Wireless Network Security
Wireless Security Overview
 concerns for wireless security are similar to those found in
a wired environment
 security requirements are the same:
 confidentiality, integrity, availability, authenticity,
accountability
 most significant source of risk is the underlying
communications medium
Wireless Networking Components
Endpoint
Access point
Figure 24.1 Wireless Networking Components
Wireless Network Threats
accidental
association
malicious
association
ad hoc
networks
nontraditional
networks
identity theft
(MAC
spoofing)
man-in-the
middle attacks
denial of
service (DoS)
network
injection
Securing Wireless Transmissions
 principal threats are eavesdropping, altering or inserting
messages, and disruption
 countermeasures for eavesdropping:
 signal-hiding techniques
 encryption
 the use of encryption and authentication protocols is the
standard method of countering attempts to alter or insert
transmissions
Securing Wireless Networks
 the main threat involving wireless access points is
unauthorized access to the network
 principal approach for preventing such access is the IEEE
802.1X standard for port-based network access control
 the standard provides an authentication mechanism for
devices wishing to attach to a LAN or wireless network
 use of 802.1X can prevent rogue access points and other
unauthorized devices from becoming insecure backdoors
Wireless Network Security
Techniques
use encryption
allow only specific
computers to
access your
wireless network
use anti-virus and
anti-spyware
software and a
firewall
change your
router’s pre-set
password for
administration
turn off identifier
broadcasting
change the
identifier on your
router from the
default
IEEE 802.11 Terminology
Wireless Fidelity
(Wi-Fi) Alliance
 802.11b
 first 802.11 standard to gain broad industry acceptance
 Wireless Ethernet Compatibility Alliance (WECA)
 industry consortium formed in 1999 to address the concern of products
from different vendors successfully interoperating
 later renamed the Wi-Fi Alliance
 term used for certified 802.11b products is Wi-Fi
 has been extended to 802.11g products
 Wi-Fi Protected Access (WPA)
 Wi-Fi Alliance certification procedures for IEEE802.11 security
standards
 WPA2 incorporates all of the features of the IEEE802.11i WLAN
security specification
IEEE 802 Protocol Architecture
General IEEE 802
functions
Logical Link
Control
Medium Access
Control
Physical
Specific IEEE 802.11
functions
Flow control
Error control
Assemble data
into frame
Addressing
Error detection
Medium access
Reliable data delivery
Wireless access control
protocols
Encoding/decoding
of signals
Bit transmission/
reception
Transmission medium
Frequency band
definition
Wireless signal
encoding
Figure 24.2 IEEE 802.11 Protocol Stack
General IEEE 802
MPDU Format
MAC
Control
Destination
MAC Address
Source
MAC Address
MAC Service Data Unit (MSDU)
MAC header
Figure 24.3 General IEEE 802 MPDU Format
CRC
MAC trailer
Distribution System
AP 2
AP 1
Basic Service
Set (BSS)
Basic Service
Set (BSS)
STA 1
STA 8
STA 2
STA4
STA 6
STA 3
Figure 24.4 IEEE 802.11 Extended Service Set
STA 7
IEEE
802.11
Extended
Service
Set
IEEE 802.11 Services
Distribution of Messages
Within a DS
 the two services involved with the distribution of
messages within a DS are:
 distribution
 integration
distribution
• the primary service used by stations to exchange MPDUs
when the MPDUs must traverse the DS to get from a station
in one BSS to a station in another BSS
integration
• enables transfer of data between a station on an IEEE 802.11
LAN and a station on an integrated IEEE 802x LAN
• service enables transfer of data between a station on an IEEE
802.11 LAN and a station on an integrated IEEE 802.x LAN
Association-Related Services
 transition types, based on mobility:
 no transition
 a station of this type is either stationary or moves only within
the direct communication range of the communicating stations
of a single BSS
 BSS transition
 station movement from one BSS to another BSS within the
same ESS; delivery of data to the station requires that the
addressing capability be able to recognize the new location of
the station
 ESS transition
 station movement from a BSS in one ESS to a BSS within
another ESS; maintenance of upper-layer connections
supported by 802.11 cannot be guaranteed
Services
association
• establishes an initial
association between a station
and an AP
reassociation
• enables an established
association to be
transferred from one AP to
another, allowing a mobile
station to move from one
BSS to another
disassociation
• a notification from either a station
or an AP that an existing
association is terminated
Wireless LAN Security
 Wired Equivalent Privacy (WEP) algorithm
