SlideShare a Scribd company logo

wirelesssecurity materialwirelesssecurity materialwirelesssecurity material

Nune SrinivasRao
Nune SrinivasRao

wireless

Engineering
1 of 21
Download to read offline
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Wireless Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger At the mall ... Page 2
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Wireless Networks • Network supported by radio communications .. • Alphabet soup of standards, most on 802.11 • .. destroys the illusion of a hard perimeter. Page 3
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Why you should fear Simon Byers ... • Over the course of history radio frequencies have been enormously vulnerable to eavesdropping and manipulation. • ASSUME: Everything you say on a wireless network is going to be heard and potentially manipulated by your adversaries. Page 4
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Wireless LANs • Access point networks (ranging to about 300 feet) • All devices connect to the central access point • Pro: very easy to setup and maintain, simple protocols • Con: reliability/speed drops as you get away from AP or contention increases. Page 5
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Ad hoc Networks (a.k.a peer-to-peer) • Devices collaboratively work together to support network communication • Network topology changes in response to moving devices, e.g., bluetooth • Pro: highly flexible and responsive to changes in environment • Con: complex, subject to traffic manipulation by malicious peers Page 6
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Devices • Laptops (canonical wireless devices) • Desktops, mobile phones, .... • Bluetooth Page 7
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Attacks on Wireless Networks • DOS • Planted devices • Hijacked connections • Eavesdropping • Somebody is "in the wire" ... Page 8
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Threats • This is an open network ... • ... to which anyone can connect. • What security is necessary? – Authentication? – Confidentiality? – Integrity? – Privacy? – DOS Protection? – Accountability (traceability)? Page 9
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Security Mechanisms • Note: this is just a network with different threats, so implementing security is very similar to network security • Authentication – Q: What are you authenticating in a wireless network? – Methods: password/passphrase, smartcard, etc. – Tools: radius, Kerberos, PKI services .... • Confidentiality/Integrity – Typically implemented via some transport protocol – IPsec (just implement a VPN -- this is what PSU does) Page 10
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Wireless Security Approaches • MAC Authentication • WEP (Wired Equivalent Privacy) • 802.11i (WPA - Wifi Protected Access) • EAP/LEAP (Extensible Authentication Protocol) • WAP (Wireless Application Protocol) 11
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger MAC Authentication • Create a list of MAC addresses – media access layer, e.g., ether 00:0a:95:d5:74:6a – Only these devices are allowed on network • Attack – Listen on network for MAC address use -- laptop – Masquerade as that MAC address (easy to do, many devices programmable) – ... can wait for it to go off line to avoid conflict, but not necessary • ARP Security limitations Page 12 ether 00:0a:95:d5:74:6a
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger WEP (Wired Equivalent Privacy) • Keys – Pass-phrase converts 40 bits from passphrase, plus 24 bit initialization vector (or) – 26 char hexadecimal + 24-bit IV = 128-bit WEP – Ability to send packets is essentially authentication • integrity used as authentication – Built into the vast majority of home wireless routers Page 13
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger The WEP Flaw (greatly simplified) Page 14 Protocol • Passphrase Key kp • Initialization vector ivi • Plaintext data d1, d2 (for separate blocks 1 and 2) • Traffic Key kti = kp||ivi • Ciphertext = E(kti, di) = RC4(kti) ⊕ di Attack • Assume iv1 = iv2 • Only 17 million IVs (224), so IV of two packets can be found (≈ one in 4096) (RC4(kt1) ⊕ d1) ⊕ (RC4(kt1) ⊕ d2) = d1 ⊕ d2 ey kp vector ivi a d1, d2 (for separate blocks 1 and 2) ti = kp||ivi E(kti, di) = RC4(kti) ⊕ di = iv2 on IVs (224), so IV of two packets can be found (≈ one in 4096) (RC4(kt1) ⊕ d1) ⊕ (RC4(kt1) ⊕ d2) = d1 ⊕ d2
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger 802.11i (WPA - Wifi Protected Access) • Solution to problems with WEP • Two modes of operation – Pre-shared key mode -- WEP like, shared key derived from single network passphrase – Server mode -- uses 802.1X authentication server to authenticate/give unique keys to users • Protocol fixes to WEP – increase IV size to 48 bits – TKIP - change keys every so often -- Temporal Key Integrity Protocol – improved integrity (stop using CRC and start using MAC) – WPA2: AES instead of RC4 Page 15
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger WAP (Wireless Application Protocol) • A set of protocols for implementing applications over thin (read wireless) pipes. • Short version: a set of protocols to implement the web over wireless links as delivered to resource limited devices – reduce overhead and flabby content (image rich HTML) – support limited presentation and content formats • Wireless Markup Language (XML-based language) – reduce the footprint of the rendering engine (browser) • Security: WTLS – SSL/TLS protocol -- public keys, key negotiation, etc. • Success in Japan, little elsewhere (currently) Page 16
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger EAP/LEAP • Extensible Authentication Protocol – Challenge response - auth. only – Bolts onto other authentication mechanisms, e.g., Kerberos, RADIUS – Passes authentication information onto other protocols (WEP, WAP) – LEAP: Cisco implementation/modifications (security problems are possibly serious) – Standards: EAP-MD5, EAP-TLS – PEAP: RSA/Microsoft/Cisco standards for WPA/WPA2 protocols Page 17
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Bluetooth • A standard for building very small personal area networks (PANs) • Connects just everything you can name: PDAs, phones, keyboards, mice, your car • Very short range range network: 1 meter, 10 meters, 100 meters (rare) • Advertised as solution to "too many cables" • Authentication – "pairing" uses pass-phrase style authentication to establish relationship which is often stored indefinitely (problem?) Page 18
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Bluetooth Security • Everything really works off the PIN • Attacks have progressively been successful at identifying vulnerabilities in the way PINs are used, can be reverse engineered • Privacy: know what is on and how public it is ... • Problem: Cambridgeshire, England • Problem: Bluetooth rifle Page 19
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger RFIDs • Radio Frequency Identification (RFID) • identity-providing transponders • Passive: no external power - backscatter (Walmart) • Active: internal power (SpeedPass) • History: a soviet listening device (1945), alied FoF (1939) • Privacy/Security anyone? • Q: How do you control who is accessing your information? • A: You don’t (currently) • Security measures • Rolling code (one time tokens) • Crypto-protocols, limited range, ... 20
Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger NIST Evaluation • Any vulnerability in a wired network is present in the wireless network • Many new ones: protocols, systems more public and vulnerable • Recommendations: – Disable file and directory sharing – Turn off APs when not in use – Use robust passwords, 128-bit encryption – Audit, audit, audit – VPNs are a good ... Page 21

