Catur Iswahyudi
1
2

Wired Equivalent Privacy (WEP)
◦ first security protocol defined in 802.11

Wi-Fi Protected Access (WPA)
◦ defined by Wi-Fi Alliance


WPA2
802.11i
3

In the early 1980s, the IEEE began work on
developing computer network architecture
standards
◦ This work was called Project 802

In 1990, the IEEE formed a committee to
develop a standard for WLANs (Wireless Local
Area Networks)
◦ At that time WLANs operated at a speed of 1 to 2
million bits per second (Mbps)
4


In 1997, the IEEE approved the IEEE 802.11
WLAN standard
Revisions
◦
◦
◦
◦
IEEE
IEEE
IEEE
IEEE
802.11a
802.11b
802.11g
802.11n
5






Speeds of upto 54 Mb/s
Operating Range: 10-100m indoors, 300m
outdoors
Power Output Limited to 1 Watt in U.S.
Frequency Hopping (FHSS), Direct Sequence
& Infrared (IrDA)
(– Networks are NOT compatible with each
other)
Uses unlicensed 2.4/5 GHz band (2.4022.480 ,5 GHz)
Provide wireless Ethernet for wired networks
Modes of Operation
 Ad Hoc mode (Independent Basic Service Set IBSS)
 Infrastructure mode (Basic Service Set - BSS)
Client A
Client B
Client C
Laptop users wishing to share files could set up an ad-hoc
network using 802.11 compatible NICs and share files
without need for external media.
In this mode the clients communicate via a central station
called Access Point (AP) which acts as an ethernet bridge and
forwards the communication onto the appropriate network,
either the wired or the wireless network.
Client A
Client B
Access point
There is no physical link between the nodes of a wireless network, the
nodes transmit over the air and hence anyone within the radio range can
eavesdrop on the communication. So conventional security measures that
apply to a wired network do not work in this case.
Internal network
protected
Wireless
Access Point
Valid User Access Only




The three basic security services defined by IEEE for the WLAN
environment are as follows:
Authentication—A primary goal of WEP was to provide a security
service to verify the identity of communicating client stations. This
provides access control to the network by denying access to client
stations that cannot authenticate properly. This service addresses
the question, “Are only authorized persons allowed to gain access
to my network?”
Confidentiality—Confidentiality, or privacy, was a second goal of
WEP. It was developed to provide “privacy achieved by a wired
network.” The intent was to prevent information compromise from
casual eavesdropping (passive attack). This service, in general,
addresses the question, “Are only authorized persons allowed to
view my data?”
Integrity—Another goal of WEP was a security service developed to
ensure that messages are not modified in transit between the
wireless clients and the access point in an active attack. This
service addresses the question, “Is the data coming into or exiting
the network trustworthy—has it been tampered with?”


The IEEE 802.11 specification defines two means to “validate”
wireless users attempting to gain access to a wired network: opensystem authentication and shared-key authentication.
One means, shared-key authentication, is based on Cryptography, and the
other is not. The open-system authentication technique is not truly
authentication; the access point accepts the mobile station without verifying
the identity of the station. It should be noted also that the authentication is
only one-way: only the mobile station is authenticated. The mobile station
must trust that it is communicating to a real AP.

The 802.11 standard supports privacy (confidentiality)
through the use of cryptographic techniques for the wireless
interface. The WEP cryptographic technique for confidentiality
also uses the RC4 symmetric key, stream cipher algorithm to
generate a pseudo-random data sequence.

The IEEE 802.11 specification also outlines a means to provide data
integrity for messages transmitted between wireless clients and
access points. This security service was designed to reject any
messages that had been changed by an active adversary “in the
middle.” This technique uses a simple encrypted Cyclic Redundancy
Check (CRC) approach.

Network security attacks are typically divided into passive and
active attacks. These two broad classes are then subdivided
into other types of attacks.



Passive Attack—An attack in which an unauthorized party
gains access to an asset and does not modify its content (i.e.,
eavesdropping). Passive attacks can be either eavesdropping
or traffic analysis (sometimes called traffic flow analysis).
These two passive attacks are described below.
Eavesdropping—The attacker monitors transmissions for
message content. An example of this attack is a person
listening into the transmissions on a LAN between two
workstations or tuning into transmissions between a wireless
handset and a base station.
Traffic analysis—The attacker, in a more subtle way, gains
intelligence by monitoring the transmissions for patterns of
communication. A considerable amount of information is
contained in the flow of messages between communicating
parties.





Active Attack—An attack whereby an unauthorized party
makes modifications to a message, data stream, or file. It is
possible to detect this type of attack but it may not be
preventable. Active attacks may take the form of one of four
types (or combination thereof): masquerading, replay,
message modification, and denial-of-service (DoS).
Masquerading—The attacker impersonates an authorized user
and thereby gains certain unauthorized privileges.
Replay—The attacker monitors transmissions (passive attack)
and retransmits messages as the legitimate user.
Message modification—The attacker alters a legitimate
message by deleting, adding to, changing, or reordering it.
Denial-of-service—The attacker prevents or prohibits the
normal use or management of communications facilities.



