59619
Crypto U12, WLAN
- background
- 3 standards
- WEP
- original standard
- wired equivalent privacy
- designed to provide
security at data link layer
- replaced by WPA
- original standard
- WPA
- designed as stop gap for
WEP insecurity
- WiFi Protected Access
- 2002
- designed to work with
legacy hardware
- designed as stop gap for
WEP insecurity
- WPA2
- IEEE 802.11
- 2004
- IEEE 802.11
- WEP
- 3 standards
- design
- originally designed to provide security
equivalent as a cabled network and no more
- support open standards to assure
support for all connecting devices
- does not need to be as flexible as SSL so
fewer supported algorithms can be selected
- symmetric crypto used
- because speed is desired
- because it is a closed
environment and easier to control
- because speed is desired
- only as flexible as
needed, but not more
- need to be able
to provide quick
updates
- originally designed to provide security
equivalent as a cabled network and no more
- security requirements
- confidentiality
- mutual entity authenticaton
- data origin authentication
- confidentiality
- WPA
- differences from WEP
- uses stronger authntication
and key establishment
- key hierarchy used
- uses master key, key
ecrypting keys and data keys
- uses master key, key
ecrypting keys and data keys
- mutual entity authentication
- mutual data origin authentication
- mutual key establishment
- key confidentiality
- key freshness
- mutual key confirmation
- unbiased control
- 2 methods to establish
Pre-Master-Key (PMK)
- Extensible
Authentication
Protocol (EAP)
- Established as a
preshared key
- Extensible
Authentication
Protocol (EAP)
- key hierarchy used
- uses stronger authntication
and key establishment
- WPA
- uses Rc4
- mixes data encrypting
key with IV (rather than
appending)
- for each package, a
new IV sent
- uses Rc4
- WPA2
- uses AES
- provides confidentiality and data
origin authentication with CCMP
- CBC - MAC protocol
- 1. create MAC using CBC
- 2. encrypt using counter mode
- 1. create MAC using CBC
- CBC - MAC protocol
- uses AES
- differences from WEP
- WEP
- implementation
- RC4 Stream Cipher
- 40 bit key
- stream cipher desirable
since transmission
prone to errors
- @ the time, cipher was well respected
- 40 bit key
- CRC checksum for integrity
- simple challenge and response for authentication
- use shared, fixed symmetric
key for each WLAN
- If one device on network
compromised, they are all
compromised.
- If one device on network
compromised, they are all
compromised.
- RC4 required synchronization
- this means each packet must be
encrypted separately, so this runs the
risk of keystream being used repeatedly
- to provide variation, used an
initialization vecor of 24 bits
and appends it to key
- PROBLEM: RC4 does not originally
support initialization vectors
- PROBLEM: RC4 does not originally
support initialization vectors
- to provide variation, used an
initialization vecor of 24 bits
and appends it to key
- this means each packet must be
encrypted separately, so this runs the
risk of keystream being used repeatedly
- RC4 Stream Cipher
- security issues
and design flaws
- single, shared key is a
single point of failure
- since WEP key is used for
every encryption, it is
continuously exposed
- abuses principle of key separation
- key length not future proof (40 bits)
- nonstandard use of crypto algorithm
- lack of origin authentication
- weak entity authentication mechanism
- single, shared key is a
single point of failure
- attacks
- man-in-the-middle
- because only supports
unilateral entity auth
(Alice to access point)
- because only supports
unilateral entity auth
(Alice to access point)
- replay attack
- CRC manipulation attack
- birthday attack on IVs
- key recovery attack
- man-in-the-middle
- implementation
Möchten Sie kostenlos Ihre eigenen Mindmaps mit GoConqr erstellen? Mehr erfahren.