Recommended

2018 FRSecure CISSP Mentor Program- Session 7
2018 FRSecure CISSP Mentor Program- Session 72018 FRSecure CISSP Mentor Program- Session 7
2018 FRSecure CISSP Mentor Program- Session 7FRSecure
 
The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005Bill Drew
 
Lecture12 ie321 dr_atifshahzad - networks
Lecture12 ie321 dr_atifshahzad - networksLecture12 ie321 dr_atifshahzad - networks
Lecture12 ie321 dr_atifshahzad - networksAtif Shahzad
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Wifi- technology_moni
Wifi- technology_moniWifi- technology_moni
Wifi- technology_moniMD MONIRUZZAMAN
 
Airheads dallas 2011 wireless security
Airheads dallas 2011 wireless securityAirheads dallas 2011 wireless security
Airheads dallas 2011 wireless securityAruba, a Hewlett Packard Enterprise company
 
Networking
NetworkingNetworking
Networkingsbmiller87
 
CCNA(R&S) By Ezxprt
CCNA(R&S) By EzxprtCCNA(R&S) By Ezxprt
CCNA(R&S) By EzxprtEzxprt
 

Recommended

2018 FRSecure CISSP Mentor Program- Session 7
2018 FRSecure CISSP Mentor Program- Session 72018 FRSecure CISSP Mentor Program- Session 7
2018 FRSecure CISSP Mentor Program- Session 7FRSecure
 
