Transcript Wireless Security: A Search for Public and Secure Wireless networks

Wireless Security:
A Search for Public and Secure
Wireless networks
Kory Kirk
Overview
Infrastructure Networks vs. Ad Hoc Networks
Access Points (AP)
Secure vs. Non-secure
Data Encryption
Public vs. Private
Available to everyone
Types of Wireless Security
Wireless Portals – Computers running server software
that manages the every connection on a given access
point. (ex. Monowall, noCatAuth, & WiFiDog)
Security Protocols – Standardized software that is
installed both an access point and client computer
which dictate how the computer and access point
should communicate. (ex. Web Encryption Protocol(EAP),
Password Authentication Protocol (PAP))
What is the big deal about wireless
security?
- “The only truly secure system is one that is
powered off, cast in a block of concrete and
sealed in a lead-lined room with armed
guards - and even then I have my doubts. ”
Eugene H. Spafford, director of the Purdue Center for Education and
Research in Information Assurance and Security.
- Sensitive Data (Passwords, Social Security Numbers, Credit Card
Information, Personal Content)
- Data is only as secure as the computer that it
is transmitted to/from.
Wireless Vulnerabilities
-
Wireless / Network Sniffing
Wireless Probing
MAC Address Spoofing / IP Spoofing
Man in the middle attack
Address Resolution Protocol (ARP) Poisoning
Denial of Service
Wireless Vulnerabilities
- We have a problem.
- How can something possibly be public and
secure?
- A new protocol
- Wireless Portal
CHOICE Network
- Protocol For Authorization of Negotiation of Services
(PANS).
- Lightweight mechanism
- That provides authorization, access control, privacy,
security, local mobility, and last-hop Quality of
Service (QoS)
- Personalized key. Uses a key and a token to encrypt
data.
- Implementation of a protocol that could possibly be
used for a Public and Secure Wireless Network
Illustration of CHOICE
Secure Wireless Internet Access in Public Places, Paramvir Bahl, Srinivasan Venkatachary http://www.cs.ucsd.edu/~abalacha/research/papers/ICC01.pdf
CHOICE Network Downfalls
- Proprietary
- Uses a new protocol
- Can probably still be cracked.
Linux Wireless Portal
- Machine connected directly to the AP
- Running a Linux based Wireless Portal
- Portal manages all connections between
clients and internet.
Linux Wireless Portal Downfalls
- Very vulnerable to sniffing, since packets
over the air are not encrypted.
- Uses MAC address as reference to client
What Next?
- Wireless Portal
- Users should be given less freedom on the
network. (i.e. no access to local subnet)
- Encryption of data is possible with
application on client side. (from web browser
or download).
- Doesn’t require a new protocol.
Questions?
?