1. Wireless Introduction
2. Wireless network modes
3. SSID
4. WEP
5. WPA
6. Advantages
7. Disadvantage
8. Conclusion
Wirel...
 INTRO
A Wireless LAN Links Two or more devices using some
wireless distribution method and usually providing a
connecti...
 802.11a – 54 Mbps@5 GHz
 Not interoperable with 802.11b
 Limited distance
 Dual-mode APs require 2 chipsets, look lik...
 The 802.11 wireless networks operate in two
basic modes:
1. Infrastructure mode
2. Ad-hoc mode
 Infrastructure mode:
 ...
 The hub handles:
 the clients’ authentication,
 Authorization
 link-level data security (access control and enabling
...
 Identifies a particular wireless network
 A client must set the same SSID as the one in that
particular AP Point to joi...
 The original native security mechanism for WLAN
 provide security through a 802.11 network
 Used to protect wireless c...
1. Appends a 32-bit CRC checksum to each outgoing frame
(INTEGRITY)
2. Encrypts the frame using RC4 stream cipher = 40-bit...
Wireless Network Security
Wireless Network Security
 Initialization Vector IV
 Dynamic 24-bit value
 Chosen randomly by the transmitter wireless network
interface
 16.7 m...
Wireless Network Security
IV
RC4
key
IV encrypted packet
original unencrypted packet checksum
Wireless Network Security
Wireless Network Security
1. The station sends an authentication request to AP
2. AP sends challenge text to the station.
3. The station uses its co...
Wireless Network Security
Wireless Network Security
WEP encrypted networks can be cracked in 10 minutes
Goal is to collect enough IVs to be able t...
 New technique in 2002
 replacement of security flaws of WEP.
 Improved data encryption
 Strong user authentication
 ...
 Data is encrypted using the RC4 stream
cipher, with a 128-bit key and a 48-bit
initialization vector (IV).
 One major i...
 A more secure message authentication code
(usually known as a MAC, but here termed a MIC
for "Message Integrity Code") i...
Wireless Network Security
WEP WPA
ENCRYPTION RC4 RC4
KEY ROTATION NONE Dynamic Session Keys
KEY
DISTRIBUTION
Manually type...
1. It is easier to add or move workstations.
2. It is easier to provide connectivity in areas where it is difficult to lay...
1.As the number of computers using the network increases, the data
transfer rate to each computer will decrease accordingl...
1.Wireless LANs very useful and convenient, but current security state
not ideal for sensitive environments.
2.Cahners In-...
Thank You!
Wireless Network Security
Shashank wireless lans security
Upcoming SlideShare
Loading in …5
×

Shashank wireless lans security

524 views

Published on

Published in: Technology, Business
1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total views
524
On SlideShare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
20
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Shashank wireless lans security

