Wi-Fi Security
Prepaired By:
Virendra Singh Thakur
GTU PG School, Ahmeadabad
 Originally, Wi-Fi was a marketing term. The Wi-Fi
certified logo means that the product has passed
interoperability test...
Wireless networks are usually based on the IEEE 802.11
standards.
a. IEEE 802 series standards
a. 802.11 – wireless LANs
b...
CONTD…
a. 802.11b – 11 Mbps@2.4 GHz
a. Full speed up to 300 feet
b. Coverage up to 1750 feet
c. Cisco products: Aironet 34...
• 802.11e – QoS
• Dubbed “Wireless MultiMedia (WMM)” by Wi-Fi Alliance
• 802.11i – Security
• Adds AES encryption
• Requir...
CONTD…
a. 802.11n –(2009)
a. up to 300Mbps
b. 5Ghz and/or 2.4Ghz
c. ~230ft range
b. 802.11ac – (under development)
a. Will...
WIRELESS NETWORK MODES
• The 802.11 wireless networks operate in two basic
modes:
• Infrastructure mode
• Ad-hoc mode
• In...
CONTD..
• Ad-hoc mode:
• Each wireless client connects directly with each other
• No central device managing the connectio...
Wi-Fi Security Techniques
• Wired Equivalent Privacy (WEP)
• Wireless Protected Access (WPA)
• Wireless Protected Access2 ...
WIRED EQUIVALENT PRIVACY (WEP)
• Short for Wired Equivalent Privacy, a security protocol for
wireless local area networks ...
1.Appends a 32-bit CRC checksum to each outgoing frame (INTEGRITY)
2.Encrypts the frame using RC4 stream cipher = 40-bit (...
Wired Equivalent Privacy (WEP) Contd..
• Short for Wi-Fi Protected Access, a Wi-Fi standard that was
designed to improve upon the security features of WEP. The
t...
New technique in 2002
replacement of security flaws of WEP.
Improved data encryption
Strong user authentication
Becau...
Data is encrypted using the RC4 stream cipher, with a 128-bit key and
a 48-bit initialization vector (IV).
One major imp...
WPA2 - WI-FI PROTECTED ACCESS 2
• Based on the IEEE 802.i standard
• 2 versions: Personal & Enterprise
• The primary enhan...
WPA2 - WI-FI PROTECTED ACCESS 2
WPA uses AES with a key length of 128 bit to encrypt the data
The AES uses the Counter-M...
• WPA2 has immunity against many types of hacker attacks
• Man-in-the middle
• Authentication forging
• Replay
• Key colli...
WEP VS WPA VS WPA2
WEP WPA WPA2
ENCRYPTION RC4 RC4 AES
KEY ROTATION NONE Dynamic
Session Keys
Dynamic Session
Keys
KEY
DIS...
Thank you
Upcoming SlideShare
Loading in …5
×

Wi fi security

1,208 views

Published on

Wi fi security

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,208
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
62
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Wi fi security

