SlideShare a Scribd company logo
 Efficient Denial of Service
 Forge arbitrary packets to client
 Decrypt traffic towards client
1
TKIP:WiFi security protocol
Why studyTKIP if a replacement already exist?
2
1999 2002 2004
WEP
Broken
WPA-TKIP
Acceptable
WPA-CCMP
(AES)
Secure
Detected 6803 networks
66% supportTKIP
19% support onlyTKIP
3
Need more arguments to killTKIP!
4
Beck &Tews Attack
>8 mins Key to calculate
integrity check
Forge 3 small
packets to client
NewAttack:
 Efficient Denial of Service
Improve & implement existing ideas to:
 Forge arbitrary packets
 Decrypt packets towards client
[M. Beck. EnhancedTKIP michael attacks.]
5
1. Add Message Integrity Check (MIC)
2. Encrypt using XOR stream cipher
3. Add Packet ID (#ID) to avoid replays
#ID MICData
Encrypted
How are packets sent/received?
6
1. Add Message Integrity Check (MIC)
2. Encrypt using XOR stream cipher
3. Add Packet ID (#ID) to avoid replays
#ID MICData
Encrypted
How are packets sent/received?
7
MIC key
Encryption key
8
#ID MICData
If decrypted, reveals MIC key.
If ( two MIC failures within a minute )
halt all traffic for 1 minute
Attack: Capture packet, change priority, replay.
9
#ID / prior. MICData
Encrypted
 Avoids replay detection
 Doesn’t affect decryption
 Changes expected MIC value
Attack: Capture packet, change priority, replay.
10
#ID / prior. MICData
Encrypted
Change
priority
 Avoids replay detection
 Doesn’t affect decryption
 Changes expected MIC value
Attack: Capture packet, change priority, replay.
11
#ID / prior. MICData
Encrypted
Change
priority
MIC Failure(s) Traffic halted for 1 minute
Beck &Tews attack can forge 3 packets.
Injecting more requires new keystreams:
12
Ciphertext PlaintextKeystream
 All packets start with
LLC header
 We predict these with
very high accuracy
Capture packets
with new #ID’s.
 LLC Header is only 12 bytes ….
 Combine them using fragmentation!
#ID1 Data1 #ID16 Data16 MIC
Data MIC
Data1 Data16 MICData2
 12 bytes/fragment: inject 120 bytes of data
Port Scanner:
1. Get MIC key using Beck &Tews attack
2. InjectTCP SYN packets
3. Detect SYN/ACK based on length
Remarks:
 High amount of packet injection proven!
 Also: DNS poisoning, DHCP spoofing, …
14
AP
Client
1. Sniff packet
2.
15
Attacker
Data MICPing req.
Sniffed packet
AP
Client
1. Sniff packet
2.
16
Attacker
Data MICPing req.
Sniffed packet
Magic
AP
Client
1. Sniff packet
2.
3. Reply incl. packet
External IP
17
Attacker
Data MICPing req.
Sniffed packet
Magic
 State1: initial state of every packet
 State2: state after processing prefix
 State3: equal to state1 due to magic bytes
 State4: equal to MIC of sniffed packet!
Data MICMagicPrefix
Sniffed packet
18
State4State3State2State1
Possible applications?
 Decrypt web responses:
 Web mail
 Bank details
 …
 DecryptTCP sequence number, hijack
connection and inject malware?
19
Integrity (MIC) not verified when fragmented:
AlfaAWUS036h Belkin F5D7053 Ralink U150BB
20
Attack time reduced
from >8 min to zero.
No replay protection:
AlfaAWUS036h Belkin F5D7053 Tomato 1.28
(AP firmware)
21
No need to generate
new keystreams!
Always accepts unencrypted packets:
AlfaAWUS036h Belkin F7D1102 ScarletVDSL
(AP of ISP in BE)
22
Game over, you lose!
AP
Client
Your IP!
23Attacker
TKIP is insecure!
 Efficient Denial of Service
 Forge any packet towards client
 Decrypt traffic towards client
24
25

More Related Content

What's hot

Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hacking
phanleson
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kali
n|u - The Open Security Community
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
Sahil Rai
 
Attacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksAttacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise Networks
Northeast Ohio Information Security Forum
 
Exploiting WiFi Security
Exploiting WiFi Security Exploiting WiFi Security
Exploiting WiFi Security
Hariraj Rathod
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hacking
Pranshu Pareek
 
Packet sniffing & ARP Poisoning
 Packet sniffing & ARP Poisoning  Packet sniffing & ARP Poisoning
Packet sniffing & ARP Poisoning
Viren Rao
 
T C P I P Weaknesses And Solutions
T C P I P Weaknesses And SolutionsT C P I P Weaknesses And Solutions
T C P I P Weaknesses And Solutions
eroglu
 
