null
US
Iniciar Sesión
Regístrate Gratis
Registro
Hemos detectado que no tienes habilitado Javascript en tu navegador. La naturaleza dinámica de nuestro sitio requiere que Javascript esté habilitado para un funcionamiento adecuado. Por favor lee nuestros
términos y condiciones
para más información.
Siguiente
Copiar y Editar
¡Debes iniciar sesión para completar esta acción!
Regístrate gratis
59619
Crypto U12, WLAN
Descripción
(Unit 12 - Crypto Systems) IYM002 Mapa Mental sobre Crypto U12, WLAN, creado por jjanesko el 28/04/2013.
Sin etiquetas
iym002
unit 12 - crypto systems
iym002
unit 12 - crypto systems
Mapa Mental por
jjanesko
, actualizado hace más de 1 año
Más
Menos
Creado por
jjanesko
hace más de 11 años
90
10
0
Resumen del Recurso
Crypto U12, WLAN
background
3 standards
WEP
original standard
wired equivalent privacy
designed to provide security at data link layer
replaced by WPA
WPA
designed as stop gap for WEP insecurity
WiFi Protected Access
2002
designed to work with legacy hardware
WPA2
IEEE 802.11
2004
design
originally designed to provide security equivalent as a cabled network and no more
support open standards to assure support for all connecting devices
does not need to be as flexible as SSL so fewer supported algorithms can be selected
symmetric crypto used
because speed is desired
because it is a closed environment and easier to control
only as flexible as needed, but not more
need to be able to provide quick updates
security requirements
confidentiality
mutual entity authenticaton
data origin authentication
WPA
differences from WEP
uses stronger authntication and key establishment
key hierarchy used
uses master key, key ecrypting keys and data keys
mutual entity authentication
mutual data origin authentication
mutual key establishment
key confidentiality
key freshness
mutual key confirmation
unbiased control
2 methods to establish Pre-Master-Key (PMK)
Extensible Authentication Protocol (EAP)
Established as a preshared key
WPA
uses Rc4
mixes data encrypting key with IV (rather than appending)
for each package, a new IV sent
WPA2
uses AES
provides confidentiality and data origin authentication with CCMP
CBC - MAC protocol
1. create MAC using CBC
2. encrypt using counter mode
WEP
implementation
RC4 Stream Cipher
40 bit key
stream cipher desirable since transmission prone to errors
@ the time, cipher was well respected
CRC checksum for integrity
simple challenge and response for authentication
use shared, fixed symmetric key for each WLAN
If one device on network compromised, they are all compromised.
RC4 required synchronization
this means each packet must be encrypted separately, so this runs the risk of keystream being used repeatedly
to provide variation, used an initialization vecor of 24 bits and appends it to key
PROBLEM: RC4 does not originally support initialization vectors
security issues and design flaws
single, shared key is a single point of failure
since WEP key is used for every encryption, it is continuously exposed
abuses principle of key separation
key length not future proof (40 bits)
nonstandard use of crypto algorithm
lack of origin authentication
weak entity authentication mechanism
attacks
man-in-the-middle
because only supports unilateral entity auth (Alice to access point)
replay attack
CRC manipulation attack
birthday attack on IVs
key recovery attack
Mostrar resumen completo
Ocultar resumen completo
¿Quieres crear tus propios
Mapas Mentales
gratis
con GoConqr?
Más información
.
Similar
Crypto U12 (part 1), crypto for mobile telecom
jjanesko
Crypto U12 (part 2), crypto for mobile telecom
jjanesko
Crypto U12, SSL
jjanesko
Crypto U12 GSM,UTMS Hierarchy Diagram
jjanesko
Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
jjanesko
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
jjanesko
Crypto U3, Theoretical vs. Practical Security
jjanesko
Crypto U1, Basic Principles
jjanesko
Crypto U4, Stream Cipher
jjanesko
Crypto U4, Block Cipher, Counter Mode
jjanesko
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
jjanesko
Explorar la Librería