Slide 1OutlineCharacterizing Wireless NetworksSlide 4Slide 5Advantages to Infrastructure ModeWireless NetworksSlide 8Slide 9802.1X architecture overview802.1x connectionSlide 12Unicast-communication single host single receiverMulticast is communication between a single host and multiple receiversWhat is EAPEAPoL packet structureA typical EAPOL protocol runSlide 18Slide 19TKIP (Temporal Key Integrity Protocol)TKIP-MICTKIP-Packet SequencingTKIP-Per-packet KeyTKIP-RekeyingTKIPStandard EAP with TKIP WLAN Design Attack Mitigation Roles for Standard EAP WLAN Design802.1X/EAP with TKIP Threats mitigated802.1X/EAP with TKIP Additional Threats mitigated802.1X/EAP with TKIP Threats not mitigatedSlide 30IEEE 802.11iSummaryThe Alliance announced the first certified products with WPA April 29, 2003Slide 34Thank YouNotes:•Beyond Traditional IEEE 802.11 Security Marie Waldrick May 5, 2003Outline•Characterizing Wireless Networks•Wireless technology, 802.11 currently•802.1X•EAP Architecture•802.1X/EAP•Future Trends-802.1X/EAP/TKIP•Conclusion-802.11iCharacterizing Wireless Networks•Adhoc only requires wireless devices on each computer.•Infrastructure requires wireless devices on each computer AND a base station (with built in DHCP server and firewall)Peer-to-Peer (Adhoc)Wireless devices have no access point connection and each device communicates with each other directlyClient/Server (infrastructure networking)Extends an existing wired LAN to wireless devices by adding an access point (bridge and central controller)Advantages to Infrastructure Mode•Automatic use of Network Address Translation (NAT) firewall –blocks all outside port requests•Local reserved IP addresses only used by clients. Those IP addresses will not show up on the internet. •The DCHP server (gateway) that is built into this NAT firewall does not require that any one computer be on (and functioning) in order to use the connection.Wireless Networks•By nature, wireless networks need to advertise their beacons to show their existence•Service set identifier (SSID) Beacons frames broadcast network parameters are sent unencrypted•Media Access Control (MAC) address filtering 802.11 uses 48 bit station identifiers in the frame headers -check mac address to insure station has access not part of 802.11 standard but used anyway to identify Wired Equivalent Privacy (WEP) Was supposed to provide authentication and privacy Secret 40 bit keys, but unsafe at any length Static-manually-configured keys Weakness due to long life of keys and they are shared among many usersThe IEEE 802.11 standard802.1X Standard-Solves user authentication problem-Standard for passing EAP over a wired or wireless LAN-EAP messages are packaged in Ethernet frames and don’t use PPP.-It is only authentication-Provides a security framework for port-based access control-Resides in the upper layers to enable new authentication and key management methods without changing current network devices. -The latest security technology should still work with your existing infrastructure802.1X architecture overviewAPClientAuthenticatorSupplicant Authentication ServerConcrete Authentication ProtocolEAP carries concrete authentication protocol between Supplicant and Authentication Server802.1: carries EAP over 802 LAN between Supplicant and AuthenticatorRADIUS/UDP/IP: carries EAP between Authenticator and Authentication Server802.1x connection•A client device connects to a port on an 802.1x switch and AP•The switch port can determine the authenticity of the devices•The services offered by the switch can be made available on that port•Only EAPOL frames can be sent and received on that port until authentication is complete. •When the device is properly authenticated, the port switches traffic as through it were a regular port.Authentication ServerAccess pointLaptop513241 -Client Associates with Blocked Access Point2 -User Provides Login Authentication Credentials3 a)-Server<->user authenticationb)-Server delivers Unicast WEP key to Access Point4 -Access point delivers broadcast WEP key Encrypted with Unicast WEP key to client5 -Client and Access Point activate WEP and Use Unicast and Broadcast WEP keys for transmissionEAP Transport “Authentication” ProtocolUnicast-communication single host single receiverpackets sent to a unicast address are delivered to the interface identified by that addressMulticast is communication between a single host and multiple receiversMulticast Sends Packets to a Subnet, and defined devices listen for Multicast PacketsWhat is EAP•Beyond simple user names and passwords•Easily encapsulated within any data link protocol•Provides a generalized framework for all sorts of authentication methods.•Simpler interoperability and compatibility across authentication methods•For example, when you dial a remote access server(RAS) and use EAP as part of your PPP connection, the RAS doesn’t need to know any of the details about your authentication system. Only you and the authentication server have to be coordinated. •The RAS server gets out of the business and just re-packages EAP packets to hand off to a RADIUS server to make the actual authentication decision.EAPoL packet structureEAP messages are packaged in ethernet frames and don’t use PPP Source Ethernet Addr Destination Ethernet Addr Ether type = 888E Vers | Type Body Length Body (e.g. EAP frame)A typical EAPOL protocol runSupplicant AuthenticatorEAPOL startEAP request/identityEAP response/identityEAP request/MD5-challengeEAP response/MD5-challenge EAP successTemporal keyMAC addrSEQ #Integrity key Shared secret keyP1 P2 RC4IV/SEQRC4S | D | bodyhashciphertext|| | MICTKIPWEPIVIV | ciphertext|| S | D | body | ICVCRC-32TKIP(Temporal Key Integrity Protocol)•Addresses weak IVs, IV collisions•Firmware upgrade deployable to existing 802.11 hardware•Components-Cryptographic message integrity code-Packet sequencing-Per-packet key generation-Re-keying mechanismTKIP-MIC•Sender and receiver share 64-bit secret integrity key•MIC = H(src MAC|dst MAC|frame body)K•If receivers computation matches the MIC sent, then message presumed authentic•If 2 forgeries in a second, then assume under attack-Delete keys, disassociate, and reassociateTKIP-Packet Sequencing•Reuse 16-bits of WEP IV packet field for sequence number•Initialize sequence # to 0 for new encryption key•Increment sequences # by 1 on
View Full Document
Unlocking...