Rudi van Drunen Presentation on wireless security NLUUG vj 08. Courtesy of www.competa.com

1. Wireless security
The Competa Plane
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 1

2. Wireless security
See if it Flies ....
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 2

3. Wireless security
Me
• Rudi van Drunen
• Senior Consultant & CTO Competa IT
• Design, Deliver and Maintain Complex IT Infrastructure
• CTO XlexiT Technology B.V.
<XlexiT>
• Wireless / Embedded / Networking
• Tech Guru Wireless Leiden
• Largest wireless community network in NL
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 3

4. Wireless security
This Talk
• Attacks
• What to do about it, Applied to wireless
• RF level
• Protocol level
• Encryption
<XlexiT>
• Authentication
• Application level
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 4

5. Wireless security
Hierarchy
Attacks
Passive Active
<XlexiT>
Eavesdropping Denial
Replay
of Service
Traffic analysis Masquerade
Message
Modification
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 5

6. Wireless security
Passive
• Eavesdropping
• Need signal
• Decrypt if needed
<XlexiT>
• Traffic Analysis
• Get data from signal and traffic
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 6

7. Wireless security
Active (1)
• Denial of Service
• Radio Level (microwave method)
•
<XlexiT>
Flooding AP with packets
• Disconnect messages
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 7

8. Wireless security
Active (2)
• Replay
• Listen to the traffic, get SSID, MAC
• replay and associate, masquerade
<XlexiT>
• Message modification
• Rogue Accesspoint
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 8

9. Wireless security
802.11 alphabet soup
• 802.11a 5 GHz WLAN
• 802.11b 2.4 GHz WLAN
• 802.11c Bridging between APs
• 802.11d Global frequency harmonization
• 802.11e MAC level enhancements for QoS
•
<XlexiT>
802.11f Inter Access Point Protocol for Roaming
• 802.11g High Rate 2.4 GHz WLAN
• 802.11h ETSI requirements of Dynamic Frequency Selection and Transmitter Power Control
• 802.11i Security Enhancements
• 802.11n Super Fast WLAN (mimo)
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 9

10. Wireless security
Wireless
• RF Level ...
•
<XlexiT>
cf. ethernet level.....
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 10

11. Wireless security
leaky building ...
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 11

12. Wireless security
Antennae
<XlexiT>
Omnidirectional Directional
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 12

13. Wireless security
Shaping coverage
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 13

14. Wireless security
Site Survey
<XlexiT>
- Outside-in
- Use Antennas (remember:Leaky building)
- Check RF interference
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 14

15. Wireless security
Protocol Level
• Encryption
• WEP, WPA, WPA2
• Key management
• Authorization - Authentication
<XlexiT>
• 802.1x, RADIUS
• EAP Methods
• Cooking it up: WPA2 with EAP-TLS
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 15

16. Wireless security
WEP
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 16

17. Wireless security
Next please ...
• 802.11i
• WPA
• Transient Security Network (TSN)
• TSN = TKIP + WPA(1) + Radius
<XlexiT>
• Temporal keys, Message Integrity Check
• WPA2
• Robust Security Network (RSN)
• RSN = CCMP + WPA(2) + Radius
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 17

18. Wireless security
WPA
• 802.11i framework
• Try to fix the flaws introduced in WEP
• TKIP, MIC, tsc
• Keep backwards compatible
<XlexiT>
• (HW level (should be firmware update))
• Add authentication layer (802.1x)
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 18

19. Wireless security
WPA
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 19

20. Wireless security
WPA2
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 20

21. Wireless security
Key managment
• Pairwise Keys
• Between EACH client and AP different pair
• Computed / Distributed @association time
• Unicast
<XlexiT>
• Group Keys
• Same key between AP and every client
• Broadcast (and multicast)
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 21

22. Wireless security
Key Hierachy
• Pairwise master key (PMK)
• From Auth server (or pre-shared)
• Generated during authentication (tls/ssl)
• WPA: Radius server sends PMK to AP
• From PMK AP derives Temporal keys
<XlexiT>
• Pairwise Transient Keys
• Data Encryption ,Integrity keys ; EAPOL keys
• These keys are used in encryption engines
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 22

23. Wireless security
Authentication
• 802.1x
• Not part of 802.11 suite
<XlexiT>
• Can also be used on wired networks.
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 23

24. Wireless security
Authentication: Radius
• Component in 802.1x
• Other Applications in Wireless
• MAC Address authentication
<XlexiT>
• NOT SECURE !
• Captive Portal
• nocat, m0n0wall (www.m0n0.ch/wall)
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 24

25. Wireless security
802.1x + RADIUS
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 25

26. Wireless security
Cooking it up
• EAP-TLS enterprise in time
• Authentication mechanism
• Key distribution mechanism
• Other fun things wpa
<XlexiT>
• WPA @home
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 26

27. Wireless security
EAP-TLS
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 27

28. Wireless security
EAP-TLS
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 28

29. Wireless security
Fun things WPA
• Key caching
• Returning authenticated client
• send (PM)Key name in associate request
• AP start 4-way handshake
<XlexiT>
• AP verifies PMKey
• Pre-authentication
• Makes Roaming seamless and faster
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 29

30. Wireless security
WPA@home
• No Radius server
• Primary Master Key as Shared Secret
• Key generation from password (rfc 2898)
• good passwords: https://www.grc.com/passwords
<XlexiT>
• AP and Client have same PMK
• 4 way handshake between AP - Client
• Client / AP derive temporal keys for
encryption
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 30

31. Wireless security
WPA-PSK Overview
<XlexiT>
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 31

32. Wireless security
Application Level
• VPN (ipsec, OpenVPN)
• Some Setup required
• SSL connections
•
<XlexiT>
You thought everything did ssl, right ?!
• Captive portals
• Hotspot model
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 32

33. Wireless security
Questions ?!
<XlexiT>
R.van.Drunen@competa.com
ver. 1.3
© 2008 R.van.Drunen@competa.com Slide 33