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC BerkeleyBarriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeley
joebeone
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
Anton Chuvakin
 
Mitm(man in the middle) ssl proxy attacks
Mitm(man in the middle) ssl proxy attacksMitm(man in the middle) ssl proxy attacks
Mitm(man in the middle) ssl proxy attacks
JaeYeoul Ahn
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
guestd05b31
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)
btpsec
 
Wpa3
Wpa3Wpa3
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacks
Security Session
 
Type of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleType of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 example
Himani Singh
 
Securing wireless network
Securing wireless networkSecuring wireless network
Securing wireless network
Syed Ubaid Ali Jafri
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
Tom Isaacson
 
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
ShortestPathFirst
 
Security problems in TCP/IP
Security problems in TCP/IPSecurity problems in TCP/IP
Security problems in TCP/IP
Sukh Sandhu
 

What's hot (20)

Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hacking
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kali
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
 
Attacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksAttacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise Networks
 
Exploiting WiFi Security
Exploiting WiFi Security Exploiting WiFi Security
Exploiting WiFi Security
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hacking
 
Packet sniffing & ARP Poisoning
 Packet sniffing & ARP Poisoning  Packet sniffing & ARP Poisoning
Packet sniffing & ARP Poisoning
 
T C P I P Weaknesses And Solutions
T C P I P Weaknesses And SolutionsT C P I P Weaknesses And Solutions
T C P I P Weaknesses And Solutions
 
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC BerkeleyBarriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeley
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
Mitm(man in the middle) ssl proxy attacks
Mitm(man in the middle) ssl proxy attacksMitm(man in the middle) ssl proxy attacks
Mitm(man in the middle) ssl proxy attacks
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)
 
Wpa3
Wpa3Wpa3
Wpa3
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacks
 
Type of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 exampleType of DDoS attacks with hping3 example
Type of DDoS attacks with hping3 example
 
Securing wireless network
Securing wireless networkSecuring wireless network
Securing wireless network
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
 
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
 
Security problems in TCP/IP
Security problems in TCP/IPSecurity problems in TCP/IP
Security problems in TCP/IP
 

Similar to Practical Verification of TKIP Vulnerabilities

802.11i
802.11i802.11i
802.11i
akruthi k
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
arpit.arp
 
M08 protecting your message data in IBM MQ with encryption
M08 protecting your message data in IBM MQ with encryptionM08 protecting your message data in IBM MQ with encryption
M08 protecting your message data in IBM MQ with encryption
Robert Parker
 
KRACK attack
KRACK attackKRACK attack
KRACK attack
VadimDavydov3
 
Fragattacks-Breaking-Wi-Fi-Through-Fragmentation-And-Aggregation.pdf
Fragattacks-Breaking-Wi-Fi-Through-Fragmentation-And-Aggregation.pdfFragattacks-Breaking-Wi-Fi-Through-Fragmentation-And-Aggregation.pdf
Fragattacks-Breaking-Wi-Fi-Through-Fragmentation-And-Aggregation.pdf
YuChianWu
 
IS Security Presentation
IS Security PresentationIS Security Presentation
IS Security Presentation
Renjith K P
 
Wi fi-security-the-details-matter
Wi fi-security-the-details-matterWi fi-security-the-details-matter
Wi fi-security-the-details-matter
DESMOND YUEN
 
Wired equivalent privacy by SecArmour
 Wired equivalent privacy by SecArmour Wired equivalent privacy by SecArmour
Wired equivalent privacy by SecArmour
Sec Armour
 
Isys20261 lecture 07
Isys20261 lecture 07Isys20261 lecture 07
Isys20261 lecture 07
Wiliam Ferraciolli
 
Cys Report Krack Attack Threat Briefing
Cys Report Krack Attack Threat BriefingCys Report Krack Attack Threat Briefing
Cys Report Krack Attack Threat Briefing
Debra Baker, CISSP CSSP
 
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
Aaron Zauner
 
WPA2
WPA2WPA2
Net
NetNet
Caffe Latte Attack
Caffe Latte AttackCaffe Latte Attack
Caffe Latte Attack
AirTight Networks
 
Caffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconCaffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In Toorcon
Md Sohail Ahmad
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
mark scott
 
Do-it-Yourself Spy Program: Abusing Apple’s Call Relay Protocol
Do-it-Yourself Spy Program: Abusing Apple’s Call Relay ProtocolDo-it-Yourself Spy Program: Abusing Apple’s Call Relay Protocol
Do-it-Yourself Spy Program: Abusing Apple’s Call Relay Protocol
Martin Vigo
 
