Scribd
Upload
59 views

Wireless LAN Security

The document discusses security issues in wireless LANs and methods to address them. It begins with an overview of wireless networks and common attacks on them like masquerading and man-in-the-middle attacks. It then discusses WEP and issues with its security. It introduces WPA and WPA2 as improved protocols implementing technologies like TKIP and CCMP. It details the authentication process in WPA, which uses EAP with protocols like MD5, TLS, TTLS and PEAP. It also explains the key agreement process and hierarchy in WPA. Finally, it discusses alternative authentication protocols like EAP-SPEKE and EAP-SRP that provide mutual authentication and resistance to common attacks.

Uploaded by

Govind Maheswaran
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
59 views

Wireless LAN Security

The document discusses security issues in wireless LANs and methods to address them. It begins with an overview of wireless networks and common attacks on them like masquerading and man-in-the-middle attacks. It then discusses WEP and issues with its security. It introduces WPA and WPA2 as improved protocols implementing technologies like TKIP and CCMP. It details the authentication process in WPA, which uses EAP with protocols like MD5, TLS, TTLS and PEAP. It also explains the key agreement process and hierarchy in WPA. Finally, it discusses alternative authentication protocols like EAP-SPEKE and EAP-SRP that provide mutual authentication and resistance to common attacks.

Uploaded by

Govind Maheswaran
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 30

Wireless

LAN
Security
Ajay K Mathias
Govind M
Johnes Jose

M120445CS
M120432CS
M120088CS

Introduction
WEP

EAP

Authenticated KEP
Conclusion

Overview

Wireless Networks
Extension

of Wired networks, without using

wires.
IEEE 802.11 (1997)

802.11b (1999), 802.11g (2003), 802.11n


(2009)
802.11i (2004)

Types : Adhoc & Infrastructural WLAN

Ad Hoc WLAN

Connect with whichever station


Hop Hop.. Hop Hop..
No device in the middle.

Infrastructure WLAN
Parties

Involved

Wireless

Station
Access Point (AP)
Ground Station
Terms
BSS

/ ESS
SSID
Beacon
Probe Request,
Response
Associate Frame
Request, Response

Security in WLAN
Main

Point of Concern
Multiple Options exists in Wired
Networks.
SSID / MAC based Authentication was
used, both of which were spoof-able.
Common Attacks Possible

Masquerading
Man in the middle
Dictionary Attacks

Requirement

: Privacy Equivalent to that


in Wired Networks

Wired Equivalent Privacy (WEP)


Challenge

Response Protocol
Random Nonce, C

Access
Point

Statio
n
Response, R
Initialization Vector, IV

O KEYSTREAM(S, IV)
R=C+

But..!
WEP

had the following security Issues

Monitor

Challenge Response to compute


Keystream.
Obtain S, using Dictionary Attack
One side Authentication

Thus..
A

better protocol was required


WPA

Post WEP security


WPA

(TKIP) Temporal Key Integrity


Protocol
WPA 2 (CCMP) Counter mode CBC MAC
Protocol

The authentication in both schemes same


Authentication same as in 802.11i
Former uses RC4 key-stream encryption
Latter uses AES with cipher block chaining

AUTHENTICATION IN WPA
3

entities
Supplication (Station)
Authenticator (AP Access Point)
Authentication Server (AS)

EAP

(Extensible Authentication Protocol)


Authentication, Authorization &
Accounting

802.11i Protocol
Supplican
t

Authenticator

Authentication
Server

802.11
Association
EAP/802.1X/RADIUS
Authentication
4-Way
Handshake
Group Key
Handshake
Data
Communication

MSK

AUTHENTICATION
METHODS
EAP

EAP
EAP
EAP

MD5
TLS
TTLS
PEAP

EAP MD5
Basic

form
Challenge is to send MD5 of password
Password not known to AP, AS
Drawbacks:

Replay attack possible with


MD5(password)
AP is not verified to the supplicant

EAP-TLS
Uses

SSL/TLS
All Entities have Certificates & Pvt. keys
Drawbacks:

Infeasible for all stations to have


certificates
PKI required to communicate

EAP-TTLS
Requires

AP to have certificates
AP can be verified by AS, supplicants
Forms a secure tunnel through which
password can be sent

EAP-PEAP
Similar

to EAP-TTLS
Forms a secure tunnel
Authentication of station to AS
independent

KEY AGREEMENT
Two

types of keys:

TK (Temporal Key) [128]


GTK (Group Transient Key) [128]

PMK

can be replaced by PSK (Pre Shared


Key) [256], but not secure
TK and other keys are derived from PMK
(Pairwise Master Key) [256] by 4-way
handshake protocol

KEY HIERARCHY
MSK [256] : AS & Station
PMK [256] : AP (derived
from MSK)
PTK = f(PMK) [512]
PTK -> TK [128]
PTK -> KCK [128]
PTK -> KEK [128]

FOUR WAY HANDSHAKE

Calculate PTK

Calculate PTK

PTK

= prf (PMK,NA,NB,MACA,MACS)
PTK = (TK, KCK, KEK)

EAP-SPEKE
Simple

Password-Authenticated
Exponential Key Exchange
Diffie-Hellman based
Authentication with session key
negotiation
Mutual Authentication
Withstands Man in the middle attack
Withstands Replay attack

Supplicant
A = gXa mod p
g = f(pd)

Authenticator
A
B = gXb mod p
Xb = secret key

Xa = secret key

S = H(B mod
p)
n1 = nonce
Xa

Verify n1

S(n1)
2)
n
1,
n
(
S

S(n2)

S = H(AXb mod
p)
n2 = nonce

Verify n2

EAP - SRP
EAP-Secure

Remote Password
Borrows elements from other key
exchange protocol
User ID and password-based
authentication

Supplicant
A = gXa mod p
g = f(pd)
Xa = secret key
ID = identifier

x = H(Salt, pd)
u = H(A, B)
S = (B-gx)Xa+ux mod
p
K = H(S)

Verify n1

Authenticator
A, ID
t,B
l
a
S

M=
a
H
H(ID (H(pd)
+H
), S
alt,
(
A, B g),
, K)
, K)
A
,
M
( a
M b=H

B = (V+gXb) mod p
Xb = secret key

V = gx mod p
x = H(Salt, pd)

u = H(A, B)
S = (AVu) Xbmod p
K = H(S)

Improved EAP-SRP

A = gXa mod p
Ma = H(H(Pd) Xor H(g), H(ID),
A)

U = H(A,B)
S = (B-gx)(Xa+Ux) mod
p
K = H(S)
Mc = H(B, Mb, K)

A,ID,Ma

Salt, Mb,
B

B = (v + gXb) mod
p
U = H(A, B)
S = (A.Vu)Xb mod p
K = H(s)
Mb = H(A, B, Ma,
k)

Mc
Session Key
Mutual Authentication

Cons

Pros

Mutual Authentication
No Cleartext
Password Exchange
Works against
Dictionary Attacks,
Password Sniffing and
Network Traffic
Analysis Attacks
Easier to setup, than
Dig Cert based
Authentication.

Computationally
Intensive
(Comparitively)
Narrow domain of
choosing primes.
(eg. Reqd : Prime p,q
such that p = 2q+1)

References
1.

An Efficient Password Authenticated Key Exchange Protocol for


WLAN and WIMAX, AK Rai, V Kumar, S Mishra, ICWETT
2011

2.

Extensible authentication protocol, Adoba, B., Blunk, L.,


Vollbrecht, J., Carlson, J. & Levkowetz, E., RFC
3748 2004

3.

The SRP Authentication and Key Exchange System, T. Wu,


RFC 2945 2000

4.

Cryptography and Network Security, Bernard Menesez,


Cengage Solutions

Thank You!

You might also like