Improved EAP-SRP in Wireless Network Authentication
•Download as PPTX, PDF•
2 likes•745 views
Slideshow of our Term Paper presentation on Wireless Network Security Domain.
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (13)
Similar to Improved EAP-SRP in Wireless Network Authentication
Similar to Improved EAP-SRP in Wireless Network Authentication (20)
Recently uploaded
Recently uploaded (20)
Improved EAP-SRP in Wireless Network Authentication
- 1. Wireless LAN Security Ajay K Mathias M120445CS Govind M M120432CS Johnes Jose M120088CS
- 2. Introduction WEP EAP Overview Authenticated KEP Conclusion
- 4. Wireless Networks Extension of Wired networks, without using wires. IEEE 802.11 (1997) 802.11b (1999), 802.11g (2003), 802.11n (2009) 802.11i (2004) 2 Types : Adhoc & Infrastructural WLAN
- 5. Ad Hoc WLAN • Connect with whichever station • Hop Hop.. Hop Hop.. • No device in the middle.
- 6. Infrastructure WLAN Parties Involved Wireless Station Access Point (AP) Ground Station Terms BSS / ESS SSID Beacon Probe Request, Response Associate Frame Request, Response
- 8. Security in WLAN Main Point of Concern Multiple Options exists in Wired Networks. SSID / MAC based Authentication was used, both of which were spoof-able. Common Attacks Possible Masquerading Man in the middle Dictionary Attacks Requirement : Privacy Equivalent to that in Wired Networks
- 9. Wired Equivalent Privacy (WEP) Challenge Response Protocol Random Nonce, C Station Access Point Response, R Initialization Vector, IV R = C O KEYSTREAM(S, IV) +
- 10. But…..! WEP had the following security Issues Monitor Challenge Response to compute Keystream. Obtain S, using Dictionary Attack One side Authentication Thus….. A better protocol was required WPA
- 12. Post WEP security WPA (TKIP) – Temporal Key Integrity Protocol WPA 2 (CCMP) – Counter mode CBC MAC Protocol The authentication in both schemes same Authentication same as in 802.11i Former uses RC4 key-stream encryption Latter uses AES with cipher block chaining
- 13. AUTHENTICATION IN WPA 3 entities Supplication (Station) Authenticator (AP – Access Point) Authentication Server (AS) EAP (Extensible Authentication Protocol) Authentication, Authorization & Accounting
- 14. 802.11i Protocol Authentication Supplicant Authenticator Server 802.11 Association EAP/802.1X/RADIUS Authentication MSK 4-Way Handshake Group Key Handshake Data Communication
- 15. AUTHENTICATION METHODS EAP – MD5 EAP – TLS EAP – TTLS EAP – PEAP
- 16. EAP – MD5 Basicform Challenge is to send MD5 of password Password not known to AP, AS Drawbacks: Replay attack possible with MD5(password) AP is not verified to the supplicant
- 17. EAP-TLS Uses SSL/TLS All Entities have Certificates & Pvt. keys Drawbacks: Infeasible for all stations to have certificates PKI required to communicate
- 18. EAP-TTLS Requires AP to have certificates AP can be verified by AS, supplicants Forms a secure tunnel through which password can be sent EAP-PEAP Similar to EAP-TTLS Forms a secure tunnel Authentication of station to AS independent
- 19. KEY AGREEMENT Two types of keys: TK (Temporal Key) [128] GTK (Group Transient Key) [128] PMK can be replaced by PSK (Pre Shared Key) [256], but not secure TK and other keys are derived from PMK (Pairwise Master Key) [256] by 4-way handshake protocol
- 20. KEY HIERARCHY MSK [256] : AS & Station PMK [256] : AP (derived from MSK) PTK = f(PMK) [512] PTK -> TK [128] PTK -> KCK [128] PTK -> KEK [128]
- 21. FOUR WAY HANDSHAKE Calculate PTK Calculate PTK PTK = prf (PMK,NA,NB,MACA,MACS) PTK = (TK, KCK, KEK)
- 23. EAP-SPEKE Simple Password-Authenticated Exponential Key Exchange Diffie-Hellman based Authentication with session key negotiation Mutual Authentication Withstands Man in the middle attack Withstands Replay attack
- 24. Supplicant Authenticator A = gXa mod p A g = f(pd) B = gXb mod p Xa = secret key Xb = secret key S(n1) S= H(BXamod p) S = H(AXb mod p) n1 = nonce n2 = nonce S(n2) Verify n1 Verify n2
- 25. EAP - SRP EAP-Secure Remote Password Borrows elements from other key exchange protocol User ID and password-based authentication
- 26. Supplicant Authenticator B = (V+gXb) mod p A = gXa mod p A, ID Xb = secret key g = f(pd) V = gx mod p Xa = secret key x = H(Salt, pd) ID = identifier x = H(Salt, pd) u = H(A, B) S = (B-gx)Xa+ux mod p K = H(S) u = H(A, B) S = (AVu) Xbmod p K = H(S) Verify n1
- 27. Improved EAP-SRP A = gXa mod p Ma = H(H(Pd) Xor H(g), H(ID), A) A,ID,Ma B = (v + gXb) mod p U = H(A, B) S = (A.Vu)Xb mod p K = H(s) Mb = H(A, B, Ma, k) Salt, Mb, B U = H(A,B) S = (B-gx)(Xa+Ux) mod p K = H(S) Mc = H(B, Mb, K) Mc Session Key Mutual Authentication
- 28. • Mutual Authentication • Computationally Pros Cons • No Cleartext Password Intensive Exchange (Comparitively) • Works against • Narrow domain of Dictionary choosing primes. Attacks, Password Sniffing and Network (eg. Reqd : Prime p,q Traffic Analysis Attacks such that p = 2q+1) • Easier to setup, than Dig Cert based Authentication.
- 29. References 1. An Efficient Password Authenticated Key Exchange Protocol for WLAN and WIMAX, AK Rai, V Kumar, S Mishra, ICWETT 2011 2. Extensible authentication protocol, Adoba, B., Blunk, L., Vollbrecht, J., Carlson , J. & Levkowetz, E., RFC 3748 2004 3. The SRP Authentication and Key Exchange System, T. Wu, RFC 2945 2000 4. Cryptography and Network Security, Bernard Menesez, Cengage Solutions
- 30. Thank You…!