Evolution of wireless LAN security standards - PowerPoint PPT Presentation

1 / 8
About This Presentation
Title:

Evolution of wireless LAN security standards

Description:

Modified WEP2 cannot solve the exposed problem due to inherited ... Adversary acting as access point leads to Man-in-the-middle attack. Session hijacking ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 9
Provided by: bli6
Category:

less

Transcript and Presenter's Notes

Title: Evolution of wireless LAN security standards


1
Evolution of wireless LAN security standards
  • Team members
  • Bo Li
  • Daniel Menchaca
  • Harold Lee
  • Narendra Kamat

2
Motivation for wireless LAN security
  • Wireless LAN is becoming very popular
  • Wireless LAN is not very securely protected
  • Initial proposed WEP in IEEE 802.11 was weak
  • Modified WEP2 cannot solve the exposed problem
    due to inherited mechanism from WEP
  • Design flaws have been reported on newly
    developed standard IEEE 802.1x
  • Can 802.11i protect our wireless LAN?

3
Wired Equivalent Privacy (WEP)
  • Extensively analyzed. (Usually unfavorably!)
  • Integrity Control by CRC-32 checksum.
  • Linear can be easily modified.
  • RC4 rand. gen. takes a secret key and an
    initialization vector as input
  • Distribution of secret key k infrequent (hard to
    manage)
  • Sequence space of 24-bit IV is rapidly used up.
    (IV collision)
  • Initial challenge/response sequence (with IV)
    visible to attacker.
  • IP redirection, reaction attack, etc.
  • This solution does not inspire confidence!!

4
Overview of 802.1x
  • Uses Extensible Authentication Protocol (EAP)
  • Provides key management

5
802.1x vulnerabilities
  • Absence of mutual authentication
  • One way authentication of supplicant.
  • Adversary acting as access point leads to
    Man-in-the-middle attack
  • Session hijacking
  • Attacker spoofs MAC of AP and disassociates
    client
  • Next, it spoofs MAC of client and gains
    connection

6
802.11i
  • 802.1x
  • Robust authentication
  • Key distribution
  • TKIP (upgrade path)
  • Fixes WEP issues
  • Backward compatible
  • CCMP (mandatory)
  • Advanced Encryption Standard (AES)
  • Privacy, integrity, authenticity

Upper Layer Auth. (ULA)
802.1x authentication
TKIP (Temporal Key Integrity Protocol)
CCMP (counter mode CBC-MAC Protocol)
Encryption Algorithms
7
Expected Results
  • Understanding architecture and weaknesses of WEP
  • Analysis of 802.1X, including both state
    machines.
  • Proposal for new state machine.
  • Evaluation of proposed standard 802.11i
  • Recommendations for improvement and new
    direction in evolution.

8

Thank You!
Write a Comment
User Comments (0)
About PowerShow.com