  1. 1. 1. Wireless Introduction 2. Wireless network modes 3. SSID 4. WEP 5. WPA 6. Advantages 7. Disadvantage 8. Conclusion Wireless Network Security
  2. 2.  INTRO A Wireless LAN Links Two or more devices using some wireless distribution method and usually providing a connection through an access point to the wider internet.  IEEE 802 series standards 802.11 – wireless LANs (LAN) 802.15 – wireless personal area networks (e.g., Bluetooth) 802.16 – wireless broadband up to 155Mb Wireless Network Security
  3. 3.  802.11a – 54 Mbps@5 GHz  Not interoperable with 802.11b  Limited distance  Dual-mode APs require 2 chipsets, look like two APs to clients  Cisco products: Aironet 1200  802.11b – 11 Mbps@2.4 GHz  Full speed up to 300 feet  Coverage up to 1750 feet  Cisco products: Aironet 340, 350, 1100, 1200  802.11g – 54 Mbps@2.4 GHz  Same range as 802.11b  Backward-compatible with 802.11b  Speeds slower in dual-mode  Cisco products: Aironet 1100, 1200 Wireless Network Security
  4. 4.  The 802.11 wireless networks operate in two basic modes: 1. Infrastructure mode 2. Ad-hoc mode  Infrastructure mode:  each wireless client connects directly to a central device called Access Point (AP)  No direct connection between wireless clients  AP acts as a wireless hub that performs the connections and handles them between wireless clients Wireless Network Security
  5. 5.  The hub handles:  the clients’ authentication,  Authorization  link-level data security (access control and enabling data traffic encryption)  Ad-hoc mode:  Each wireless client connects directly with each other  No central device managing the connections  Rapid deployment of a temporal network where no infrastructures exist (advantage in case of disaster…)  Each node must maintain its proper authentication list Wireless Network Security
  6. 6.  Identifies a particular wireless network  A client must set the same SSID as the one in that particular AP Point to join the network  Without SSID, the client won’t be able to select and join a wireless network  Hiding SSID is not a security measure because the wireless network in this case is not invisible  It can be defeated by intruders by sniffing it from any probe signal containing it. Wireless Network Security
  7. 7.  The original native security mechanism for WLAN  provide security through a 802.11 network  Used to protect wireless communication from eavesdropping (confidentiality)  Prevent unauthorized access to a wireless network (access control)  Prevent tampering with transmitted messages  Provide users with the equivalent level of privacy inbuilt in wireless networks. Wireless Network Security
  8. 8. 1. Appends a 32-bit CRC checksum to each outgoing frame (INTEGRITY) 2. Encrypts the frame using RC4 stream cipher = 40-bit (standard) or 104-bit (Enhanced) message keys + a 24-bit IV random initialization vector (CONFIDENTIALITY). 3. The Initialization Vector (IV) and default key on the station access point are used to create a key stream 4. The key stream is then used to convert the plain text message into the WEP encrypted frame. Wireless Network Security
  9. 9. Wireless Network Security
  10. 10. Wireless Network Security
  11. 11.  Initialization Vector IV  Dynamic 24-bit value  Chosen randomly by the transmitter wireless network interface  16.7 million possible keys (224 )  Shared Secret Key  40 bits long (5 ASCII characters) when 64 bit key is used  104 bits long (13 ASCII characters) when 128 bit key is used   Wireless Network Security
  12. 12. Wireless Network Security IV RC4 key IV encrypted packet original unencrypted packet checksum
  13. 13. Wireless Network Security
  14. 14. Wireless Network Security
  15. 15. 1. The station sends an authentication request to AP 2. AP sends challenge text to the station. 3. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and it sends the latter to AP. 4. AP decrypts the encrypted text using its configured WEP key that corresponds to the station's default key. 5. AP compares the decrypted text with the original challenge text. 6. If the decrypted text matches the original challenge text, then the access point and the station share the same WEP key, and the access point authenticates the station. 7. The station connects to the network. Wireless Network Security
  16. 16. Wireless Network Security
  17. 17. Wireless Network Security WEP encrypted networks can be cracked in 10 minutes Goal is to collect enough IVs to be able to crack the key IV = Initialization Vector, plaintext appended to the key to avoid Repetition Injecting packets generates IVs
  18. 18.  New technique in 2002  replacement of security flaws of WEP.  Improved data encryption  Strong user authentication  Because of many attacks related to static key, WPA minimize shared secret key in accordance with the frame transmission. Wireless Network Security
  19. 19.  Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV).  One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.  When combined with the much larger IV, this defeats the well-known key recovery attacks on WEP.  WPA also provides vastly improved payload integrity. Wireless Network Security
  20. 20.  A more secure message authentication code (usually known as a MAC, but here termed a MIC for "Message Integrity Code") is used in WPA, an algorithm named "Michael".  The MIC used in WPA includes a frame counter, which prevents replay attacks being executed.  The Michael algorithm is a strong algorithm that would still work with most older network cards.  WPA includes a special countermeasure mechanism that detects an attempt to break TKIP and temporarily blocks communications with the attacker. Wireless Network Security
  21. 21. Wireless Network Security WEP WPA ENCRYPTION RC4 RC4 KEY ROTATION NONE Dynamic Session Keys KEY DISTRIBUTION Manually typed into each device Automatic distribution available AUTHENTICATI ON Uses WEP key as Authentication Can use 802.1x & EAP
  22. 22. 1. It is easier to add or move workstations. 2. It is easier to provide connectivity in areas where it is difficult to lay cable. 3. Installation is fast and easy, and it can eliminate the need to pull cable through walls and ceilings. 4. Access to the network can be from anywhere within range of an access point. 5.Portable or semi-permanent buildings can be connected using a WLAN. Wireless Network Security
  23. 23. 1.As the number of computers using the network increases, the data transfer rate to each computer will decrease accordingly. 2.Lower wireless bandwidth means some applications such as video streaming will be more effective on a wired LAN. 3.Security is more difficult to guarantee and requires configuration. 4.Devices will only operate at a limited distance from an access point, with the distance determined by the standard used and buildings and other obstacles between the access point and the user. Wireless Network Security
  24. 24. 1.Wireless LANs very useful and convenient, but current security state not ideal for sensitive environments. 2.Cahners In-Stat group predicts the market for wireless LANs will be $2.2 billion in 2004, up from $771 million in 2000. 3.Growing use and popularity require increased focus on security Wireless Network Security
  25. 25. Thank You! Wireless Network Security

×