Technical countermeasures involve the use of
hardware and software solutions to help secure
the wireless environment.
Software countermeasures include proper AP
configurations (i.e., the operational and security
settings on an AP), software patches and
upgrades, authentication, intrusion detection
systems (IDS), and encryption.
Hardware solutions include smart cards, VPNs,
public key infrastructure (PKI), and biometrics. It
should be noted that hardware solutions, which
generally have software components, are listed
simply as hardware solutions.


The IEEE 802.11 specification identified several services to
provide a secure operating environment. The security services
are provided largely by the Wired Equivalent Privacy (WEP)
protocol to protect link-level data during wireless
transmission between clients and access points.
WEP does not provide end-to-end security, but only for the
wireless portion of the connection






Wireless security is a huge headache in IT
Wireless security widely misunderstood
Wireless security is everyone’s problem even
if you don’t “think” you have a WLAN
Banning WLANs often result in “improvised”
home grown solutions
Wireless LANs can be secured
Wireless security applicable elsewhere in IT



Wireless security is NOT an oxymoron
Less dangerous than having an Internet
connection direct or indirect
Attacks from the Internet can come from
anywhere on the entire globe
◦ Web/FTP/Mail/DNS Servers
◦ Back doors R00TK1T5 that can dial home

Attacks on Wireless LANs are limited to a
couple of kilometers
MAC “authentication”
 SSID “hiding”
 LEAP authentication
 Disabling DHCP
 Antenna placement and signal suppression
 Switch to 802.11a or Bluetooth Wireless LANs
______________________________________
 Dishonorable mention: WEP



Access is controlled by limiting a device’s
access to the access point (AP)
Only devices that are authorized can connect
to the AP
◦ One way: Media Access Control (MAC) address
filtering
◦ CCSF uses this technique (unfortunately)
◦ See www.ccsf.edu/wifi
24
25
26


Usually implemented by permitting instead of
preventing
CCSF does this
www.ccsf.edu/wifi
27

MAC addresses are transmitted in the clear
◦ An attacker can just sniff for MACs


Managing a large number of MAC addresses
is difficult
MAC address filtering does not provide a
means to temporarily allow a guest user to
access the network
◦ Other than manually entering the user’s MAC
address into the access point
28



Designed to ensure that only authorized
parties can view transmitted wireless
information
Uses encryption to protect traffic
WEP was designed to be:
◦ Efficient and reasonably strong
29
29


WEP secret keys can be 64 or 128 bits long
The AP and devices can hold up to four
shared secret keys
◦ One of which must be designated as the default key
30
31
32




When a node has a packet to send, it first
generates CRC for this packet as an integrity
check value (ICV).
Generates an IV; concatenates it with the
secret key; applies RC4 to create RC4 key
stream.
Performs XOR operation on the above two
streams, byte by byte, to produce ciphertext.
Appends the IV to the ciphertext and
transmits to the receiver.
33
34
35




IV is 24-bit long  224 choices.
The probability of choosing the same IV
value is more than 99% after only 12,00
frames.
Only a few seconds elapse with 11Mbps and
1KByte frame size.
IV values are sent in plain text  attackers
can detect a duplicate value and re-use past
keys.
36


Before a computer can connect to a WLAN, it
must be authenticated
Types of authentication in 802.11
◦ Open system authentication
 Lets everyone in
◦ Shared key authentication
 Only lets computers in if they know the shared key
37
38
39

Authentication is first carried out via
◦ open system authentication, or
◦ shared key authentication

Data packets are then encrypted using the WEP
encryption process described above. Each packet
requires a new IV.
40


Static WEP keys (no periodic updates)
High frequency of repeating the same IV
◦ IVs are only 24-bit long
◦ Packets can be replayed to force the access point to
pump out IVs.

CRC is weak in integrity check.
◦ An attacker can flip a bit in the encrypted data and
then change the CRC as well.

Authentication is too simple.
41
42

Wireless Ethernet Compatibility Alliance
(WECA)
◦ A consortium of wireless equipment
manufacturers and software providers

WECA goals:
◦ To encourage wireless manufacturers to use the
IEEE 802.11 technologies
◦ To promote and market these technologies
◦ To test and certify that wireless products adhere
to the IEEE 802.11 standards to ensure product
interoperability
43


In 2002, the WECA organization changed its
name to Wi-Fi (Wireless Fidelity) Alliance
In October 2003 the Wi-Fi Alliance
introduced Wi-Fi Protected Access (WPA)
◦ WPA had the design goal to protect both present
and future wireless devices, addresses both
wireless authentication and encryption

PSK or 802.11X addresses authentication
and TKIP addresses encryption
44



Key size increased to 128 bits
Larger IVs: 48-bit long
Changing security keys through Temporary
Key Integrity Protocol (TKIP)
◦ Encryption keys are changed (based on a master
key) after a certain number of packets have been
sent.
◦ An IV is mixed with data (not concatenate).

