wireless security protocols

17
Seminar on Wireless Security Protocols (WEP & WPA) Presented by: Piyush Mittal Dept. of Computer Science, NIT Rourkela 1

Upload: piyush-mittal

Post on 14-Apr-2015

381 views

Category:

Documents


6 download

DESCRIPTION

WEP & WPA

TRANSCRIPT

Page 1: Wireless Security Protocols

Seminar on Wireless Security Protocols

(WEP & WPA)

Presented by: Piyush Mittal

Dept. of Computer Science, NIT Rourkela

1

Page 2: Wireless Security Protocols

Introduction The IEEE 802.11 committee realized that wireless

transmissions were vulnerable to attack and interceptions.

So they implemented several protections in 1997 in 802.11 standard. These protections divided into:

1. Access Control

2. Wired Equivalent Privacy(WEP)

3. Authentication

In 2003 introduced Wi-Fi Protected Access(WPA).

In 2004 introduced WPA2.

2

Page 3: Wireless Security Protocols

Access Control Access control is a method of restricting access to resources, only

accessible to authorized users.

Wireless access control is accomplished by limiting a device’s access to the access point(AP).

An access point contains an antenna and radio transmitter/receiver to send and receive wireless signals, and an RJ-45 port that allows it to connect it to a wired network.

All wireless devices transmit to AP, which directs the signal to the other wireless devices.

So AP acts as a bridge between wireless and wired networks.

Hence restricting access to AP is the ideal access control solution.

MAC address is a hardware address that uniquely identifies each node in a network.

A node can be restricted by entering its MAC address in AP.

3

Page 4: Wireless Security Protocols

WEP Wired Equivalent Privacy(WEP) is intended to guard

confidentiality.

WEP is used in IEEE 802.11 to encrypt wireless transmissions. And is a cryptography mechanism.

WEP relies on a secret key shared between a wireless device and the access point.

IEEE 208.11 WEP secret key must be a minimum of 64-bits in length. An option to use a larger 128-bit key is also possible.

Keys are created by the user entering the same string of either ASCII or hexadecimal characters.

IEEE standard also specifies that the access points and devices can hold up to 4 shared secret keys, one of them designated as the default key .

4

Page 5: Wireless Security Protocols

Encryption Mechanism 1. The plaintext has a cyclic redundancy check(CRC) value

calculated, the WEP calls this the integrity check value(ICV). And appends it to the end of the text.

2. The shared secret key designated as default key is combined with an initialization vector(IV). The IV is a 24 bit value that changes each time a packet is encrypted.

3. The default key and IV are then entered into the pseudo-random number generator(PRNG) that creates a random number. The PRNG is based on the RC4 cipher algorithm which is a stream cipher. The output is known as keystream.

4. The two values(text plus ICV and keystream) are then combined through XOR operation to create the ciphertext.

5. The IV is added to the front of the ciphertext and the packet is ready for transmission. IV is not encrypted.

5

Page 6: Wireless Security Protocols

Encryption Process

6

Page 7: Wireless Security Protocols

Transmitting with WEP

7

Page 8: Wireless Security Protocols

Weaknesses Key Management and Key Size

The Initialization Vector (IV) is Too Small

The Integrity Check Value (ICV) algorithm is not appropriate.

WEP’s use of RC4 is weak.

Authentication Messages can be easily forged.

WEP implementation violates the cardinal rule of cryptography.

Because of the weaknesses of WEP it is possible for an attacker to identify two packets derived from the same IV.

8

Page 9: Wireless Security Protocols

Example operation1

Plaintext A 11010011

XOR

Keystream 10100110

-------------------------------------

Ciphertext A 01110101

operation 3 operation 4

Ciphertext A 01110101 Plaintext A 11010011

XOR XOR

Ciphertext B 10001011 Plaintext B 00101101

----------------------------------------- ------------------------------------

11111110 11111110

operation2

Plaintext B 00101101

XOR

Keystream 10100110

-------------------------------------

Ciphertext B 10001011

9

Page 10: Wireless Security Protocols

WPA WPA(Wi-Fi Protected Access) replaces WEP with an

encryption technology called Temporal Key Integrity Protocol(TKIP)

TKIP dynamically generates a new key for each packet that is created, called per-packet keys.

Per-packet keys prevent collisions.

TKIP provides greater level of security.

TKIP distributes the key to the wireless device and AP. Then dynamically generates unique keys to encrypt every data packet.

WPA replaces the cyclic redundancy check(CRC) in WEP with Message Integrity Check(MIC).

10

Page 11: Wireless Security Protocols

TKIP Encryption 1. Instead of using an initialization vector and secret key the

temporal key is XORed with the sender’s MAC address to create an intermediate Value 1.

2. Value 1 is then mixed with a sequence number to produce Value 2, Value 2 is then entered into the Pseudo-Random Number Generator(PRNG).

3. Instead of sending the text through the CRC generator, the MIC key, sender’s MAC address, and receiver’s MAC address are all sent through a MIC function. This creates a text with the MIC key appended. This value is then XORed with the keystream to create the ciphertext.

11

Page 12: Wireless Security Protocols

TKIP Encryption

12

Page 13: Wireless Security Protocols

If a wireless device was transmitting 10000 packets per second with WEP IV, collisions would occur in 90 minutes; using TKIP, collision would not occur for over 900 years.

13

Page 14: Wireless Security Protocols

WPA2 WPA2 is based on IEEE 802.11i.

It uses Advanced Encryption Standard(AES)for data encryption and supports PSK(pre-shared key) technology.

Use of AES provides more security. Because AES encryption

is based on 9,11 or 13 rounds depending on different key size.

14

Page 15: Wireless Security Protocols

Conclusion At first, we explain the structure of WEP and its

encryption process and weaknesses. Secondly, we discuss about the second generation of wireless security protocol as WPA and its encryption process. Finally, we discuss about third generation of wireless security protocol as WPA2/802.11i.

And conclude that WPA2 is more secure than WPA more secure than WEP.

15

Page 16: Wireless Security Protocols

References IEEE 2009 Paper On A Survey on Wireless Security protocols

(WEP,WPA and WPA2/802.11i) by ARASH HABIBI LASHKARI and MIR MOHAMMAD SEYED DANESH

CWSP Guide to Wireless security by Mark Ciampa

16

Page 17: Wireless Security Protocols

Thank You

17