Wireless Security - PowerPoint PPT Presentation

1 / 32
About This Presentation
Title:

Wireless Security

Description:

Wireless devices use Radio Frequency (RF) technology to facilitate ... Kismet. AirSnort. AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. ... – PowerPoint PPT presentation

Number of Views:43
Avg rating:3.0/5.0
Slides: 33
Provided by: anils7
Category:

less

Transcript and Presenter's Notes

Title: Wireless Security


1
Wireless Security
  • Presented by
  • Sheetal Joseph

2
What do you mean Wireless?
  • Wireless devices use Radio Frequency (RF)
    technology to facilitate communication.
  • various types of wireless communication solutions
    use different frequencies, most regulated by
    governments.
  • 802.11 and Bluetooth operate in the 2.4Ghz
    unregulated band (dirty frequency)

3
802.11 Wireless Local Area Network (LAN)
4
Wireless Standards
  • 802.11a Transmits at 5 GHz and send data up to
    54 Mbps using orthogonal frequency division
    multiplexing (OFDM). Not interoperable is
    802.11b.
  • 802.11b Transmits at 2.4 GHz and send data up
    to 11 Mbps using direct sequence spread spectrum
    modulation. Not interoperable is 802.11a.
  • 802.11g Similar functionalities as 802.11a, but
    is interoperable with 802.11b.
  • 802.11i Improves WEP encryption by implementing
    Wi-Fi Protected Access (WPA). Require encryption
    key protocols, including Temporal Key Integrity
    Protocol (TKIP) and Advanced Encryption Standard
    (AES).

5
Infrastructure WLAN
Ad-hoc WLAN
6
Glossary of 802.11 Wireless Terms
  • Station (STA) A computer or device with a
    wireless network interface.
  • Access Point (AP) Device used to bridge the
    wireless-wired boundary, or to increase distance
    as a wireless packet repeater.
  • Ad Hoc Network A temporary one made up of
    stations in mutual range.
  • Infrastructure Network One with one or more
    Access Points.
  • Channel A radio frequency band, or Infrared,
    used for shared communication.
  • Basic Service Set (BSS) A set of stations
    communicating wirelessly on the same channel in
    the same area, Ad Hoc or Infrastructure.
  • Extended Service Set (ESS) A set BSSs and wired
    LANs with Access Points that appear as a single
    logical BSS.
  • Service Set Identifier (SSID) A 32-character
    unique identifier attached to the header of
    packets sent over a WLAN that acts as a password
    when a mobile device tries to connect to the BSS.

7
Wireless Authentication
  • Open system authentication
  • Shared key authentication

8
Security Solutions
  • Wireless connections has important security
    issues to keep the intruders from accessing,
    reading and modifying the network traffic.
  • But mobile systems need to be connected.
  • We need an algorithm which provides the same
    level of security that physical wire does.

9
WEP Security
  • Three security goals of WEP protocol
  • Access Control - Ensure that your wireless
    infrastructure is not used.
  • Data Integrity - Ensure that your data packets
    are not modified in transit.
  • Confidentiality - Ensure that the contents of
    your wireless traffic is not learned

10
Description of WEP Protocol
  • WEP relies on a secret key which is shared
    between the sender and the receiver.
  • SENDER Mobile station (eg.Labtop with a wireless
    ethernet
  • card)
  • RECEIVER Access Point (eg. base station)
  • Secret Key is used to encrypt packets before
    they are transmitted
  • Integrity Check is used to ensure packets are
    not modified in transit.
  • The standard does not discuss how shared key is
    established
  • In practice, most installations use a single key
    which is
  • shared between all mobile stations and access
    points.

11
Description of WEP Protocol
  • To send a message M
  • Compute a checksum c(M) (is not depend on secret
    key k)
  • Pick an IV v and generate a keystream RC4(v,k)
  • XOR ltM,c(M)gt with the keystream to get the
    ciphertext
  • Transmit v and ciphertext over a radio link
  • When received a message M
  • Use transmitted v and the shared key k to
    generate the keystream RC4(v,k)
  • XOR the ciphertext with RC4(v,k) to get ltM,cgt
  • Check is cc(M)
  • If it is, accept M as the message transmitted

12
How WEP works
13
Deficiencies of WEP
  • Static Encryption Keys
  • Inefficient use of Initialization vectors
  • Lack of packet integrity assurance

14
Radius An additional layer in the security
15
Add VPN to wireless LAN
16
Wi-Fi Protected Access
  • IEEE 802.1X authentication server- LEAP, EAP/TLS,
    PEAP
  • RC4 stream cipher, with a 128-bit key and a
    48-bit initialization vector (IV).
  • Temporal Key Integrity Protocol (TKIP), which
    dynamically changes keys as the system is used.
    When combined with the much larger IV, this
    defeats the well-known key recovery attacks on
    WEP.
  • A more secure message authentication code
    (usually known as a MAC, but here termed a MIC
    for "Message Integrity Code") is used in WPA, an
    algorithm named "Michael".
  • Due to inevitable weaknesses of Michael, WPA
    includes a special countermeasure mechanism that
    detects an attempt to break TKIP and temporarily
    blocks communications with the attacker

17
WPA
  • Confidentiality Per-packet keying via TKIP
  • Message Authenticity Michael algorithm
  • Access Control and Authentication IEEE 802.1x
    -EAP/TLS

18
WPA2 802.11i
  • The 802.11i architecture contains the following
    components
  • 802.1x for authentication
  • RSN (Robust Security Network) for keeping track
    of associations,
  • CCMP (Counter Mode with Cipher Block Chaining
    Message Authentication Code Protocol) to provide
    confidentiality, integrity and origin
    authentication.
  • AES based algorithm

19
IEEE 802.11i
20
War Driving
  • To find wireless nets
  • Load laptop, 802.11 card, and GPS in car
  • Drive
  • While you drive
  • Attack software listens and builds map of all
    802.11 networks found

21
Antennas
  • Antennas are very important for sending and
    receiving radio waves.
  • They convert electrical impulses into radio
    waves, and vice versa.
  • Can antennas are also very famous in the
    wireless community, which are used mostly for
    personal use.

22
Toys for Hackers
23
A Dual-Use Product
24
War Driving Chapel Hill
25
Zoom in on Los Angeles
26
One Network in Kansas City
27
Silicon Valley
28
Netstumbler
  • Netstumbler
  • Supports most Wi-Fi cards.
  • Identifies presence of Wi-Fi networks and can
    identify client probes.
  • GPS enabled.
  • Shows signal strength.

29
Sniffing Wireless Networks
  • Snooping on network traffic
  • Topology.
  • Technologies in use.
  • Confidential information.
  • Various Commercial and free tools.
  • AiroPeek
  • Kismet

30
AirSnort
  • AirSnort is a wireless LAN (WLAN) tool which
    recovers encryption keys. AirSnort operates by
    passively monitoring transmissions, computing the
    encryption key when enough packets have been
    gathered
  • Requires approximately 5-10 million encrypted
    packets
  • Once enough packets have been gathered, can guess
    the password in less than one second.

31
Best Practices for WLAN
  • Change Default SSID
  • Disable SSID broadcast
  • Physically put the AP in the center of the
    building
  • Logically put AP in a DMZ
  • Carry out PTs on a WLAN
  • Move to a product following the 802.11i standard

32
Thank you
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Wireless Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!