The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005Bill Drew
 
Lecture12 ie321 dr_atifshahzad - networks
Lecture12 ie321 dr_atifshahzad - networksLecture12 ie321 dr_atifshahzad - networks
Lecture12 ie321 dr_atifshahzad - networksAtif Shahzad
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Wifi- technology_moni
Wifi- technology_moniWifi- technology_moni
Wifi- technology_moniMD MONIRUZZAMAN
 
Airheads dallas 2011 wireless security
Airheads dallas 2011 wireless securityAirheads dallas 2011 wireless security
Airheads dallas 2011 wireless securityAruba, a Hewlett Packard Enterprise company
 
Networking
NetworkingNetworking
Networkingsbmiller87
 
CCNA(R&S) By Ezxprt
CCNA(R&S) By EzxprtCCNA(R&S) By Ezxprt
CCNA(R&S) By EzxprtEzxprt
 
Ccna (200 125)
Ccna (200 125)Ccna (200 125)
Ccna (200 125)shajeeha khalid
 
Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg
Information Security Lesson 5 - Network Infrastructure - Eric VanderburgInformation Security Lesson 5 - Network Infrastructure - Eric Vanderburg
Information Security Lesson 5 - Network Infrastructure - Eric VanderburgEric Vanderburg
 
Ethernet basics
Ethernet basicsEthernet basics
Ethernet basicserick4chitsime
 
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITY
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITYHari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITY
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITYIGN MANTRA
 
Minimizing Information Transparency
Minimizing Information TransparencyMinimizing Information Transparency
Minimizing Information TransparencyUsman Arshad
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingMihir Shah
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applicationscmstiernberg
 
Slides internet technology
Slides internet technologySlides internet technology
Slides internet technologyInexk Pedrero
 
Null mumbai-iot-workshop
Null mumbai-iot-workshopNull mumbai-iot-workshop
Null mumbai-iot-workshopNitesh Malviya
 
Basic Foundation For Cybersecurity
Basic Foundation For CybersecurityBasic Foundation For Cybersecurity
Basic Foundation For CybersecurityMohammed Adam
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Setia Juli Irzal Ismail
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminskyDan Kaminsky
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11bguestd7b627
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSreekanth GS
 
Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Mohammad Fareed
 
Introduction To Networking
Introduction To NetworkingIntroduction To Networking
Introduction To Networkingtsmithnasd
 
Chap 1 Network Theory & Java Overview
Chap 1 Network Theory & Java OverviewChap 1 Network Theory & Java Overview
Chap 1 Network Theory & Java OverviewMinistry of Higher Education
 
Wifi
WifiWifi
WifiTheSmit Chheda
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 

More Related Content

Similar to wirelesssecurity materialwirelesssecurity materialwirelesssecurity material

Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg
Information Security Lesson 5 - Network Infrastructure - Eric VanderburgInformation Security Lesson 5 - Network Infrastructure - Eric Vanderburg
Information Security Lesson 5 - Network Infrastructure - Eric VanderburgEric Vanderburg
 
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITY
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITYHari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITY
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITYIGN MANTRA
 
Minimizing Information Transparency
Minimizing Information TransparencyMinimizing Information Transparency
Minimizing Information TransparencyUsman Arshad
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingMihir Shah
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applicationscmstiernberg
 
Slides internet technology
Slides internet technologySlides internet technology
Slides internet technologyInexk Pedrero
 
Null mumbai-iot-workshop
Null mumbai-iot-workshopNull mumbai-iot-workshop
Null mumbai-iot-workshopNitesh Malviya
 
Basic Foundation For Cybersecurity
Basic Foundation For CybersecurityBasic Foundation For Cybersecurity
Basic Foundation For CybersecurityMohammed Adam
 
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Setia Juli Irzal Ismail
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminskyDan Kaminsky
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11bguestd7b627
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSreekanth GS
 
Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Mohammad Fareed
 
Introduction To Networking
Introduction To NetworkingIntroduction To Networking
Introduction To Networkingtsmithnasd
 

Similar to wirelesssecurity materialwirelesssecurity materialwirelesssecurity material (20)

Ccna (200 125)
Ccna (200 125)Ccna (200 125)
Ccna (200 125)
 
Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg
Information Security Lesson 5 - Network Infrastructure - Eric VanderburgInformation Security Lesson 5 - Network Infrastructure - Eric Vanderburg
Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg
 
Ethernet basics
Ethernet basicsEthernet basics
Ethernet basics
 
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITY
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITYHari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITY
Hari 2 BIMTEK ACEH WARDRIVING dan WIRELESS SECURITY
 
Minimizing Information Transparency
Minimizing Information TransparencyMinimizing Information Transparency
Minimizing Information Transparency
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applications
 
Slides internet technology
Slides internet technologySlides internet technology
Slides internet technology
 
Null mumbai-iot-workshop
Null mumbai-iot-workshopNull mumbai-iot-workshop
Null mumbai-iot-workshop
 
Basic Foundation For Cybersecurity
Basic Foundation For CybersecurityBasic Foundation For Cybersecurity
Basic Foundation For Cybersecurity
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminsky
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018
 
Introduction To Networking
Introduction To NetworkingIntroduction To Networking
Introduction To Networking
 
Chap 1 Network Theory & Java Overview
Chap 1 Network Theory & Java OverviewChap 1 Network Theory & Java Overview
Chap 1 Network Theory & Java Overview
 
Wifi
WifiWifi
Wifi
 

Recently uploaded

IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...Call Girls in Nagpur High Profile
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSRajkumarAkumalla
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 

Recently uploaded (20)

IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
High Profile Call Girls Nashik Megha 7001305949 Independent Escort Service Na...
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 

