Computer security principles and practice 3rd by williams stallings and brown ch24

Securing Wireless Networks• The main threat involving wireless access points is unauthorized access to the network • Principal approach for preventing such access is the IEEE 802.1X stan

Chapter 24

Wireless Network Security

o Accessibility

• Some wireless devices, such as sensors and robots, may be left unattended in remote and/or hostile locations, thus greatly increasing their vulnerability to physical attacks

Figure 24.1 Wireless Networking Components

Wireless Network Threats

Securing Wireless Transmissions

• Principal threats are eavesdropping, altering or inserting messages, and disruption

• Countermeasures for eavesdropping:

o Signal-hiding techniques

o Encryption

• The use of encryption and authentication protocols is the standard method of

countering attempts to alter or insert transmissions

Securing Wireless Networks

• The main threat involving wireless access points is unauthorized access to the

network

• Principal approach for preventing such access is the IEEE 802.1X standard for based network access control

port-o The standard provides an authentication mechanism for devices wishing to attach to a LAN or wireless network

• Use of 802.1X can prevent rogue access points and other unauthorized devices from becoming insecure backdoors

Change your router’s set password for administration

pre-Allow only specific computers to access your wireless network

Allow only specific computers to access your wireless network

Wireless Network Security Techniques

Mobile Device Security

o Growing use of new devices

• Significant growth in employee’s use of mobile devices

o Cloud-based applications

• Applications no longer run solely on physical servers in corporate data centers

o De-perimeterization

• There are a multitude of network perimeters around devices, applications, users, and data

o External business requirements

• The enterprise must also provide guests, third-party contractors, and business partners network access using various devices from a multitude of locations

Lack of physical security

controls

Lack of physical security

controls Use of untrusted networks

Use of untrusted mobile

Interaction with other

systems Use of untrusted content

Use of location services

Security Threats

Figure 24.2 Mobile Device Security Elements

Firewall

Firewall limtts scope of data and application access

Authentication and access control protocols used to verify device and user and establish limits

on access

Mobile device is configured with security mechanisms and parameters to conform to organization security policy

Traffic is encrypted;

uses SSL or IPsec

VPN tunnel

Authentication/ access control server

Mobile device configuration server

Application/

database server

Table 24.1

IEEE 802.11 Terminology

Wireless Fidelity (Wi-Fi) Alliance

o First 802.11 standard to gain broad industry acceptance

• Wireless Ethernet Compatibility Alliance (WECA)

o Industry consortium formed in 1999 to address the concern of products from different vendors successfully interoperating

o Later renamed the Wi-Fi Alliance

• Term used for certified 802.11b products is Wi-Fi

o Has been extended to 802.11g products

• Wi-Fi Protected Access (WPA)

o Wi-Fi Alliance certification procedures for IEEE802.11 security standards

o WPA2 incorporates all of the features of the IEEE802.11i WLAN security specification

Figure 24.3 IEEE 802.11 Protocol Stack

reception Transmission medium

Assemble data into frame Addressing Error detection Medium access

Flow control Error control

General IEEE 802 functions

Specific IEEE 802.11 functions

Frequency band definition

Wireless signal encoding

Reliable data delivery Wireless access control protocols

Figure 24.4 General IEEE 802 MPDU Format

MAC

Control

Destination MAC Address

Source

Figure 24.5 IEEE 802.11 Extended Service Set

Table 24.2 IEEE 802.11 Services

Th

e p rima ry se rv ice u se

d b

y s ta tio

ns to e xch an ge M PD

Us wh en th

e MP DU

s m ust tr av ers

e t he D

S t

o

ge

t f ro

m a st ati on in o ne B SS to a st ati on in a no th

er BS S

Distribution

•

En ab le

s t ra nsf

er

of da ta b etw ee

n a st ati on o

n a

n I EE

E 8 02 1

1 L AN a nd a st ati on o

n a

n i nte gra te

d I EE

E

80 2x L AN

•

Se rv ice e na ble

s t ra nsf

er

of da ta b etw ee

n a st ati on o

n a

n I EE

E 8 02 1

1 L AN a nd a st ati on o

n a

n

in te gra te

d I EE

E 8 02 x L AN

Association

• Establishes an initial association between a station and an AP

Reassociation

• Enables an established association

to be transferred from one AP to another, allowing a mobile station

to move from one BSS to another

Disassociation

• A notification from either a station or an AP that an existing association is terminated

Services

Wireless LAN Security

• Wired Equivalent Privacy (WEP) algorithm

o 802.11 privacy

• Wi-Fi Protected Access (WPA)

o Set of security mechanisms that eliminates most 802.11 security issues and was based on the current state of the 802.11i standard

• Robust Security Network (RSN)

o Final form of the 802.11i standard

• Wi-Fi Alliance certifies vendors in compliance with the full 802.11i specification under the WPA2 program

