed for use with PPP (RFC2284)– Several EAP types depending on the authentication method
(passwords, PKI certificates,…)• EAP-MD5• EAP-TLS• EAP-TTLS• PEAP• LEAP• EAP-SIM
– The authenticator does not need to understand the details about authentication methods. It simply package and repackage EAP packets, usually between Supplicant and RADIUS
![Page 22: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/22.jpg)
22
802.1x EAP-TLS Authentication
StationSupplicant
Access PointAuthenticator RADIUS Server
Authorizer
Client digital certFrom XYZ CA
Server Digital certFrom XYZ CA
![Page 23: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/23.jpg)
23
802.1x PEAP authentication
StationSupplicant
Access PointAuthenticator RADIUS Server
Authorizer
Digital certFrom XYZ CA
Directory Server
Phase 1:Authenticate AP. Secure tunnelto AP using TLS
Phase 2:Password authenticationwith directory server
Username DanPassword: encrypted
Success/Fail
![Page 24: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/24.jpg)
24
LEAP (Lightweight Extensible Authentication Protocol)
• LEAP Characteristics– Primarily developed by Cisco for Aironet WLAN
deployments.– Cisco is now licensing the software, other vendors are
now beginning to support LEAP in their wireless LAN adapters.
– Encrypts data transmissions using dynamically generated WEP keys and supports mutual authentication.
– No certificates are required– Uses bi-directional challenge-response with user
password as shared secret– Transaction sent in clear text (dictionary attacks !)
![Page 25: 1 WLAN 보안. 2 WLAN Security Requirements for Secure Wireless LANs –Authentication –Access Control –Data Privacy –Data Integrity –Protection Against Replay](https://reader030.vdocument.in/reader030/viewer/2022032708/56649e5f5503460f94b59e28/html5/thumbnails/25.jpg)
25
EAP Authentication Types Comparison Chart
802.1x EAP Types Feature / Benefit
MD5 TLS TTLS PEAP LEAP
Client side certificate required no yes no no no
Server side certificate required no yes no yes no
WEP key management no yes yes yes yes
Rogue AP detection no no no no yes
Developer
Authentication Attributes One way Mutual Mutual Mutual Mutual
Deployment Easy Difficult Moderate
Moderate Moderate
Wireless Security Poorest Highest High High High