Wireless Network Security

Dr. Mana Khatua

Assistant Professor
Dept. of CSE, IIT Guwahati
Email: manaskhatua@iitg.ac.in
Wireless Security Overview
 Security requirements for wireless are the same with wired environment.
 Confidentiality
 Integrity
 Availability
 Authenticity
 Accountability

 Key Factors Contributing to Risks

 Channel: broadcast communication; more susceptible to eavesdropping and jamming
 Mobility: contributes additional risks
 Resources: advanced OS, but limited resources (memory, processing)
 Accessibility: Certain devices (sensors, robots) may be left unattended for long time

27-03-2023 MANAS KHATUA, IIT GUWAHATI 2

Wireless Network Threats
Lack of
central
point of
control

e.g. Bluetooth,
Barcode reader,
Handhold PDAs

Bogus reconfiguration
commands to routers
/switches exposed to
nonfiltered traffic

27-03-2023 MANAS KHATUA, IIT GUWAHATI 3

 Wireless Security Measures
wireless security measures dealing with three components -

 Securing wireless transmission

 Signal hiding technique (for hiding wireless AP)
 Turn off SSID broadcasting by AP
 Assign cryptic name to SSID
 Reduce signal strengths
 Directional antennas
 Encryption of wireless transmission

 Securing wireless access point (AP)  Securing wireless networks

 Access control policy  Enable anti-virus, anti-spyware, firewall
o it is typically based on the identity of the user  Turn off SSID broadcasting by routers
who requests access to a resource
 Change default identifier on router
 Authentication mechanism
o to make sure the identity is who they say they  Change router’s pre-set password
are.  Apply MAC-filtering
 Use encryption for traffic

27-03-2023 MANAS KHATUA, IIT GUWAHATI 4

IEEE 802.11 Wireless LAN
• IEEE 802 committee responsible for LANs
• In 1990, IEEE 802.11 WG was formed
Aims:
• To develop a protocol & transmission specifications for Wireless LAN

• Developed IEEE 802.11i WLAN Security Specification

•The Wi-Fi alliance formed in 1999. This is an industry consortium.

First standard became popular is 802.11b in 1999

Developed a certification procedure for 802.11 security standards

 Wi-Fi Protected Access (WPA)
Recent version in WPA2 – it incorporates all features of 802.11i spec

27-03-2023 MANAS KHATUA, IIT GUWAHATI 5

IEEE 802.11 Protocol Stack
LLC:
 keeps track of frame transmissions
 handle frame retransmissions

MAC layer
 Addressing
 MAC framing from data
 Medium Access

Physical layer
 encode/decode signals
 Bit transmission/reception
 Transmission medium

27-03-2023 MANAS KHATUA, IIT GUWAHATI 6

MAC Frame (MPUD)
MAC protocol data unit (MPUD)

MSDU

CRC: Cyclic Redundancy Check. Also known as Frame Check Sequence (FCS).
This is an error-detecting code, such as that which is used in other data-link
control protocols.

27-03-2023 MANAS KHATUA, IIT GUWAHATI 7

IEEE 802.11 BSS, ESS
BSS (basic service set):
the smallest building
block.

BSS consists of a set of

stations controlled by a
single coordination
function.

BSSs connected via

APs. APs functions as
bridges.

ESS: two or more BSSs are connected via Distribution System (DS)
IBSS (independent BSS): When all stations in the BSS are mobile stations that
communicate directly with one another (not using an AP)

27-03-2023 MANAS KHATUA, IIT GUWAHATI 8

IEEE 802.11 Services
Service Provider Used to support

Association Distribution system MSDU delivery

Disassociation Distribution system MSDU delivery

Re-association Distribution system MSDU delivery

Authentication Station LAN access and security

De-authentication Station LAN access and security

Distribution Distribution system MSDU delivery

Integration Distribution system MSDU delivery

MSDU delivery Station MSDU delivery

Privacy Station LAN access and security

Re-association: Enables an established association to be transferred from one AP to another

Distribution: when the MPDUs must traverse the DS to get destination STA
Integration: transfer of data between a STA on an 802.11 LAN and a STA on an 802.x LAN.
27-03-2023 MANAS KHATUA, IIT GUWAHATI 9
 Wireless LAN Security Protocols
 Wired Equivalent Privacy (WEP) algorithm
The original native security
o 802.11 privacy by 802.11 work group
mechanism for WLAN.

