Security+ Guide to Network Security Fundamentals, Third Edition
Chapter 6
Wireless Network Security
• Objectives
Overview of IEEE 802.11 wireless security
Define vulnerabilities of Open System Authentication, WEP, and Device Authentication
Describe the WPA and WPA2 personal security models
Overview enterprises wireless security implementation considerations
• IEEE 802.11
Wireless Security Protections
• History of WIFI Specification
• Institute of Electrical and Electronics Engineers (IEEE)
– The most widely known and influential organization for computer networking and wireless communications
• Early 1980s: IEEE began developing network architecture standards – Project called: 802
• 1990 IEEE formed committee to develop standards for a Wireless Local Area Network (WLAN)
specification
– That operate at a speed of 1 & 2 million bits per second (Mbps)
• IEEE 802.11 Wireless Security Protections (cont.)
• 1997: IEEE approves IEEE 802.11 WLAN standard
• Approved Four Revisions:
– IEEE 802.11a – IEEE 802.11b – IEEE 802.11g
– IEEE 802.11i - Enterprise specification (not speed related) – IEEE 802.11n
Controlling Access
• Controlling WLAN Access:
– Accomplished by limiting a device’s access to the Access Point (AP)
– Requires method to restrict AP access to only authorized devices, and by extension the wireless network
• IEEE 802.11 standard does not specify how to implement access controls
• Most AP vendors implement Access Control through Media Access Control (MAC) address filtering
Controlling Access (cont.)
• Wired Equivalent Privacy (WEP)
– Designed to ensure that only authorized parties can view transmitted wireless information
– Uses RC4 encryption to protect traffic
– The IEEE 802.11 committee designed WEP to meet the following criteria:
• Efficient, exportable, optional, self-synchronizing, and reasonably strong
• US Cryptography restrictions prevented stronger key implementations Controlling Access (cont.)
• WEP uses a Shared key cryptology implementation – minimum of 64 bits in length
– Key options:
• 64-bit key
• 128-bit key
• Passphrase
• The AP and devices can hold up to four shared secret keys
– One of which must be designated as the default key
• Quick Tutorial - Text Altering Algorithms
• Uses: To impede someone from reading the value of the text.
• Types:
– Encryption Algorithm
• Provides confidentiality
• Convert plain-text to ciphertext using a Key
• Allows ciphertext to be converted back to plain-text if the proper Key is present – Hash Algorithm
• Cryptographic operation that converts a variable plain-text input to a fixed length ciphertext representation of the value.
• One-way function, the text can not be decrypted into the original plaintext.
Controlling Access (cont.)
• Device authentication
– WLANs cannot limit signal transmissions to physical boundaries (e.g. walls or doors)
• Bleed over of signal is called Data Emanation
• Authentication methods supported by 802.11:
– Open system authentication – Shared key authentication Controlling Access (cont.)
• Open System Vulnerabilities
• Open System Authentication:
– Open System Authentication
• Single Factor Authentication: SSID must match hosted network ID
• SSID can be discovered thru traffic scanning for AP beaconing
• Beacon frame response to AP allows network joining
• MAC address filtering – MAC Spoofing
• WEP
– Weak encryption, easily determined key based on repetition Open System Vulnerabilities
• Passive scanning
– Most common type of scanning
– Wireless device listens for beacons over a period of time
• Enhanced AP configurations allow for ability to exclude Beacon Frames from including SSID data – In this case requires user to enter SSID manually on the wireless device
Open System Vulnerabilities
• Problems when SSID not beaconed:
– Can affect roaming
– Can affect Windows XP devices
• SSID easily discoverable even when not beaconed – Transmitted in other AP management frames
• Configuring SSID to not beacon provides virtually no protection – Increases trouble shooting of wireless clients
Open System Vulnerabilities
• MAC Address Filtering Weaknesses
• MAC addresses are initially exchanged unencrypted
– Attacker can easily see the MAC address of an approved device and spoof it to join WLAN network
• Managing large numbers of MAC addresses poses significant challenges
• MAC address filtering does not provide a means to temporarily allow a guest user access
– Requires manually entry of user’s MAC address into the access point WEP
• WEP encryption only supports 64-bit or 128-bit keys
– Made up of a 24-bit Initialization Vector (IV) and 40-bit or 104-bit default key – Default key limits its strength
• Violates the cardinal rule of cryptography:
– Detectable patterns must be avoided at all costs – IVs repeat in fewer than seven hours
WEP (cont.)
• Weaknesses of WEP make it possible for an attacker to identify two packets derived from the same IV (called a collision)
• Keystream attack
– Method of determining the keystream by analyzing two packets that were created from the same IV
XOR Overview
• XOR Function
– XOR is a digital logic gate that functions as a truth table.
– Logic operation is referred to as an “Exclusive Disjunction”
– Commonly used in bitwise operations such as cryptography.
– Values are represented as either “1” (True) or “0” (False).
– To validate as true one input for a given position must be true. If both values are equal, it creates a negative or False rating.
Personal Wireless Security
• Requirements for personal wireless security based on two models:
– WPA Personal Security – WPA2 Personal Security
• WPA Personal Security
• Wireless Ethernet Compatibility Alliance (WECA)
– Consortium of wireless equipment manufacturers and software providers formed to promote wireless network technology
• WECA goals:
– Encourage use of IEEE 802.11 standards / technologies – Promote / market these technologies
– Test and certify which wireless products adhere to the IEEE 802.11 standards for interoperability
WPA Personal Security (cont.)
