wireless security
DESCRIPTION
Rudi van Drunen Presentation on wireless security NLUUG vj 08. Courtesy of www.competa.comTRANSCRIPT
![Page 3: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/3.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
3
Me
• Rudi van Drunen
• Senior Consultant & CTO Competa IT
• Design, Deliver and Maintain Complex IT Infrastructure
• CTO XlexiT Technology B.V.
• Wireless / Embedded / Networking
• Tech Guru Wireless Leiden
• Largest wireless community network in NL
![Page 4: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/4.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
4
This Talk
• Attacks
• What to do about it, Applied to wireless
• RF level
• Protocol level
• Encryption
• Authentication
• Application level
![Page 5: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/5.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Hierarchy
5
Attacks
Passive Active
Traffic analysis
EavesdroppingReplay
Masquerade
MessageModification
Denialof Service
![Page 6: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/6.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Passive
• Eavesdropping
• Need signal
• Decrypt if needed
• Traffic Analysis
• Get data from signal and traffic
6
![Page 7: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/7.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Active (1)
• Denial of Service
• Radio Level (microwave method)
• Flooding AP with packets
• Disconnect messages
7
![Page 8: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/8.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Active (2)
• Replay
• Listen to the traffic, get SSID, MAC
• replay and associate, masquerade
• Message modification
• Rogue Accesspoint
8
![Page 9: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/9.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
802.11 alphabet soup
• 802.11a 5 GHz WLAN
• 802.11b 2.4 GHz WLAN
• 802.11c Bridging between APs
• 802.11d Global frequency harmonization
• 802.11e MAC level enhancements for QoS
• 802.11f Inter Access Point Protocol for Roaming
• 802.11g High Rate 2.4 GHz WLAN
• 802.11h ETSI requirements of Dynamic Frequency Selection and Transmitter Power Control
• 802.11i Security Enhancements
• 802.11n Super Fast WLAN (mimo)
9
![Page 10: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/10.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Wireless
• RF Level ...
• cf. ethernet level.....
10
![Page 12: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/12.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Antennae
12
Omnidirectional Directional
![Page 14: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/14.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Site Survey
14
- Outside-in- Use Antennas (remember:Leaky building)- Check RF interference
![Page 15: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/15.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Protocol Level
15
• Encryption
• WEP, WPA, WPA2
• Key management
• Authorization - Authentication
• 802.1x, RADIUS
• EAP Methods
• Cooking it up: WPA2 with EAP-TLS
![Page 17: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/17.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Next please ...
• 802.11i
• WPA
• Transient Security Network (TSN)
• TSN = TKIP + WPA(1) + Radius
• Temporal keys, Message Integrity Check
• WPA2
• Robust Security Network (RSN)
• RSN = CCMP + WPA(2) + Radius
17
![Page 18: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/18.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
WPA
• 802.11i framework
• Try to fix the flaws introduced in WEP
• TKIP, MIC, tsc
• Keep backwards compatible
• (HW level (should be firmware update))
• Add authentication layer (802.1x)
18
![Page 21: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/21.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Key managment
21
• Pairwise Keys
• Between EACH client and AP different pair
• Computed / Distributed @association time
• Unicast
• Group Keys
• Same key between AP and every client
• Broadcast (and multicast)
![Page 22: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/22.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Key Hierachy
• Pairwise master key (PMK)
• From Auth server (or pre-shared)
• Generated during authentication (tls/ssl)
• WPA: Radius server sends PMK to AP
• From PMK AP derives Temporal keys
• Pairwise Transient Keys
• Data Encryption ,Integrity keys ; EAPOL keys
• These keys are used in encryption engines
22
![Page 23: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/23.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Authentication
• 802.1x
• Not part of 802.11 suite
• Can also be used on wired networks.
23
![Page 24: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/24.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Authentication: Radius
• Component in 802.1x
• Other Applications in Wireless
• MAC Address authentication
• NOT SECURE !
• Captive Portal
• nocat, m0n0wall (www.m0n0.ch/wall)
24
![Page 26: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/26.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Cooking it up
• EAP-TLS enterprise in time
• Authentication mechanism
• Key distribution mechanism
• Other fun things wpa
• WPA @home
26
![Page 29: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/29.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Fun things WPA
29
• Key caching • Returning authenticated client
• send (PM)Key name in associate request
• AP start 4-way handshake
• AP verifies PMKey
• Pre-authentication
• Makes Roaming seamless and faster
![Page 30: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/30.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
WPA@home
• No Radius server
• Primary Master Key as Shared Secret
• Key generation from password (rfc 2898)
• good passwords: https://www.grc.com/passwords
• AP and Client have same PMK
• 4 way handshake between AP - Client
• Client / AP derive temporal keys for encryption
30
![Page 32: Wireless Security](https://reader033.vdocuments.net/reader033/viewer/2022051613/54c903014a795961428b45b0/html5/thumbnails/32.jpg)
© 2008 [email protected]
<X
le
xi
T>
Wireless security
Slidever. 1.3
Application Level
• VPN (ipsec, OpenVPN)
• Some Setup required
• SSL connections
• You thought everything did ssl, right ?!
• Captive portals
• Hotspot model
32