Authentication and Key Generation

(a) Services and Protocols

Figure 24.6 Elements of IEEE 802.11i

Confidentiality, Data Origin Authentication and Integrity and Replay Protection TKIP CCMP Robust Security Network (RSN)

Confidentiality

TKIP (Michael MIC)

CCM (AES- CBC- MAC)

CCM

(AES-CTR)

NIST Key Wrap

MD5

SHA-1

HMAC-Integrity and Data Origin Authentication

(b) Cryptographic Algorithms

Key Generation

TKIP

(RC4)

Robust Security Network (RSN)

SHA-1 RFC 1750

HMAC-CBC-MAC = Cipher Block Block Chaining Message Authentication Code (MAC) CCM = Counter Mode with Cipher Block Chaining Message Authentication Code CCMP = Counter Mode with Cipher Block Chaining MAC Protocol

TKIP = Temporal Key Integrity Protocol

Phase 1 - Discovery

Figure 24.7 IEEE 802.11i Phases of Operation

Phase 5 - Connection Termination

Phase 3 - Key Management

Phase 4 - Protected Data Transfer Phase 2 - Authentication

to join network AP sends possible

security parameter (security capabilties set per the security policy)

AP performs null authentication

AP sends the associated security parameters

Station sends a

request to perform

null authentication

Station sends a request to

associate with AP with

security parameters

Station sets selected

security parameters

Open system authentication request Probe response

802.1x EAP request

Access request (EAP request) 802.1x EAP response

Accept/EAP-success key material 802.1x EAP success

Association request Association response

Open system authentication response

802.1X controlled port blocked

802.1X controlled port blocked Extensible Authentication Protocol Exchange

Figure 24.9 802.1X Access Control

Station

Access point

Uncontrolled port

Controlled port

Controlled port

• Authenticates the STA and AS to each other

o Secure key delivery

• Once authentication is established, the AS generates a master session key and sends it to the STA

Figure 24.10 IEEE 802.11i Key Hierarchies

Out-of-band path EAP method path Pre-shared key

EAPOL key confirmation key EAPOL key encryption key Temporal key

following EAP authentication

or PSK

During 4-way handshake

These keys are components of the PTK

Pairwise master key

(b) Group key hierarchy (a) Pairwise key hierarchy

AAA key

Pairwise transient key

or if compromised

Changes based on policy (disassociation, deauthentication)

GMK (generated by AS)

GTK

Group master key

Group temporal key

STA AP

Figure 24.11 IEEE 802.11i Phases of Operation:

Four-Way Handshake and Group Key Handshake

Message 1 delivers a nonce to the STA

so that it can generate the PTK.

Message 1 delivers a new GTK to the STA The GTK is encrypted before it is sent and the entire message is integrity protected

The AP installs the GTK.

Message 3 demonstrates to the STA that the authenticator is alive, ensures that the PTK is fresh (new) and that there is no man-in-the-middle.

Message 2 delivers another nonce to the

AP so that it can also generate the

PTK It demonstrates to the AP that

the STA is alive, ensures that the

PTK is fresh (new) and that there is no

man-in-the-middle

The STA decrypts the GTK

and installs it for use.

Message 2 is delivered to the

AP This frame serves only as

an acknowledgment to the AP.

Message 4 serves as an acknowledgement to

Message 3 It serves no cryptographic

function This message also ensures the

reliable start of the group key handshake.

Message 2 EAPOL-key (Snonce, Unicast, MIC)

Message 1 EAPOL-key (Anonce, Unicast)

Message 1 EAPOL-key (GTK, MIC)

Message 4 EAPOL-key (Unicast, MIC)

Message 2 EAPOL-key (MIC)

Message 3 EAPOL-key (Install PTK, Unicast, MIC) AP’s 802.1X controlled port blocked

AP’s 802.1X controlled port unblocked for unicast traffic

Message integrity

Adds a message integrity code to the 802.11 MAC frame after the data field

Data confidentiality

Provided by encrypting

the MPDU

Temporal Key Integrity Protocol (TKIP)

• Designed to require only software changes to devices that are implemented with the older wireless LAN security approach called WEP

• Provides two services:

• Intended for newer IEEE 802.11 devices that are equipped with the hardware to

support this scheme

• Provides two services:

Figure 24.12 IEEE 802.11i Pseudorandom Function

• IEEE 802.11i wireless LAN security

• IEEE 802.11i services

• IEEE 802.11i phases of operation

• Discovery phase

• Authentication phase

• Key management phase

• Protected data transfer phase

• The IEEE 802.11i pseudorandom function

• Wireless Security

o Wireless network threats

o Wireless security measures

• Mobile device security

o Security threats

o Mobile device security strategy

• IEEE 802.11 wireless LAN overview

o The Wi-Fi alliance

o IEEE 802 protocol

o IEEE 802.11 network components and

architectural model

o IEEE 802.11 services