Transcript Mobile and Wireless Communication Security

Mobile and Wireless
Communication Security
By Jason Gratto
WEP (Wired Equivalent Privacy)





Intended to provide confidentiality
Key size:40 bits
Key distribution: Manual
Meant to protect wireless communication
from eavesdropping
Also meant to prevent unauthorized access
to wireless network
Goals of WEP



Access Control
Data Integrity
Confidentiality
Protocol of WEP

Uses a secret key between the computer and
the access point
–
–
The secret key is used to encrypt the packets
No standard for sharing the key but in practice a
single key is shared between all of the computers
and access points.
WEP - Procedure




Generates a checksum
Generates a keystream with a chosen IV
(Initialization Vector) v with RC4
XOR between message/checksum and the
keystring
Transmits the v and the ciphertext
WEP – Procedure
WEP - Defenses

Integrity Check (IC)
–

Used to ensure packet wasn’t modified in transit
Initialization Vector (IV)
–
–
Used to avoid encrypting two ciphertexts with the
same key stream
Used to augment the shared key and produce a
different RC4 for each packet
WEP – Vulnerabilities

ICV insecure
–

IV key reuse
–

ICV is a algorithm for creating the checksum, based on
CRC32 and can be modified to match the contents of the
message.
Because a small IV value is used, IV values end up being
reused, compromising the security.
Authentication forging
–
Using a recovered key stream and IV the authentication can
be forged.
WEP – Attack types

Passive
–

Active
–

Constructing it’s own encrypted packets when plaintext is
known
Active from both sides
–

Eavesdropping on wireless traffic
Constructing it’s own encrypted packets when only header
is known by guessing.
Dictionary building
–
Computing the key stream using a decryption table
Wi-Fi Protected Access (WPA)




Key size: 128 bits
Hash method: ICV, MICHAEL
Key distribution: TKIP (Temporal Key Integral
Protocol)
Inclusion of EAP certification for enterprise
versions of WPA
MICHAEL

MICHAEL generates a MIC (Message
Integrity Code)
–
–
8 bits long
Placed between the data and the ICV
TKIP



Made to address security problems with
WEP
Looks to client’s configuration to determine
what kind of key to use
Sets a unique default key for each client
TKIP - Defenses



Implements a key mixing function that
combines a secret key with an IV before
performing RC4 initialization
If packets are received out of order, they are
rejected by the access point
Implements the MICHAEL integrity check to
prevent forged packets from being accepted
Extensible Authentication Protocol
(EAP)

Is a transmission method and framework for
authentication protocols
–

Works with many other authentication protocols
such as RADIUS and Kerberos
Uses a variety of different transport methods
EAP

Originally designed for wired connections
–

To be used in a wireless environment, the
“tunneled” EAP method was created, wrapping
the EAP in a stronger encrypted EAP
Common transport methods
–
–
–
–
EAP-TLS (Transport Layer Security)
EAP-TTLS (Tunneled Transport Layer Security)
PEAP (Protected EAP)
LEAP (Light EAP)
EAP Types

PEAP
–

EAP-TTLS
–

Interior MSCHAPv2 inside a secure TLS tunnel
Interior EAP-MD5 inside a secure TLS tunnel
LEAP
–
–
Modified version of MSCHAP
Vulnerable to dictionary attacks
WPA –Vulnerabilities

Denial of Service
–
Any time forged and unauthorized data is
detected, it shuts the access point down for 60
seconds

Because of this it is easy to shut down access points
using little network activity
WPA2


Updated version of WPA
Uses AES encryption and allows use of
RADIUS (Remote Authentication Dial In User
Service) authentication protocol
RADIUS


Protocol for communication between
Network Access Server (NAS) and a remote
authentication server
Requires clients and servers
RADIUS

Data needed for authenticaiton
–
User data


–
User information

–
IP Name or address
Shared secret key
Username and password
Session information

Speed, port, NAS ID
RADIUS – Database

The database can be stored in a number of
different ways
–
–
–

A text file
Password file
Netware directory
The database can authenticate in a number
of ways as well
–
–
Username/password
SecurID Token Card
RADIUS

After authentication is requested, the
RADIUS server either accepts or rejects the
NAS based on the following
–
–
–
–
Session timers
Filters
IP Address
IDSN Session Parameters
RADIUS
ISP User
Database
ISP Modem Pool
UserID: bob
Password: ge55gep
UserID: bob
Password: ge55gep
NAS-ID: 207.12.4.1
Access-Accept
User-Name=bob
[other attributes]
Select UserID=bob
ISP RADIUS
Server
Bob
password=ge55gep
Timeout=3600
[other attributes]
Framed-Address=217.213.21.5
The Internet
User dials modem pool and
establishes connection
Internet PPP connection established
Sources




http://www.cs.fsu.edu/~yasinsac/group/slides
/cubukcu.pdf
http://islab.oregonstate.edu/koc/ece478/05R
eport/Kalina.ppt
http://its.ndsu.edu/fileadmin/www.its.ndsu.ed
u/pdfs/Wireless_EAP.pdf
http://www.ceenet.org/workshops/lecture98/ri
chard/2-radius/index.htm