• In 2002, WECA changed its name to Wi-Fi (Wireless Fidelity) Alliance
• In October 2003 the Wi-Fi Alliance introduced Wi-Fi Protected Access (WPA)
– WPA design goal to protect both present and future wireless devices, addresses both wireless authentication and encryption
• PSK addresses authentication
• TKIP addresses encryption
• WPA replaced WEP (a key can be cracked in less than two minutes)
• WPA Personal Security (cont.)
• Preshared key (PSK) Authentication
– Uses a passphrase to generate the encryption key
• Must be created and entered into both the AP and each authorized wireless devices – Devices will not communicate with the AP without identical PSK’s
• PSK is not the Encryption Key
– The PSK is the SEED used to generate the mathematically unique encryption keys WPA Personal Security (cont.)
• WPA uses an encryption technology called Temporal Key Integrity Protocol (TKIP)
• TKIP advantages over WEP:
– TKIP uses a longer 128-bit key
– TKIP keys are known as per-packet keys
– When coupled with other technologies, TKIP provides an even greater level of security
• WPA also replaces the (CRC) function in WEP with the Message Integrity Check (MIC) – Designed to prevent attackers capturing, altering, and replaying data packets WPA2 Personal Security
• Wi-Fi Protected Access 2 (WPA2) – Introduced September 2004 – WPA Second generation
– Continues use of PSK authentication
– Replaces TKIP encryption with Advanced Encryption Standard (AES)
• PSK Authentication
– Designed for personal and small office home office
– PSK keys are automatically changed and authenticated between devices after a specified period of time known as the rekey interval
WPA2 Personal Security (cont.)
• PSK key management weaknesses:
– Key distribution and sharing is performed manually without any technology security protections
– Only uses a single key
– Changing the PSK key requires reconfiguring the key on every wireless device and on all access points
– Guest access requires providing the PSK to that guest
• PSK uses passphrases which can be subject to dictionary attack WPA2 Personal Security (continued)
• PSK is a 64-bit hexadecimal number
– Most common way method of generation is by entering a passphrase
• Criteria: Letters, digits, punctuation, etc…
• Length requirements: Between 8 and 63 characters
– Passphrases < 20 characters subject to a specific type of dictionary attack and broken easily
WPA2 Personal Security (cont.)
• AES-CCMP Encryption
– Encryption under the WPA2 personal security model is accomplished by AES-CCMP
• CCMP is Counter Mode with CBC-MAC (CCM)
• CCM is the algorithm providing data privacy
– While the Cipher Block Chaining Message Authentication Code (CBCMAC) component of CCMP provides data integrity and
authentication Enterprise Wireless Security
• The enterprise wireless security options can be divided into three general categories:
– IEEE 802.11i compliant models – WPA compliant
– WPA2 compliant IEEE 802.11i
• Key Points of 802.11i:
– Addresses the two main weaknesses of wireless networks: encryption and authentication
– Replaces WEP’s PRNG RC4 algorithm with a stronger cipher that performs three steps on every block (128 bits) of plaintext
– IEEE 802.11i authentication and key management is accomplished by the IEEE 802.1x standard
– Supports Key-Caching: Network storage of device information to facilitates roaming users.
– Devices can be Pre-Authenticated, Allowing authentication before moving into range of the AP
IEEE 802.11i (cont.)
• WPA Enterprise Security
• The WPA Enterprise Security model is designed for medium to large-size organizations
– Provides improved authentication and encryption over the personal model on a wireless LAN
• IEEE 802.1x Authentication
– Provides an authentication framework for all IEEE 802-based LANs – Uses port-based authentication mechanisms
– Does not perform any encryption
• TKIP Encryption
– An improvement on WEP encryption
– Designed to fit into the existing WEP procedure
• WPA Enterprise Security (cont.) WPA2 Enterprise Security
• Provides the highest level of secure authentication and encryption on a wireless LAN
• IEEE 802-1x Authentication
– Most robust authentication for WLAN
• AES-CCMP Encryption
– Encryption is based on the stronger AES-CCMP
– 128-bit keys and 128-bit blocks are mandatory for WPA2
• Enterprise Wireless Security Devices
• Thin Access Point
– Enterprise device the separates the AP function
from the Authentication and Encryption.
– Provides for centralized management of wireless infrastructure
– All authentication is
performed in the wireless switch Enterprise Wireless Security Devices (cont.)
• Wireless VLANs
– Used to segment traffic and increase security
– The flexibility of a wireless VLAN depends on which device separates the packets and directs them to different networks
• For enhanced security many organizations set up two wireless VLANs – Employee access
– Guest access
Enterprise Wireless Security Devices (cont.)
• Rogue Access Point Discovery Tools – Wireless protocol analyzer
• Allows auditing the airwaves for rogue access points – RF Frequency Monitor
• requires a special sensor called a wireless probe
• Wireless Probe Types:
– Wireless device probe
– Desktop probe – Access point probe – Dedicated probe
• Summary
• Initial IEEE 802.11 standard contained security controls for protecting wireless transmissions from attackers
• Wi-Fi Alliance introduced two levels of personal security
– Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2)
• Enterprise and Personal wireless security models require different requirements / infrastructure
• Additional wireless security devices can be used to defend against attackers