Disadvantage: very week w.r.t. security & privacy • Used to protect wireless
communication from
802.11 Task Group i is formed to address the issue. eavesdropping (confidentiality)

• Prevent unauthorized access to a

 Wi-Fi Protected Access (WPA) wireless network (access control)
o eliminates most of the 802.11 security issues
• Prevent tampering with
o it was based on the current state of the 802.11i standard transmitted messages (integrity)

Final form of the standard • Provide users with the equivalent

level of privacy inbuilt in wireless
 Robust Security Network (RSN) networks (User’s role)

 Wi-Fi Protected Access 2 (WPA2)

27-03-2023 MANAS KHATUA, IIT GUWAHATI 10

 How WEP Works
IV original unencrypted packet checksum

RC4
key

IV encrypted packet

IV (initialization vector)  WEP Flaws and Vulnerabilities

 There are 224 different IVs  Weak keys for encryption
 IV reuse and small size
 RC4 is an Encryption Algorithm

27-03-2023 MANAS KHATUA, IIT GUWAHATI 11

 Wi-Fi Protected Access (WPA)
 New security technique WPA in the year 2002-03

 Replacement of security flaws in WEP

 Improved data encryption

 Strong user authentication

 Because of many attacks related to static key, WPA minimize shared secret
key in accordance with the frame transmission

 Use the RC4 algorithm in a proper way and provide fast transfer of the data
before someone can decrypt the data.

27-03-2023 MANAS KHATUA, IIT GUWAHATI 12

 WPA2
Based on the IEEE 802.i standard
The primary enhancement over WPA is the use of the AES (Advanced
Encryption Standard) algorithm
The encryption in WPA2 is done by utilizing either AES or TKIP (Temporal
Key Integrity Protocol)

2 versions: Personal & Enterprise

The Personal mode uses a PSK (Pre-shared key) & does not require a
separate authentication of users
The enterprise mode requires the users to be separately authenticated by
using EAP (Extensible Authentication Protocol)

WPA3 has been proposed, not used extensively till now.

27-03-2023 MANAS KHATUA, IIT GUWAHATI 13

WEP vs WPA vs WPA2
WEP WPA WPA2

Year introduced 1999 2003 2004

TKIP (Temporal Key Integrity CCMP (Counter Mode CBC-
Encryption protocol Fixed-key
Protocol) MAC Protocol)
Session key size 64-bit/128-bit 256-bit 256-bit
Cipher type RC4 stream cipher TKIP (RC4-based) AES
Cyclic Redundancy
Data integrity Message Integrity Check CCMP
Check
Authentication Open system /Shared PSK + PMK (Pairwise Master
Pre-Shared Key (PSK)
method key Key)
Symmetric key
Key management WPA + WPA-PSK PMK + PSK
encryption
Pros Better than no security i) TKIP encryption i) Stronger encryption
ii) 256-bit key for encryption method: AES
ii) Solves prior issues
Cons i) Fixed-key encryption Many security Require more processing
ii)many vulnerabilities vulnerabilities still exist power

27-03-2023 MANAS KHATUA, IIT GUWAHATI 14

Services in RSN
Latest Security
Standard by IEEE
802.11 Task Group I

Access Control (as Security Function) – It works with any authentication protocol and key exchange

Authentication – It is mutual authentication. Also do secret key exchange for secured communication

Privacy with message integrity – MAC-level data encryption and message integrity code (MIC) are used
to ensure confidentiality, integrity, origin authentication, etc.

27-03-2023 MANAS KHATUA, IIT GUWAHATI 15

Cryptographic Algorithms in RSN

27-03-2023 MANAS KHATUA, IIT GUWAHATI 16

Types of Configuration
 802.11i security is
limited to BSS STA IBSS STA

 End-to-end security is
provided by upper layer
STA
STA

27-03-2023 MANAS KHATUA, IIT GUWAHATI 17

802.11i Phases of Operations

27-03-2023 MANAS KHATUA, IIT GUWAHATI 18

(1) Discovery Phase
Purpose of Discovery Phase:
For an STA and an AP
to recognize each other,
agree on a set of security capabilities,
establish an association for future communications