Preventing Autonomous System against IP Source Address Spoofing: (PASIPS) A N...
Preventing Autonomous System against IP Source Address Spoofing: (PASIPS) A N...Preventing Autonomous System against IP Source Address Spoofing: (PASIPS) A N...
Preventing Autonomous System against IP Source Address Spoofing: (PASIPS) A N...
IDES Editor
 
ip spoofing
ip spoofingip spoofing
ip spoofing
vipin soni
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
Shah Sheikh
 

Similar to Practical Verification of TKIP Vulnerabilities (20)

802.11i
802.11i802.11i
802.11i
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
 
M08 protecting your message data in IBM MQ with encryption
M08 protecting your message data in IBM MQ with encryptionM08 protecting your message data in IBM MQ with encryption
M08 protecting your message data in IBM MQ with encryption
 
KRACK attack
KRACK attackKRACK attack
KRACK attack
 
Fragattacks-Breaking-Wi-Fi-Through-Fragmentation-And-Aggregation.pdf
Fragattacks-Breaking-Wi-Fi-Through-Fragmentation-And-Aggregation.pdfFragattacks-Breaking-Wi-Fi-Through-Fragmentation-And-Aggregation.pdf
Fragattacks-Breaking-Wi-Fi-Through-Fragmentation-And-Aggregation.pdf
 
IS Security Presentation
IS Security PresentationIS Security Presentation
IS Security Presentation
 
Wi fi-security-the-details-matter
Wi fi-security-the-details-matterWi fi-security-the-details-matter
Wi fi-security-the-details-matter
 
Wired equivalent privacy by SecArmour
 Wired equivalent privacy by SecArmour Wired equivalent privacy by SecArmour
Wired equivalent privacy by SecArmour
 
Isys20261 lecture 07
Isys20261 lecture 07Isys20261 lecture 07
Isys20261 lecture 07
 
Cys Report Krack Attack Threat Briefing
Cys Report Krack Attack Threat BriefingCys Report Krack Attack Threat Briefing
Cys Report Krack Attack Threat Briefing
 
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
[BlackHat USA 2016] Nonce-Disrespecting Adversaries: Practical Forgery Attack...
 
WPA2
WPA2WPA2
WPA2
 
Net
NetNet
Net
 
Caffe Latte Attack
Caffe Latte AttackCaffe Latte Attack
Caffe Latte Attack
 
Caffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconCaffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In Toorcon
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
 
Do-it-Yourself Spy Program: Abusing Apple’s Call Relay Protocol
Do-it-Yourself Spy Program: Abusing Apple’s Call Relay ProtocolDo-it-Yourself Spy Program: Abusing Apple’s Call Relay Protocol
Do-it-Yourself Spy Program: Abusing Apple’s Call Relay Protocol
 
Preventing Autonomous System against IP Source Address Spoofing: (PASIPS) A N...
Preventing Autonomous System against IP Source Address Spoofing: (PASIPS) A N...Preventing Autonomous System against IP Source Address Spoofing: (PASIPS) A N...
Preventing Autonomous System against IP Source Address Spoofing: (PASIPS) A N...
 
ip spoofing
ip spoofingip spoofing
ip spoofing
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 

Recently uploaded

Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
Safe Software
 
Password Rotation in 2024 is still Relevant
Password Rotation in 2024 is still RelevantPassword Rotation in 2024 is still Relevant
Password Rotation in 2024 is still Relevant
Bert Blevins
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Networks
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
HackersList
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Muhammad Ali
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
bhumivarma35300
 
The Evolution of Remote Server Management
The Evolution of Remote Server ManagementThe Evolution of Remote Server Management
The Evolution of Remote Server Management
Bert Blevins
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
Kief Morris
 
How to build a generative AI solution A step-by-step guide (2).pdf
How to build a generative AI solution A step-by-step guide (2).pdfHow to build a generative AI solution A step-by-step guide (2).pdf
How to build a generative AI solution A step-by-step guide (2).pdf
ChristopherTHyatt
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...
Bert Blevins
 
DealBook of Ukraine: 2024 edition
DealBook of Ukraine: 2024 editionDealBook of Ukraine: 2024 edition
DealBook of Ukraine: 2024 edition
Yevgen Sysoyev
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
Adam Dunkels
 
Pigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending PlantPigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending Plant
LINUS PROJECTS (INDIA)
 
Comparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdfComparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdf
Andrey Yasko
 
Calgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptxCalgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptx
ishalveerrandhawa1
 
The Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdfThe Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdf
paysquare consultancy
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
Shiv Technolabs
 

Recently uploaded (20)

Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
 
Password Rotation in 2024 is still Relevant
Password Rotation in 2024 is still RelevantPassword Rotation in 2024 is still Relevant
Password Rotation in 2024 is still Relevant
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
 
The Evolution of Remote Server Management
The Evolution of Remote Server ManagementThe Evolution of Remote Server Management
The Evolution of Remote Server Management
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
 
How to build a generative AI solution A step-by-step guide (2).pdf
How to build a generative AI solution A step-by-step guide (2).pdfHow to build a generative AI solution A step-by-step guide (2).pdf
How to build a generative AI solution A step-by-step guide (2).pdf
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
 
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...
 
