WLAN Security

1
WLAN Security

• Examining EAP and 802.1x

2

• 802.1x works at Layer 2 to authentication and
  authorize devices on wireless access points.

3
IEEE 802.1x

• It is used for certain closed wireless access
  points.

4
802.1x Authentication

• A wireless node must be authenticated before it
  can gain access to other LAN resources

5

• It does assume a point-to-point model.
• Then PPP can serve for this point-to-point model.

6
What is PPP and what does it have to do with
wireless security?

• Most people are familiar with PPP, the
  point-to-point protocol. Its most commonly used
  for dial-up Internet access.
• PPP is also used by some ISPs for DSL and cable
  modem authentication, in the form of PPPoE (PPP
  over Ethernet).

7
What is PPP and what does it have to do with
wireless security?

• By any measure, PPP is a very successful
  protocol.
• In practice, PPP has gone far beyond its original
  use as a dial-up access method as it's now used
  all over the Internet.

8
What is PPP and what does it have to do with
wireless security?

• Although PPP has many parts that make it useful
  in different networking environments, the part
  that we care about in this demonstration is the
  authentication piece.

9
What is PPP and what does it have to do with
wireless security?

• Before anything at Layer 3 (like IP) is
  established, PPP goes through an authentication
  phase at Layer 2.
• With dial-up Internet access, thats the username
  and password.

10
What is PPP and what does it have to do with
wireless security?

• PPP authentication is used to identify the user
  at the other end of the PPP line before giving
  them access.
• By authenticating at layer 2, you are independent
  of upperlayer protocol (such as IP).

11
What is PPP and what does it have to do with
wireless security?

• And you can make decisions on how to handle layer
  3 protocols, such as IP, based on the
  authentication information.
• For example, depending on what authentication
  information you provide, you might get a
  particular IP address.

12
PPP General Frame Format
13
802.1x Terminology

• 802.1x does introduce some terminology that we
  need to get used to.
• An authenticator helps authenticate what you
  connect to it. It does this via the
  authentication server.
• The supplicant is what is being authenticated.
  See the following diagram if that's unclear.

14
802.1x Terminology
15
802.1x Terminology

• The Port Access Entity (PAE) is what executes the
  algorithms and follows the protocol(s).
• Each of the three items above has a PAE, but the
  PAE software does do different things on each of
  the three.

16
How did EAP get into the picture?

• As PPP use grew, people quickly found its
  limitations, both in flexibility and in level of
  security, in the authentication methods, such as
  PAP.

17
How did EAP get into the picture?

• Most corporate networks want to do more than
  simple usernames and passwords for secure access.
• So a new authentication protocol, called the
  Extensible Authentication Protocol (EAP) was
  designed.

18
What is EAP
19
EAP

• Extensible Authentication Protocol is a universal
  authentication framework frequently used in
  wireless networks and Point-to-Point connections.
  
• It is defined by RFC 3748.

20
EAP and WPA

• WPA and WPA2 standard has officially adopted five
  EAP types as its official authentication
  mechanisms.

21

• EAP is a way for a supplicant to authenticate,
  usually against a back-end RADIUS server.
• EAP comes from the dial access world and PPP. 

22

• There is a RFC for how RADIUS should support EAP
  between authenticator and authentication server,
  RFC 3579.
• EAP was first defined in the IETF RFC 2284.

23

• The EAP TLS variant is defined in RFC 2716.
• The following figure shows the EAP format.
• Note that when 802.1x is the transport, all this
  fits into the 802.1x payload field, with EAPOL
  packet type set to 0 (EAP packet).

24
The EAPOL frame format
25

• EAP is a way for a supplicant to authenticate,
  usually against a back-end RADIUS server.
• EAP comes from the dial access world and PPP. 

26

• There is an RFC for how RADIUS should support EAP
  between authenticator and authentication server,
  RFC 3579.

27

• EAP was first defined in the IETF RFC 2284.
• The EAP TLS variant is defined in RFC 2716.

28

• The following figure shows the EAP format.
• Note that when 802.1x is the transport, all this
  fits into the 802.1x payload field, with EAPOL
  packet type set to 0 (EAP packet).

29
EAP format

• The code field indicates the type of EAP packet
  as follows (1) Request, (2)
  Response,
• (3) Success, (4) Failure

30

• The ID is one byte for matching requests and
  responses.
• Length is the byte count including the code, ID,
  length and data fields. 
• The data field format varies depending on the
  code field.