  1. 1. Wi-Fi Security Prepaired By: Virendra Singh Thakur GTU PG School, Ahmeadabad
  2. 2.  Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests Currently Wi-Fi means wireless networks in general WHAT IS WIFI ?
  3. 3. Wireless networks are usually based on the IEEE 802.11 standards. a. IEEE 802 series standards a. 802.11 – wireless LANs b. 802.15 – wireless personal area networks (e.g., Bluetooth) c. 802.16 – wireless broadband up to 155Mb, wireless ISPs b. 802.11a – 54 Mbps@5 GHz a. Not interoperable with 802.11b b. Limited distance c. Dual-mode APs require 2 chipsets, look like two APs to clients d. Cisco products: Aironet 1200
  4. 4. CONTD… a. 802.11b – 11 Mbps@2.4 GHz a. Full speed up to 300 feet b. Coverage up to 1750 feet c. Cisco products: Aironet 340, 350, 1100, 1200 b. 802.11g – 54 Mbps@2.4 GHz a. Same range as 802.11b b. Backward-compatible with 802.11b c. Speeds slower in dual-mode d. Cisco products: Aironet 1100, 1200
  5. 5. • 802.11e – QoS • Dubbed “Wireless MultiMedia (WMM)” by Wi-Fi Alliance • 802.11i – Security • Adds AES encryption • Requires high cpu, new chips required • TKIP is interim solution. IEEE 802.11 standards. (Contd..)
  6. 6. CONTD… a. 802.11n –(2009) a. up to 300Mbps b. 5Ghz and/or 2.4Ghz c. ~230ft range b. 802.11ac – (under development) a. Will provide high through put in the 5 GHz band b. Will use wider RF bandwidth c. will enable multi-station WLAN throughput of at least 1 Gbps d. a maximum single link throughput of at least 500 Mbps
  7. 7. WIRELESS NETWORK MODES • The 802.11 wireless networks operate in two basic modes: • Infrastructure mode • Ad-hoc mode • Infrastructure mode: • each wireless client connects directly to a central device called Access Point (AP) • no direct connection between wireless clients • AP acts as a wireless hub that performs the connections and handles them between wireless clients
  8. 8. CONTD.. • Ad-hoc mode: • Each wireless client connects directly with each other • No central device managing the connections • Rapid deployment of a temporal network where no infrastructures exist (advantage in case of disaster…) • Each node must maintain its proper authentication list.
  9. 9. Wi-Fi Security Techniques • Wired Equivalent Privacy (WEP) • Wireless Protected Access (WPA) • Wireless Protected Access2 (WPA2)
  10. 10. WIRED EQUIVALENT PRIVACY (WEP) • Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard. WEP is designed to provide the same level of security as that of a wired LAN. • WEP aims to provide security by encrypting data over radio waves so that it is protected as it is transmitted from one end point to another. However, it has been found that WEP is not as secure as once believed. WEP is used at the two lowest layers of the OSI model - the data link and physical layers; it therefore does not offer end-to-end security.
  11. 11. 1.Appends a 32-bit CRC checksum to each outgoing frame (INTEGRITY) 2.Encrypts the frame using RC4 stream cipher = 40-bit (standard) or 104-bit (Enhanced) message keys + a 24-bit IV random initialization vector (CONFIDENTIALITY). 3.The Initialization Vector (IV) and default key on the station access point are used to create a key stream 4.The key stream is then used to convert the plain text message into the WEP encrypted frame. Wired Equivalent Privacy (WEP) Contd..
  12. 12. Wired Equivalent Privacy (WEP) Contd..
  13. 13. • Short for Wi-Fi Protected Access, a Wi-Fi standard that was designed to improve upon the security features of WEP. The technology is designed to work with existing Wi-Fi products that have been enabled with WEP (i.e., as a software upgrade to existing hardware), but the technology includes two improvements over WEP: WPA - WI-FI PROTECTED ACCESS
  14. 14. New technique in 2002 replacement of security flaws of WEP. Improved data encryption Strong user authentication Because of many attacks related to static key, WPA minimize shared secret key in accordance with the frame transmission. Use the RC4 algorithm in a proper way and provide fast transfer of the data before someone can decrypt the data. WPA - WI-FI PROTECTED ACCESS
  15. 15. Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used. When combined with the much larger IV, this defeats the well-known key recovery attacks on WEP. WPA also provides vastly improved payload integrity. WPA - WI-FI PROTECTED ACCESS
  16. 16. WPA2 - WI-FI PROTECTED ACCESS 2 • Based on the IEEE 802.i standard • 2 versions: Personal & Enterprise • The primary enhancement over WPA is the use of the AES (Advanced Encryption Standard) algorithm • The encryption in WPA2 is done by utilizing either AES or TKIP • The Personal mode uses a PSK (Pre-shared key) & does not require a separate authentication of users • The enterprise mode requires the users to be separately authenticated by using the EAP protocol
  17. 17. WPA2 - WI-FI PROTECTED ACCESS 2 WPA uses AES with a key length of 128 bit to encrypt the data The AES uses the Counter-Mode/CBC-MAC Protocol (CCMP) The CCMP uses the same key for both encryption and authentication, but with different initialization vectors.
  18. 18. • WPA2 has immunity against many types of hacker attacks • Man-in-the middle • Authentication forging • Replay • Key collision • Weak keys • Packet forging • Dictionary attacks WPA2 - WI-FI PROTECTED ACCESS 2
  19. 19. WEP VS WPA VS WPA2 WEP WPA WPA2 ENCRYPTION RC4 RC4 AES KEY ROTATION NONE Dynamic Session Keys Dynamic Session Keys KEY DISTRIBUTION Manually typed into each device Automatic distribution available Automatic distribution available AUTHENTICATION Uses WEP key as Authentication Can use 802.1x & EAP Can use 802.1x & EAP
  20. 20. Thank you

×