The Codex of Business Writing Software for Real-World Solutions 2.pptx
Wlan security
1. WIRELESS LAN SECURITY
Technology
& Wireless LAN Security
Science Presented By
of SWAGAT SOURAV Roll # EE 200118189
Institute Under the guidance of
National Mr. Siddhartha Bhusan Neelamani
[1] Swagat Sourav
2. WIRELESS LAN SECURITY
Introduction
[2] National Institute of Science & Technology
• It is also easy to interfere with wireless communications. A
simple jamming transmitter can make communications
impossible. For example, consistently hammering an
access point with access requests, whether successful or
not, will eventually exhaust its available radio frequency
spectrum and knock it off the network.
• Advantages of WLAN
• Disadvantages WLAN
Swagat Sourav
3. WIRELESS LAN SECURITY
WLAN Authentication
[3] National Institute of Science & Technology
• Wireless LANs, because of their broadcast nature, require the
addition of:
User authentication
Data privacy
• Authenticating wireless LAN clients.
Client Authentication Process
Swagat Sourav
4. WIRELESS LAN SECURITY
WLAN Authentication
Technology
• Types Of Authentication
Open Authentication
& • The authentication request
Science • The authentication response
Shared Key Authentication
• requires that the client configure a static WEP key
of Service Set Identifier (SSID)
Institute MAC Address Authentication
National [4] • MAC address authentication verifies the client’s MAC
address against a locally configured list of allowed
addresses or against an external authentication server
Swagat Sourav
5. WIRELESS LAN SECURITY
WLAN Authentication Vulnerabilities
• SSID
[5] National Institute of Science & Technology
An eavesdropper can easily determine the SSID with the use of an
802.11 wireless LAN packet analyzer, like Sniffer Pro.
• Open Authentication
Open authentication provides no way for the access point to
determine whether a client is valid.
• Shared Key Authentication Vulnerabilities
The process of exchanging the challenge text occurs over the
wireless link and is vulnerable to a man-in-the-middle attack
• MAC Address Authentication Vulnerabilities
A protocol analyzer can be used to determine a valid MAC
Swagat Sourav
address
6. WIRELESS LAN SECURITY
WEP Encryption
[6] National Institute of Science & Technology
• WEP is based on the RC4 algorithm, which is a symmetric
key stream cipher. The encryption keys must match on both
the client and the access point for frame exchanges to succeed
Stream Ciphers
Encrypts data by generating a key stream from the key and
performing the XOR function on the key stream with the plain-text
data
Swagat Sourav
7. WIRELESS LAN SECURITY
WEP Encryption
[7] National Institute of Science & Technology
Swagat Sourav
Block Ciphers
Fragments the frame into blocks of predetermined size and performs
the XOR function on each block.
8. WIRELESS LAN SECURITY
WEP Encryption Weaknesses
[8] National Institute of Science & Technology
• There are two encryption techniques to overcome WEP
encryption weakness
Initialization vectors
Feedback modes
• Initialization vectors
Swagat Sourav
9. WIRELESS LAN SECURITY
WEP Encryption Weaknesses
• Feedback Modes
[9] National Institute of Science & Technology
Swagat Sourav
10. WIRELESS LAN SECURITY
WEP Encryption Weaknesses
Technology
• Statistical Key Derivation—Passive Network Attacks
& Science of Institute National [10] A WEP key could be derived by passively collecting particular frames
from a wireless LAN
• Inductive Key Derivation—Active Network Attacks
Inductive key derivation is the process of deriving a key by coercing
information from the wireless LAN
Initialization Vector Replay Attacks
Bit-Flipping Attacks
• Static WEP Key Management Issues
Swagat Sourav
11. WIRELESS LAN SECURITY
Component of WLAN Security
Technology
• The Authentication Framework (802.1X)
• The EAP Authentication Algorithm
& Science Mutual Authentication
User-Based Authentication
Dynamic WEP Keys
of Institute • Data Privacy with TKIP (Temporal Key Integrity Protocol )
A message integrity check (MIC
Per-packet keying
National Broadcast Key Rotation
[11] Swagat Sourav
12. WIRELESS LAN SECURITY
Future of WLAN Security
Technology
• AES (Advanced Encryption Standard )
AES-OCB Mode
& Science of Institute National [12] Swagat Sourav
13. WIRELESS LAN SECURITY
Future of WLAN Security
[13] National Institute of Science & Technology
Swagat Sourav
AES-CCM Mode
14. WIRELESS LAN SECURITY
Conclusion
Technology
Wireless LAN deployments should be made as secure
as possible. Standard 802.11 security is weak and
vulnerable to numerous network attacks. This paper has
& highlighted these vulnerabilities and described how it
Science can be solved to create secure wireless LANs.
Some security enhancement features might not be
of deployable in some situations because of device
Institute limitations such as application specific devices (ASDs
such as 802.11 phones capable of static WEP only) or
mixed vendor environments. In such cases, it is
National important that the network administrator understand the
potential WLAN security vulnerabilities.
[14] Swagat Sourav
15. WIRELESS LAN SECURITY
Technology
& Science Thank
of Institute You!!!
National [15] Swagat Sourav