DealBook of Ukraine: 2024 edition
DealBook of Ukraine: 2024 editionDealBook of Ukraine: 2024 edition
DealBook of Ukraine: 2024 edition
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
 
Pigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending PlantPigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending Plant
 
Comparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdfComparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdf
 
Calgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptxCalgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptx
 
The Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdfThe Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdf
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
 

Practical Verification of TKIP Vulnerabilities

  • 1.  Efficient Denial of Service  Forge arbitrary packets to client  Decrypt traffic towards client 1 TKIP:WiFi security protocol
  • 2. Why studyTKIP if a replacement already exist? 2 1999 2002 2004 WEP Broken WPA-TKIP Acceptable WPA-CCMP (AES) Secure
  • 3. Detected 6803 networks 66% supportTKIP 19% support onlyTKIP 3 Need more arguments to killTKIP!
  • 4. 4 Beck &Tews Attack >8 mins Key to calculate integrity check Forge 3 small packets to client
  • 5. NewAttack:  Efficient Denial of Service Improve & implement existing ideas to:  Forge arbitrary packets  Decrypt packets towards client [M. Beck. EnhancedTKIP michael attacks.] 5
  • 6. 1. Add Message Integrity Check (MIC) 2. Encrypt using XOR stream cipher 3. Add Packet ID (#ID) to avoid replays #ID MICData Encrypted How are packets sent/received? 6
  • 7. 1. Add Message Integrity Check (MIC) 2. Encrypt using XOR stream cipher 3. Add Packet ID (#ID) to avoid replays #ID MICData Encrypted How are packets sent/received? 7 MIC key Encryption key
  • 8. 8 #ID MICData If decrypted, reveals MIC key. If ( two MIC failures within a minute ) halt all traffic for 1 minute
  • 9. Attack: Capture packet, change priority, replay. 9 #ID / prior. MICData Encrypted
  • 10.  Avoids replay detection  Doesn’t affect decryption  Changes expected MIC value Attack: Capture packet, change priority, replay. 10 #ID / prior. MICData Encrypted Change priority
  • 11.  Avoids replay detection  Doesn’t affect decryption  Changes expected MIC value Attack: Capture packet, change priority, replay. 11 #ID / prior. MICData Encrypted Change priority MIC Failure(s) Traffic halted for 1 minute
  • 12. Beck &Tews attack can forge 3 packets. Injecting more requires new keystreams: 12 Ciphertext PlaintextKeystream  All packets start with LLC header  We predict these with very high accuracy Capture packets with new #ID’s.
  • 13.  LLC Header is only 12 bytes ….  Combine them using fragmentation! #ID1 Data1 #ID16 Data16 MIC Data MIC Data1 Data16 MICData2  12 bytes/fragment: inject 120 bytes of data
  • 14. Port Scanner: 1. Get MIC key using Beck &Tews attack 2. InjectTCP SYN packets 3. Detect SYN/ACK based on length Remarks:  High amount of packet injection proven!  Also: DNS poisoning, DHCP spoofing, … 14
  • 15. AP Client 1. Sniff packet 2. 15 Attacker Data MICPing req. Sniffed packet
  • 16. AP Client 1. Sniff packet 2. 16 Attacker Data MICPing req. Sniffed packet Magic
  • 17. AP Client 1. Sniff packet 2. 3. Reply incl. packet External IP 17 Attacker Data MICPing req. Sniffed packet Magic
  • 18.  State1: initial state of every packet  State2: state after processing prefix  State3: equal to state1 due to magic bytes  State4: equal to MIC of sniffed packet! Data MICMagicPrefix Sniffed packet 18 State4State3State2State1
  • 19. Possible applications?  Decrypt web responses:  Web mail  Bank details  …  DecryptTCP sequence number, hijack connection and inject malware? 19
  • 20. Integrity (MIC) not verified when fragmented: AlfaAWUS036h Belkin F5D7053 Ralink U150BB 20 Attack time reduced from >8 min to zero.
  • 21. No replay protection: AlfaAWUS036h Belkin F5D7053 Tomato 1.28 (AP firmware) 21 No need to generate new keystreams!
  • 22. Always accepts unencrypted packets: AlfaAWUS036h Belkin F7D1102 ScarletVDSL (AP of ISP in BE) 22 Game over, you lose!
  • 24. TKIP is insecure!  Efficient Denial of Service  Forge any packet towards client  Decrypt traffic towards client 24
  • 25. 25