31

• Types 3 and 4, Success and Failure are easy to
  describe they have no data field (0 bytes).
• Types 1 and 2 share a format. It boils down to a
  type code (one byte) then the data for that
  type. 

32

• Here's what that makes the EAP packet look like

33

• The original RFC defines several types of EAP
  authentication. They are1 Identity2
  Notification3 Nak (response only)4
  MD5-Challenge5 One-Time Password (OTP) (RFC
  1938)6 Generic Token Card
• 13 TLS (RFC 2716 adds TLS)

34

• The RFC's contain some great diagrams showing the
  sequence of messages for the above EAP variants.

35

• The IEEE  802.1x standard goes through all this
  for EAP-OTP in a couple of different scenarios
  (supplicant initiated exchange, authenticator
  initiated, etc.).

36
How did EAP get into the picture?

• EAP sits inside PPPs authentication protocol.
• It provides a generalized framework for all sorts
  of authentication methods.

37
EAP Message

• Exactly one EAP packet is encapsulated in the
  Information field of a PPP Data Link Layer frame
  and building a PPP EAP Message.
• Where the protocol field indicates type hex C227
  (PPP EAP).

38
How did EAP get into the picture?

• By pulling EAP out (destacando) into a separate
  protocol, it then has the option of re-use in
  other environments - like 802.1X.

39
How did EAP get into the picture?

• EAP is supposed to head off (desviar) proprietary
  authentication systems and let everything from
  passwords to challenge-response tokens and PKI
  certificates work smoothly.

40
How did EAP get into the picture?

• With a standardized EAP, interoperability and
  compatibility across authentication methods
  becomes simpler.

41
How did EAP get into the picture?

• Only the client and the authentication server
  have to be coordinated.
• By supporting EAP authentication, a RAS server
  (in wireless this is the AP) gets out of the
  business of actively participating in the
  authentication dialog ...

42
How did EAP get into the picture?

• For example, when you dial a remote access server
  (RAS) and use EAP as part of your PPP connection,
  the RAS doesnt need to know any of the details
  about your authentication system.

43
How did EAP get into the picture?

• ... ... and just re-packages EAP packets to hand
  off to a RADIUS server to make the actual
  authentication decision.

44
How 802.1x Works
45

• The 802.1x access control works on unaggregated
  physical ports  at OSI Layer 2. It allows or
  denies access.
• The access control it exerts can govern
  bidirectional or inbound traffic.

46

• On LAN media, 802.1x needs some way to
  communicate between the Supplicant and the
  Authenticator. This happens directly at Layer 2.
• The protocol used is EAPOL, which stands for EAP
  encapsulation over LANs. 

47

• EAP is a separate protocol (or family of 
  protocols) for authentication.
• Let's take a look at the EAPOL frame format. It
  is shown in the following figure

48
the EAPOL frame format
49

• The packet type is as follows
• 0 EAP Packet1 EAPOL Start2 EAPOL Logoff3
  EAPOL Key4 EAPOL Encapsulated Alert

50

• The key packet  type is used for  EAP variants
  that allow an encryption key.
• The packet body is then a Key Descriptor, with
  specified fields. We'll skip the details.

51

• The Alert EAP packet type allows for things (like
  SNMP) to be sent through a port where the
  authentication resulted in an unauthorized state.
  

52

• The standard notes  that use in a shared
  environment is  highly insecure unless the
  supplicant to authenticator traffic is a secure
  association, i.e. encrypted.

53

• The authenticator then uses a standard protocol,
  usually RADIUS, to relay information to and from
  the authentication server.

54

• The following figure shows how the protocol
  works.
• It basically provides a L2 wrapper to transport
  EAP information between supplicant and
  authenticator. 

55
(No Transcript)
56

• Note that the EAPOL-Start message is only used if
  the supplicant initiates the exchange.
• The authenticator can notice link status has
  changed, and just jump right in with the EAP
  exchange.

57

• It may seem a little silly, having a big diagram
  with only a couple of arrows in it. I hope that
  this emphasizes the key point here.

58

• The double arrow goes further since we'll see
  that the authenticator re-encapsulates the EAP
  information, typically within RADIUS, and passes
  it through to the authentication server.

59
IEEE 802.1

• IEEE 802.1 is a working group of the IEEE 802
  project of the IEEE. It is concerned with
• 802 LAN/MAN architecture
• internetworking among 802 LANs, MANs and other
  wide area networks,
• 802 Link Security (This is not wireless),
• 802 overall network management, and
• protocol layers above the MAC LLC layers.