Ciphering scheme is the same as WEP
◦ compatible with old wireless LAN cards
45


WPA uses a new message integrity check
scheme called Michael, replacing the CRC
function in WEP.
A frame counter is added to Michael to avoid
replay or forgery attack.
46


Purpose: to upgrade WEP systems to be
secure
TKIP uses RC4 as WEP
◦ Addresses WEP’s known exposures
◦ Changes the temporal keys every 10000 packets
48
49
Two options:
 PSK (inexpensive, home/personal networking)
 802.11X (expensive, enterprise networking)
50

Pre-shared key (PSK) authentication
◦ Uses a passphrase to generate the encryption key

Key must be entered into both the access point
and all wireless devices
◦ Prior to the devices communicating with the AP

The PSK is not used for encryption
◦ Instead, it serves as the starting point (seed) for
mathematically generating the encryption keys


Results in a pair-wise master key (PMK)
Followed by a 4-way handshake to handle key
management and distribution, which uses the
PMK to generate a pair-wise transient key (PTK).
51
52

A PSK is a 64-bit hexadecimal number
◦ Usually generated from a passphrase
 Consisting of letters, digits, punctuation, etc. that is
between 8 and 63 characters in length

If the passphrase is a common word, it can be
found with a dictionary attack
53


People may send the key by e-mail or another
insecure method
Changing the PSK key is difficult
◦ Must type new key on every wireless device and on
all access points
◦ In order to allow a guest user to have access to a
PSK WLAN, the key must be given to that guest
54

Three components:
◦ Remote authentication dial-in user service (RADIUS)
◦ authenticator (access point)
◦ supplicant (client)



Uses EAP authentication framework
◦ EAP-PSK, EAP-TLS, EAP-TTLS, EAP-MD5
Results in a pair-wise master key (PMK)
Followed by a 4-way handshake to handle
key management and distribution, which uses
the PMK to generate a pair-wise transient key
(PTK).
55
• AS verifies client’s digital signature
using client’s public key got from
client’s certificate Certclient
• Get random number p by decrypting
with its private key
• Client calculates H(c,s,p),
compares it with the value sent by As
56

57
58
59
60

Wi-Fi Protected Access 2 (WPA2)
◦
◦
◦
◦
Introduced by the Wi-Fi Alliance in September 2004
The second generation of WPA security
Still uses PSK (Pre-Shared Key) authentication
But instead of TKIP encryption it uses a stronger
data encryption method called AES-CCMP
AES: Advanced Encryption Standard
CCMP: Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol
61

PSK Authentication
◦ Intended for personal and small office home office
users who do not have advanced server capabilities
◦ PSK keys are automatically changed and
authenticated between devices after a specified
period of time known as the rekey interval
62

AES-CCMP Encryption
◦ Encryption under the WPA2 personal security model
is accomplished by AES-CCMP
◦ This encryption is so complex that it requires
special hardware to be added to the access points
to perform it
63
64



The most secure method
Authentication uses IEEE 802.1x
Encryption is AES-CCMP
65
66


A superset of all WLAN security mechanisms
including WEP, WPA and WPA2.
PSK (personal) or 802.11X (enterprise) is used
for authentication and key management.
67
Captive Portal
 Infrastruktur Captive Portal awalnya dirancang
untuk keperluan komunitas yang memungkinkan
semua orang dapat terhubung (open network).
Captive portal sebenarnya merupakan mesin router
atau gateway yang memproteksi atau tidak
mengizinkan adanya trafik hingga user melakukan
registrasi/otentikasi




Radius server adalah server Remote Authentikasi Dial-in Service
(RADIUS), sebuah protokol keamanan jaringan komputer berbasis
server yang sering digunakan untuk melakukan authentikasi dan
otorisasi serta pendaftaran akun (account) pengguna secara
terpusat untuk mengakses jaringan yang aman.
Radius server bertugas untuk menangani AAA (Authentication,
Authorization, Accounting). Intinya bisa menangani otentikasi
user, otorisasi untuk servis2, dan penghitungan nilai servis
(billing) yang digunakan user.
Radius server bisa dibedakan menjadi 2 : internal mikrotik dan
eksternal
Hotspot bisa menggunakan internal radius mikrotik, bisa juga
menggunakan eksternal. Jika tidak bisa mengautentikasi pada
lokal database mikrotik, jika telah dispesifikasikan, maka
hotspot mikrotik bisa mencari pada radius eksternal.

See more :
◦ http://www.nadasumbang.com/apa-itu-radius-server/
◦ http://www.nadasumbang.com/setting-hotspot-mikrotik/
◦ http://www.nadasumbang.com/setting-radius-dan-hotspot-mikrotik/




Security+ Guide to Network Security
Fundamentals
http://hackingsecuritytools.blogspot.com
http://hackwithkali-linux.blogspot.in
http://hackers.university/free-wifipassword-hack-tool/
72