 802.11 privacy – contained major weaknesses
 Wi-Fi Protected Access (WPA)
 set of security mechanisms that eliminates most 802.11
security issues and was based on the current state of the
802.11i standard
 Robust Security Network (RSN)
 final form of the 802.11i standard
 Wi-Fi Alliance certifies vendors in compliance with the full
802.11i specification under the WPA2 program
Services
Access Control
Authentication
and Key
Generation
Protocols
Robust Security Network (RSN)
IEEE 802.1
Port-based
Access Control
Extensible
Authentication
Protocol (EAP)
Confidentiality, Data
Origin Authentication
and Integrity and
Replay Protection
TKIP
CCMP
(a) Services and Protocols
Algorithms Services
Robust Security Network (RSN)
Confidentiality
TKIP
(RC4)
CCM
(AESCTR)
NIST
Key
Wrap
Integrity and
Data Origin
Authentication
TKIP
HMAC- HMAC(Michael
SHA-1
MD5
MIC)
Key
Generation
CCM
(AESCBCMAC)
HMACSHA-1
RFC
1750
(b) Cryptographic Algorithms
CBC-MAC
CCM
CCMP
TKIP
=
=
=
=
Cipher Block Block Chaining Message Authentication Code (MAC)
Counter Mode with Cipher Block Chaining Message Authentication Code
Counter Mode with Cipher Block Chaining MAC Protocol
Temporal Key Integrity Protocol
Figure 24.5 Elements of IEEE 802.11i
Elements
of
IEEE
802.11i
STA
AP
AS
End Station
IEEE
802.11i
Phase 1 - Discovery
Phase 2 - Authentication
Phase 3 - Key Management
Phase 4 - Protected Data Transfer
Phase 5 - Connection Termination
Figure 24.6 IEEE 802.11i Phases of Operation
Phases
of
Operation
STA
Station sends a request
to join network
AP
Probe request
Probe response
Station sends a
request to perform
null authentication
Station sends a request to
associate with AP with
security parameters
Open system
authentication request
Open system
authentication response
AS
AP sends possible
security parameter
(security capabilties set
per the security policy)
AP performs
null authentication
IEEE
802.11i
Association request
Association response
Station sets selected
security parameters
802.1X controlled port blocked
AP sends the associated
security parameters
802.1x EAP request
802.1x EAP response
Access request
(EAP request)
Extensible Authentication Protocol Exchange
Accept/EAP-success
key material
802.1x EAP success
802.1X controlled port blocked
Figure 24.7 IEEE 802.11i Phases of Operation:
Capability Discovery, Authentication, and Association
Phases
of
Operation
Uncontrolled
port
Authentication server
Access point
Station
Controlled
port
Controlled
port
To other
wireless stations
on this BSS
To DS
Figure 24.8 802.1X Access Control
802.1X
Access
Control
MPDU Exchange
 authentication phase consists of three phases:
 connect to AS
 the STA sends a request to its AP that it has an association with
for connection to the AS; the AP acknowledges this request and
sends an access request to the AS
 EAP exchange
 authenticates the STA and AS to each other
 secure key delivery
 once authentication is established, the AS generates a master
session key and sends it to the STA
IEEE
802.11i
Key
Hierarchies
IEEE
802.11i
Keys
for Data
Confidentiality
and Integrity
Protocols
STA
AP
AP’s 802.1X controlled port blocked
Message 1
EAPOL-key (Anonce, Unicast)
Message 2 delivers another nonce to the
AP so that it can also generate the
PTK. It demonstrates to the AP that
the STA is alive, ensures that the
PTK is fresh (new) and that there is no
man-in-the-middle
Message 4 serves as an acknowledgement to
Message 3. It serves no cryptographic
function. This message also ensures the
reliable start of the group key handshake.
Message 1 delivers a nonce to the STA
so that it can generate the PTK.
Message 2
EAPOL-key (Snonce,
Unicast, MIC)
Message 3
EAPOL-key (Install PTK,
Unicast, MIC)
Message 4
EAPOL-key (Unicast, MIC)
Message 3 demonstrates to the STA that
the authenticator is alive, ensures that the
PTK is fresh (new) and that there is no
man-in-the-middle.
AP’s 802.1X controlled port
unblocked for unicast traffic
The STA decrypts the GTK
and installs it for use.
Message 2 is delivered to the
AP. This frame serves only as
an acknowledgment to the AP.
Message 1
EAPOL-key (GTK, MIC)
Message 2
EAPOL-key (MIC)
Message 1 delivers a new GTK to
the STA. The GTK is encrypted
before it is sent and the entire
message is integrity protected
The AP installs the GTK.
Figure 24.10 IEEE 802.11i Phases of Operation:
Four-Way Handshake and Group Key Handshake
Phases of
Operation
Temporal Key Integrity Protocol
(TKIP)
 designed to require only software changes to devices that
are implemented with the older wireless LAN security
approach called WEP
 provides two
message
integrity
data
confidentiality
services:
adds a message
integrity code to
the 802.11 MAC
frame after the
data field
provided by
encrypting the
MPDU