FTP Attack Case Study - Witchita State University
Download
Report
Transcript FTP Attack Case Study - Witchita State University
Wireless Security
In wireless networks
Security and Assurance - Goals
Integrity
• Modified only in acceptable ways
• Modified only by authorized people
• Modified only by authorized processes
Availability
• Service request is completed in an acceptable period
of time
• Timely response to requests
Confidentiality
•
Only authorized people or systems can access protected
data.
Threats, Vulnerabilities and
Controls
Threats
circumstances that have the
potential to cause harm
Interception
Interruption
Modification
fabrication
Vulnerabilities
weaknesses
in a security system
Controls
protective measures
Security Needs for Mobile
Networks
Basic security services provided by a
wireless communication system
•
•
Encryption
• Confidentiality of user message transferred over
the wireless channel
• Session key establishment
•
•
Between Home Network and a Mobile Station
Between two different Mobile Stations
Authentication
• For the validation of the identity of the mobile user
Cryptosystems
Cryptosystems are employed to cover up
the content of the message exchanged
between two parties
Two major types of Cryptosystems:
• Public-Key (Asymmetric-Key)
• Ex. RSA (Rivest, Shamir, and Adleman)
• Symmetric-Key
• Ex. DES (Data Encryption Standard)
Public-Key Cryptosystems
Public-key P.txt = D(kPRIV , E(kPUB, P.txt)).
(Asymmetric-Key) systems are easy to manage:
• Download the recipients public key.
• Encrypt the message.
• Send it.
• The recipient uses the private key to decrypt.
• Public-Key requires more computation (RSA is 1000 times
slower than DES). Modular Square Root (MSR) is a variant of
RSA that requires only one modular multiplication, which is
acceptable for a MS
Authentication Problem
You have to know who you are talking to
Sender E(kpubR , E(kprivS, P.txt)) Receiver
Symmetric-Key Cryptosystems
Strengths of Symmetric-Keys is based on:
Secrecy of the key
Difficulty of guessing the key
Difficulty of inverting the encryption (i.e., breaking the algorithm)
Computations needed are negligible compared to Public-Key
Mobile Network Environment
MS
Network
VN
Network
HN
Communication between a HN and VN
Analysis of Protocol 1
Symmetric-Key Encryption
1. MS HN: r
2. MS HN: IDMS, f(k, r)
An identity of each party is denoted by ID
f() is a symmetric key encryption function such as DES
The Home Network (HN) broadcasts systems information
including a random number r
MS sends IDMS & f(k,r) to the HN
k is the secret key shared between MS and HN
HN find’s MS’s secret key – database – completes
authentication to the MS by verifying f(k,r)
Analysis of Protocol 1
Symmetric-Key Encryption (contd.)
The advantage of this protocol is that
computation of f() can be easily performed by
the MS having the low computational power.
The disadvantage, well…., do you think it will
be easy to protect and maintain the database
containing the secret keys of MS?
PROBABALY NOT!!!
Analysis of Protocol 2
Public Key Certificate
Assume a universally trusted certificate authority (CA) – run
by a single, large SP
Each MS is provided with a certificate which contains:
• MS’s identity
• The current expiration date
• Certificate authority’s signature
• Certificate authority’s private key (sCA)
The MS and HN have the following certificates
certHN = {IDHN,pHN,dateHN,[h(IDHN,pHN,dateHN)]sCA}
certMS = {IDMS,dateMS,[h(IDMS,dateMS)]sCA}
date denotes the expiration of the certificate
pHN means the public key of the HN
[…] sCA means signing […] using a private key of the CA
Analysis of Protocol 2
Public Key Certificate (contd.)
1. MS HN: certHN
2. MS HN: [ks]pHN, f(ks,certMS)
3. MS HN: f(ks,[IDMS, IDHN])
The home network HN broadcasts its certificate certHN
The MS can authenticate the HN by verifying the signature with the
pCA corresponding to sCA
Session key ks randomly chosen by MS – encrypted with pHN and the
encrypted session key [ks]pHN is sent to the HN with the certMS
encrypted with ks
HN decrypts [ks]pHN with its secret key sHN
MS can also be authenticated based on its secret certificate
Since anyone who obtains certMS, can impersonate MS, it should be
protected – ks encrypts the message
Certificate
Granting
Server
Kerberos
Database
Server
Server
Server
HN
Workstation
Authentication
Server
Kerberos Key Distribution Service
MS
Protocol 1 -vs- Protocol 2
certHN = {IDHN,pHN,dateHN,[h(IDHN,pHN,dateHN)]sCA}
certMS = {IDMS,dateMS,[h(IDMS,dateMS)]sCA}
Protocol 1
Protocol 2
1. MS HN: r
1. MS HN: certHN
2. MS HN: IDMS, f(k, r)
2. MS HN: [ks]pHN,
f(ks,certMS)
3. MS HN: f(ks,[IDMS, IDHN])
Strengths & Weaknesses of
Protocols 1-3
Protocol 1: Symmetric-Key
•
Negligible computation compared to Public-key
•
Difficult to maintain and protect database of secret keys
Protocol 2: Public Key
•
Computationally higher, although this is reduced by MSR
•
Does not protect against impersonation of the MS
WEP key encryption
WEP key is used as a standard mode of
encryption for the wireless lans.
It is a symmetric key encryption used to
prevent eavesdropping.
It also prevents unauthorized users
from accessing the lan.
40- bit and 128- bit WEP keys are
available.
Working of WEP key
User and the Access point have a
shared WEP key.
RC4 algorithm expands a short key into
infinite pseudo- random key streams.
Checks to see if the key is from an
authorized user.
RC4(streamcypher)
encryption and decryption
Initialization Vector
Encryption box
40-bytekey
State
One-time pad &
XORD with
plain text
Key-stream
Plaintext
XOR
Cipher-text
Problems in WEP key Encryption
• Decrypt using statistical analysis.
• Active attack to inject traffic.
• Active attack to decrypt packets
• Modify destination IP
• Send a packet to a remote known computer.
Problems in WEP key
encryption
Dictionary attack
Man in the middle attacks
• Initialization vector
• Intercepts authentication messages to gain
access to the network
Message Integrity Check (Interceptor)
Conclusion
It is not easy to achieve complete security
but reasonable security of wireless
network can be achieve if we integrate
all the security techniques available.