ieee 802.11 wireless local area networks (wlan’s)
Post on 21-Dec-2015
224 views
TRANSCRIPT
![Page 1: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/1.jpg)
IEEE 802.11
Wireless Local Area Networks(WLAN’s)
![Page 2: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/2.jpg)
Two modes of operation:
2. Infrastructure ModeClients and stations. Stations – Computers with NIC (Network Interface Cards) and Access Points (APs)
1. Ad-Hoc ModeThe clients communicate directly with each other. No mediation is needed.
![Page 3: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/3.jpg)
Communication With APs
3 stages:
1 .Unauthenticated and Unassociated.
2 .Authenticated and Unassociated.
3 .Authenticated and Associated.
![Page 4: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/4.jpg)
IEEE 802.11WEP for securityChallenge/Response with symmetric key
for authentication
Wireless Protocols
IEEE 802.1XWEP for securityEAP for authentication
![Page 5: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/5.jpg)
WEP- Wired Equivalent Privacy
Link layer security protocol.
Secures IEEE 802.11 communications.
Based upon RC4 stream cipher encryption system, with symmetric key.
![Page 6: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/6.jpg)
RC4SharedSecret key
Original text
CRC32Encrypted text
IV clear
IVInitialization
vector
RC4 Original text
Shared Secret key
IVInitialization
vector
Encrypted text
IV clear
CRC
40 bits 64 bits
24 bits
IV used
IV used
40 bits 64 bits
WEP protocol
![Page 7: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/7.jpg)
Security problems in WEP
During the years, a lot of security problems have been discovered in WEP.
We will discuss the most important of those problems, which is known as the “IV Collisions” problem.
![Page 8: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/8.jpg)
IV Collisions
Every once in a while, an IV gets reused.
C1 = P1 RC4(v,k) C2 = P2 RC4(v,k)
![Page 9: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/9.jpg)
IV Collisions (2)
We get the following equation: C1C2 = (P1RC4(v,k))(P2RC4(v,k))
XOR is associative, and therefore: C1 C2 = P1 P2
![Page 10: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/10.jpg)
WEP security is better than no security at all, but not
by much
The Bottom line
![Page 11: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/11.jpg)
The Problem
EAP assumes a secured connection to work with
![Page 12: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/12.jpg)
Problems over an unsecured connection
Snooping the user IDForging / changing EAP packetsDenial of serviceOffline dictionary attackMan-in-the-middleAuthentication method downgrading attackBreaking a weak key
![Page 13: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/13.jpg)
Man-in-the-middle
A B E
MD5 EAP Request <R>
MD5 EAP Request <R>
H(ID || KEY || R)
EAP Failure
H(ID || KEY || R)
EAP Success
![Page 14: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/14.jpg)
Possible Solutions
Mutual authenticationCryptographic connection between
authentication methods Using a limited number of unsecured
authentication methodsPreferring one strong method over a large
number of weak ones.
![Page 15: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/15.jpg)
Possible Solutions (2)
Using authentication method that derives a symmetric key, prevents replay attack and promises message integrity
The authentication method should be safe against dictionary attack
![Page 16: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/16.jpg)
One method has all the above advantages:
![Page 17: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/17.jpg)
Quick summary of TLS
CCS
Application
Handshake protocol Alert
Record Protocol
TCP
![Page 18: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/18.jpg)
Quick summary of TLS (2)
Client Server TCP three-way handshake
Client Hello <Client Random, Proposed algorithms >
Server Hello
<Server random, Selected algorithm>
CA Certificate
Server done
Client Key Exchange
Enc (Pub(s),>Pre-Master secret<)
Both sides perform a known calculation to derive the Master Key
![Page 19: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/19.jpg)
Quick summary of TLS (3)
Client Server
CCS (ID)
FIN
MAC authentication of all former messages
CCS (ID)
FIN
MAC authentication of all former messages
Data transfer (encrypted by the Master Key)
![Page 20: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/20.jpg)
EAP - TLS
Code Identifier Length
Type Flags TLS message length
TLS message length
TLS Data
![Page 21: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/21.jpg)
EAP –TLS (2)Peer Authenticator
EAP Request
<Identity >
EAP Response
<Identity (MyID)>
EAP Request, type = EAP-TLS
<TLS Start>
EAP Response, type = EAP-TLS
<TLS Client Hello>
EAP Request, type = EAP-TLS
<TLS Server Hello, TLS Certificate, TLS Certificate Request, TLS Server Done>
![Page 22: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/22.jpg)
EAP-TLS (3)
Peer Authenticator
EAP Response, type = EAP-TLS
<TLS Certificate, TLS Client Key Exchange, TLS CCS, Certificate verify, TLS FIN>
EAP Request, type = EAP-TLS
<TLS CCS, TLS FIN>
EAP Response, type = EAP-TLS
EAP Success / EAP Failure
![Page 23: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/23.jpg)
Session resumption
The SessionID field in the TLS Client Hello Message should be the same as the ID of the session to return to.
The authenticator sends EAP request with TLS Server Hello, TLS CCS (using the former session CCS ID), and TLS FIN.
The peer sends EAP response with TLS CCS using the same ID, and TLS FIN.
The protocol continues as in the standard EAP-TLS.
![Page 24: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/24.jpg)
Session resumption (2)
Advantages of session resumption:
Quick renewal of connections.
Handling roaming in WLAN.
![Page 25: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/25.jpg)
Key Derivation
PRF1 = PRF (Master Secret, "Client EAP Encryption",
Random)PRF2 = PRF ("", "Client EAP Encryption", Random)
PRF1 is 128 bytes long.
PRF2 is 64 bytes long.
![Page 26: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/26.jpg)
Key Derivation (2)
PRF1
Client’s ENC Key Server’s ENC Key Client’s Auth Key Server’s Auth Key
0 32 64 96 128
PRF2
Client’s IV Server’s IV
0 32 64
![Page 27: IEEE 802.11 Wireless Local Area Networks (WLAN’s)](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d575503460f94a35a85/html5/thumbnails/27.jpg)
Fragmentation
The first fragment raises the L, M and S flags. The total TLS message length is also included.
All other fragments, except the last, raise the M flag. The identification field in the EAP header increases by 1 with each fragment.
Every EAP with a TLS fragment is responded by an EAP packet with no data as an Ack.