Security Capabilities:
 Confidentiality & Integrity protocols (Cipher suite)
 TKIP
CCMP
Vendor specific
 Authentication & Kay management approach
(AKM suite)
 IEEE 802.11X (Port based network access control)
 Vendor specific

27-03-2023 MANAS KHATUA, IIT GUWAHATI 19

Discovery Phase
Discovery Procedure:
AP uses
• Beacon & Probe Response to advertise its 802.11i
security policy

STA uses the above messages

• to identify an AP
• to associate with the AP

Open system authentication

 Only to maintain backward compatibility with the IEEE
802.11 state machine
 STA & AP simply exchanges IDs

Association
 STA & AP agree on a set of security capabilities to be
used.
 Using Association Request, STA informs its selection from
the set declared by AP (using Beacon / Probe Response)

AP can refuse association request

STA also can block rogue AP

27-03-2023 MANAS KHATUA, IIT GUWAHATI 20

(2) Authentication Phase
This is mutual authentication
◦ Between STA & AS located in a DS
IEEE 802.11i makes use of IEEE 802.11X Port-
based Network Access Control
◦ Extensible Authentication Protocol (EAP)
◦ Supplicant ~STA
◦ Authenticator ~AP
◦ Authentication server (AS)

Consists of three steps:

 Connect to AS
◦ By request-Response, AP  STA  AS
 EAP exchange
◦ authenticates the STA and AS to each other
◦ STA-to-AP message flow uses EAP over LAN (EAPOL)
protocol,
◦ AP-to-AS message flow uses Remote Authentication
Dial In User Service (RADIUS) protocol
 Secure key delivery
◦ the AS generates a master session key (MSK)
◦ sends it to the STA secretly

27-03-2023 MANAS KHATUA, IIT GUWAHATI 21

(3) Key Management Phase
In this phase, a variety of
cryptographic keys are
generate and distributed to
STAs.

There are two types of keys:

• pairwise keys used for
communication between an
STA and an AP
• group keys used for multicast
communication.

27-03-2023 MANAS KHATUA, IIT GUWAHATI 22

IEEE 802.11i Keys

27-03-2023 MANAS KHATUA, IIT GUWAHATI 23

IEEE 802.11i Keys

27-03-2023 MANAS KHATUA, IIT GUWAHATI 24

Key Distribution
4-way handshake:
The upper part of the
Figure shows the MPDU
exchange for distributing
pairwise keys.

Group Key Handshake

the AP generates a GTK and
distributes it to each STA in
a multicast group.

27-03-2023 MANAS KHATUA, IIT GUWAHATI 25

 (4) Protected Data Transfer Phase
IEEE 802.11i defines two schemes for this:
 Temporal Key Integrity Protocol (TKIP) – for older WiFi devices using WEP
 Counter Mode-CBC MAC Protocol (CCMP) – for new WiFi devices using WPA / RSN

TKIP and CCMP both provides two services:

 Message integrity
 In TKIP: using message integrity code (MIC) generated by algorithm Michael
 In CCMP: using cipher block chaining message authentication code (CBC-MAC)

 Data confidentiality
 In TKIP: using RC4 based encryption
 In CCMP: using AES for encryption

27-03-2023 MANAS KHATUA, IIT GUWAHATI 26

EAP Layered Context
RFC RFC RFC RFC
5216 5281 5433 5106

27-03-2023 MANAS KHATUA, IIT GUWAHATI 27

EAP Protocol Exchanges

27-03-2023 MANAS KHATUA, IIT GUWAHATI 28

IEEE 802.1X Access Control
Until the AS authenticates a
supplicant (i.e. client),
the 802.1X control channel is
unblocked, but the 802.11 data
channel is blocked.

Once a supplicant is authenticated

and authorised, the data channel
becomes unblocked

802.1X uses the concepts of

controlled and uncontrolled ports.

Ports are logical entities defined

within the authenticator and refer to
physical network connections,
Each logical port is mapped to one
these two types of physical ports
(controlled /uncontrolled)

27-03-2023 MANAS KHATUA, IIT GUWAHATI 29

Cont

27-03-2023 MANAS KHATUA, IIT GUWAHATI 30

27-03-2023 MANAS KHATUA, IIT GUWAHATI 31