wirelesssecurity materialwirelesssecurity materialwirelesssecurity material

  • 1. CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Wireless Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/
  • 2. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger At the mall ... Page 2
  • 3. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Wireless Networks • Network supported by radio communications .. • Alphabet soup of standards, most on 802.11 • .. destroys the illusion of a hard perimeter. Page 3
  • 4. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Why you should fear Simon Byers ... • Over the course of history radio frequencies have been enormously vulnerable to eavesdropping and manipulation. • ASSUME: Everything you say on a wireless network is going to be heard and potentially manipulated by your adversaries. Page 4
  • 5. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Wireless LANs • Access point networks (ranging to about 300 feet) • All devices connect to the central access point • Pro: very easy to setup and maintain, simple protocols • Con: reliability/speed drops as you get away from AP or contention increases. Page 5
  • 6. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Ad hoc Networks (a.k.a peer-to-peer) • Devices collaboratively work together to support network communication • Network topology changes in response to moving devices, e.g., bluetooth • Pro: highly flexible and responsive to changes in environment • Con: complex, subject to traffic manipulation by malicious peers Page 6
  • 7. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Devices • Laptops (canonical wireless devices) • Desktops, mobile phones, .... • Bluetooth Page 7
  • 8. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Attacks on Wireless Networks • DOS • Planted devices • Hijacked connections • Eavesdropping • Somebody is "in the wire" ... Page 8
  • 9. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Threats • This is an open network ... • ... to which anyone can connect. • What security is necessary? – Authentication? – Confidentiality? – Integrity? – Privacy? – DOS Protection? – Accountability (traceability)? Page 9
  • 10. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Security Mechanisms • Note: this is just a network with different threats, so implementing security is very similar to network security • Authentication – Q: What are you authenticating in a wireless network? – Methods: password/passphrase, smartcard, etc. – Tools: radius, Kerberos, PKI services .... • Confidentiality/Integrity – Typically implemented via some transport protocol – IPsec (just implement a VPN -- this is what PSU does) Page 10
  • 11. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Wireless Security Approaches • MAC Authentication • WEP (Wired Equivalent Privacy) • 802.11i (WPA - Wifi Protected Access) • EAP/LEAP (Extensible Authentication Protocol) • WAP (Wireless Application Protocol) 11
  • 12. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger MAC Authentication • Create a list of MAC addresses – media access layer, e.g., ether 00:0a:95:d5:74:6a – Only these devices are allowed on network • Attack – Listen on network for MAC address use -- laptop – Masquerade as that MAC address (easy to do, many devices programmable) – ... can wait for it to go off line to avoid conflict, but not necessary • ARP Security limitations Page 12 ether 00:0a:95:d5:74:6a
  • 13. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger WEP (Wired Equivalent Privacy) • Keys – Pass-phrase converts 40 bits from passphrase, plus 24 bit initialization vector (or) – 26 char hexadecimal + 24-bit IV = 128-bit WEP – Ability to send packets is essentially authentication • integrity used as authentication – Built into the vast majority of home wireless routers Page 13
  • 14. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger The WEP Flaw (greatly simplified) Page 14 Protocol • Passphrase Key kp • Initialization vector ivi • Plaintext data d1, d2 (for separate blocks 1 and 2) • Traffic Key kti = kp||ivi • Ciphertext = E(kti, di) = RC4(kti) ⊕ di Attack • Assume iv1 = iv2 • Only 17 million IVs (224), so IV of two packets can be found (≈ one in 4096) (RC4(kt1) ⊕ d1) ⊕ (RC4(kt1) ⊕ d2) = d1 ⊕ d2 ey kp vector ivi a d1, d2 (for separate blocks 1 and 2) ti = kp||ivi E(kti, di) = RC4(kti) ⊕ di = iv2 on IVs (224), so IV of two packets can be found (≈ one in 4096) (RC4(kt1) ⊕ d1) ⊕ (RC4(kt1) ⊕ d2) = d1 ⊕ d2
  • 15. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger 802.11i (WPA - Wifi Protected Access) • Solution to problems with WEP • Two modes of operation – Pre-shared key mode -- WEP like, shared key derived from single network passphrase – Server mode -- uses 802.1X authentication server to authenticate/give unique keys to users • Protocol fixes to WEP – increase IV size to 48 bits – TKIP - change keys every so often -- Temporal Key Integrity Protocol – improved integrity (stop using CRC and start using MAC) – WPA2: AES instead of RC4 Page 15
  • 16. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger WAP (Wireless Application Protocol) • A set of protocols for implementing applications over thin (read wireless) pipes. • Short version: a set of protocols to implement the web over wireless links as delivered to resource limited devices – reduce overhead and flabby content (image rich HTML) – support limited presentation and content formats • Wireless Markup Language (XML-based language) – reduce the footprint of the rendering engine (browser) • Security: WTLS – SSL/TLS protocol -- public keys, key negotiation, etc. • Success in Japan, little elsewhere (currently) Page 16
  • 17. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger EAP/LEAP • Extensible Authentication Protocol – Challenge response - auth. only – Bolts onto other authentication mechanisms, e.g., Kerberos, RADIUS – Passes authentication information onto other protocols (WEP, WAP) – LEAP: Cisco implementation/modifications (security problems are possibly serious) – Standards: EAP-MD5, EAP-TLS – PEAP: RSA/Microsoft/Cisco standards for WPA/WPA2 protocols Page 17
  • 18. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Bluetooth • A standard for building very small personal area networks (PANs) • Connects just everything you can name: PDAs, phones, keyboards, mice, your car • Very short range range network: 1 meter, 10 meters, 100 meters (rare) • Advertised as solution to "too many cables" • Authentication – "pairing" uses pass-phrase style authentication to establish relationship which is often stored indefinitely (problem?) Page 18
  • 19. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Bluetooth Security • Everything really works off the PIN • Attacks have progressively been successful at identifying vulnerabilities in the way PINs are used, can be reverse engineered • Privacy: know what is on and how public it is ... • Problem: Cambridgeshire, England • Problem: Bluetooth rifle Page 19
  • 20. CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger RFIDs • Radio Frequency Identification (RFID) • identity-providing transponders • Passive: no external power - backscatter (Walmart) • Active: internal power (SpeedPass) • History: a soviet listening device (1945), alied FoF (1939) • Privacy/Security anyone? • Q: How do you control who is accessing your information? • A: You don’t (currently) • Security measures • Rolling code (one time tokens) • Crypto-protocols, limited range, ... 20
  • 21. Page CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger NIST Evaluation • Any vulnerability in a wired network is present in the wireless network • Many new ones: protocols, systems more public and vulnerable • Recommendations: – Disable file and directory sharing – Turn off APs when not in use – Use robust passwords, 128-bit encryption – Audit, audit, audit – VPNs are a good ... Page 21