60
What Is 802.1x?

• IEEE 802.1x is an IEEE standard for port-based
  Network Access Control which extends the 802.1.
• it is part of the IEEE 802.1 group of protocols.
• It provides authentication to devices attached to
  a LAN port, establishing a point-to-point
  connection or preventing access from that port if
  authentication fails.

61

• The standard 802.1x is an IEEE standard for
  Port-Based Network Access Control. 

62
IEEE 802.1x - a port based authentication
protocol
63

• From the introduction to the 802.1x standard
  document, with some omissions

64

• "Port-based network access control makes use of
  the physical access characteristics of IEEE 802
  LAN infrastructures in order to provide a means
  of authenticating and authorizing devices
  attached to a LAN port ...,

65

• and of preventing access to that port in cases in
  which the authentication and authorization
  process fails. ...

66

• Examples of ports in which the use of
  authentication can be desirable include the
  Ports of MAC Bridges, ... ,
• and associations between stations and access
  points in IEEE 802.11 Wireless LANs."

67

• That is, 802.1x and EAPOL just exist as a way to
  transport EAP information between Supplicant and
  Authenticator.

68
How This All Works
69

• The RFC's contain some diagrams showing the
  sequence of messages for the above EAP variants.

70

• The IEEE  802.1x standard goes through all this
  for EAP-OTP in a couple of different scenarios
  (supplicant initiated exchange, authenticator
  initiated, etc.).

71

• This fills in the big EAP arrow in the above
  diagram to show the full sequence of messages.
• The following figure shows my version of the
  sequence of messages for EAP-OTP (One Time
  Password).

72
(No Transcript)
73
Medium to large Enterprise WLAN Security

• Level 3

74
EAP

• Extensible Authentication Protocol is a universal
  authentication framework frequently used in
  wireless networks and Point-to-Point connections.
  
• It is defined by RFC 3748.

75

• Although the EAP protocol is not limited to
  wireless LANs and can be used for wired LAN
  authentication, it is most often used in wireless
  LANs.

76
WPA

• WPA and WPA2 standard has officially adopted five
  EAP types as its official authentication
  mechanisms.

77

• EAP is an authentication framework, not a
  specific authentication mechanism. It only
  defines message formats.

78

• The EAP provides some common functions and a
  negotiation of the desired authentication
  mechanism.
• Such mechanisms are called EAP authentication
  methods.

79

• Each protocol that uses EAP defines a way to
  encapsulate that protocol's messages within the
  EAP messages.
• In the case of 802.1x, this encapsulation is
  called EAPOL, "EAP over LANs".

80
Level 3 Medium to large Enterprise WLAN security

• EAP-TLS could be the recommended authentication
  method for this security level. 
• EAP-TLS have the same server and client side
  digital certificate requirements.

81

• To implement EAP-TLS, not only does the server
  require a Digital Certificate but the users as
  well. 

82

• This means you will need Certificate Authority to
  issue a proper Server Digital Certificate on a
  pair of dedicated RADIUS servers and not just a
  Self Signed Certificate on a makeshift RADIUS
  Server. 

83

• For this security level, the proper PKI best
  practices should be followed. 
• There should be at least a single dedicated PKI
  Root Certificate Authority, but preferably it
  should at least be a 2 or 3 tier PKI design.

84

• A two tier chain for a medium Enterprise
  organization would have an offline Root
  Certificate Authority and an online Issuing
  Certificate Authority. 

85

• The reason for this is that if a Certificate
  Authority is ever compromised, you can revoke it
  and create a new one ...
• ... from the higher offline Certificate
  Authorities without having to start your PKI
  deployment from scratch. 

86

• Building a PKI from scratch because of a
  compromised Certificate Authority would be
  completely unacceptable in a large scale
  environment.

87

• A large Enterprise should implement the three
  tier design with offline Root Certificate
  Authority, offline subordinate Certificate
  Authority, and online Issuing Certificate
  Authority.

88

• Methods defined in IETF RFCs include
• EAP-MD5,
• EAP-OTP,
• EAP-GTC,
• EAP-TLS or EAP-TTLS,
• EAP-IKEv2,
• EAP-SIM,
• EAP-AKA

89

• Some commonly used methods capable of operating
  in wireless networks include
• EAP-TLS,
• EAP-TTLS
• Requirements for EAP methods used in wireless LAN
  authentication are described in RFC 4017.