security analysis on wireless lan protocols
play

Security Analysis on Wireless LAN protocols HORI Yoshiaki - PowerPoint PPT Presentation

Dec 02, 2023 •116 likes •331 views

Security Analysis on Wireless LAN protocols HORI Yoshiaki hori@csce.kyushu-u.ac.jp Kyushu University / ISIT ETRI-ISIT 1st joint seminar 1 Contents S e c u r i t y a n a l y s i s o n I E E E 8 0 2 . 1 1 i

  1. Security Analysis on Wireless LAN protocols HORI Yoshiaki hori@csce.kyushu-u.ac.jp Kyushu University / ISIT ETRI-ISIT 1st joint seminar 1

  2. Contents ・ S e c u r i t y a n a l y s i s o n I E E E 8 0 2 . 1 1 i ‐ S h o r t s u m m a r y o f C . H e a n d J . C . M i t c h e l l , “ S e c u r i t y A n a l y s i s a n d I m p r o v e m e n t s f o r I E E E 8 0 2 . 1 1 i , ” N D S S 0 5 , F e b r u a r y 2 0 0 5 ・ S e c u r i t y a n a l y s i s o n M I S p r o t o c o l ‐ Y e t a n o t h e r w i r e l e s s L A N p r o t o c o l b a s e d o n I E E E 8 0 2 . 1 1 p h y s i c a l l a y e r ETRI-ISIT 1st joint seminar 2

  3. Wireless LAN and Security • Wireless LAN (WLAN) – WLAN uses wireless media instead of wired media in order to provide connectivity for a terminal. • A wireless terminal is connected with Access Point (AP) by using of wireless media. – WLAN provides mobility, no wire → WLAN enables easily to build LAN – Currently WLAN become widely deployed. • WLAN security – WLAN security has become a serious concern for many organizations. – Security requirements for a WLAN • Data condidentiality • Integrity • Mutual authentication • Availability ETRI-ISIT 1st joint seminar 3

  4. WLAN security model Wireless terminal Access Point (AP) (Supplicant) (Authenticator) Network Network (Authentication Attack Server) Eaves dropping Adversary ETRI-ISIT 1st joint seminar 4

  5. Wireless Threats (by C. He and J. C. Mitchell, Stanford Univ.) • Wireless Threats – Threat 1: Passive Eavesdropping – Threat 2: Message Injection – Threat 3: Message Deletion and Interception – Threat 4: Masquerading and Malicious AP – Threat 5: Session Hijacking – Threat 6: Man-in-the-Middle – Threat 7: Denial of Service Threats 1, 2, and 3: attack all three type of frames in the Link Layer Threats 4, 5, and 6: defeat mutual authentication Threats 7: interferes with availabilit ETRI-ISIT 1st joint seminar 5

  6. IEEE 802.11i overview ・I E E E s t a n d a r d a p p r o v e d a n d p u b l i s h e d o n J u n e 2 0 0 4 ・D e s i g n e d t o p r o v i d e e n h a n c e d s e c u r i t y i n t h e M e d i a A c c e s s C o n t r o l ( M A C ) l a y e r f o r 8 0 2 . 1 1 w i r e l e s s n e t w o r k s ‐8 0 2 . 1 1 i w o r k s w e l l f o r d a t a c o n f i d e n t i a l i t y , i n t e g r i t y , a n d m u t u a l a u t h e n t i c a t i o n . ・D e f i n e d R o b u s t S e c u r i t y N e t w o r k A s s o c i a t i o n ( R S N A ) w h i c h p r o v i d e s ‐t w o d a t a c o n f i d e n t i a l i t y p r o t o c o l s ; ・T e m p o r a r y K e y I n t e g r i t y P r o t o c o l ( T K I P ) ・C o u n t e r - m o d e / C B C - M A C P r o t o c o l ( C C M P ) w i t h A E S - 1 2 8 ( 1 2 8 b i t K e y a n d 1 2 8 b i t B l o c k s i z e ) ‐A u t h e n t i c a t i o n a n d k e y m a n a g e m e n t p r o t o c o l ・E x t e n s i b l e A u t h e n t i c a t i o n P r o t o c o l ( E A P ) s c h e m e , e . g . E A P - T L S , p r o v i d e s m u t u a l a u t h e n t i c a t i o n . ・4 - w a y h a n d s h a k e e n a b l e s t o s h a r e P a i r w i s e T r a n s i e n t K e y ( P T K ) d e r i v e d f r o m t h e i r P a i r w i s e M a s t e r K e y ( P T K ) . ・A l s o s u p p o r t e d p r e - R S N A f o r c o m p a t i b i l i t y w i t h 8 0 2 . 1 1 ‐W i r e d E q u i v a l e n t P r i v a c y ( W E P ) ETRI-ISIT 1st joint seminar 6

  7. Data confidentiality and Integrity ・ C C M P a p p e a r s t o p r o v i d e s a t i s f a c t o r y d a t a c o n f i d e n t i a l i t y , i n t e g r i t y , a n d r e p l a y p r o t e c t i o n f o r d a t a p a c k e t s a g a i n s t t h r e a t s 1 , 2 a n d 3 . ・ H o w e v e r , t h r e a t s 1 , 2 a n d 3 r e m a i n w i t h m a n a g e m e n t f r a m e s a n d c o n t r o l f r a m e s b e c a u s e t h e s e f r a m e s a r e n e i t h e r e n c r y p t e d n o r a u t h e n t i c a t e d b y t h e l i n k l a y e r e n c r y p t i o n a l g o r i t h m . ETRI-ISIT 1st joint seminar 7

  8. Authentication and Key Management ・I f t h e c o m p l e t e R S N A h a n d s h a k e s a r e p e r f o r m e d , t h e a u t h e n t i c a t i o n a n d k e y m a n a g e m e n t p r o c e s s a p p e a r t o b e s e c u r e . ・H o w e v e r , s i n c e a n a d v e r s a r y c a n i n t e r f e r e w i t h e a r l y s t a g e s i n R S N A h a n d s h a k e s , i t m a y p r e v e n t c o m p l e t i o n o f t h e R S N A . ・S o m e a t t a c k s f o r 8 0 2 . 1 1 i ‐S e c u r i t y l e v e l r o l l b a c k a t t a c k ・B o g u s b e a c o n a n d b o g u s p r o b e r e s p o n s e f r o m a n a u t h e n t i c a t o r ( a c c e s s p o i n t ) , a n d b o g u s a s s o c i a t i o n r e q u e s t . ‐R e f l e c t i o n a t t a c k o n t h e 4 - w a y h a n d s h a k e ETRI-ISIT 1st joint seminar 8

  9. Availability ・ K n o w n D o SA t t a c k s ・ M i c h a e l A l g o r i t h m C o u n t e r m e a s u r e ( i n T K I P ) ‐ N o t a f f e c t e d w i t h C C M P ・ R S N I E ( R S N I n f o r m a t i o n E l e m e n t ) P o i s o n i n g ・ 4 - W a y H a n d s h a k e B l o c k i n g ・ F a i l u r e R e c o v e r y ETRI-ISIT 1st joint seminar 9

  10. Known DoS Attacks ・A n a d v e r s a r y c a n e a s i l y f o r g e t h e m a n a g e m e n t f r a m e s a n d t h e c o n t r o l f r a m e s t o l a u n c h a D o S a t t a c k . ‐T h e m o s t e f f i c i e n t a t t a c k i s t o f o r g e a n d r e p e a t e d l y s e n d D e a u t h e n t i c a t i o n o r D e a s s o c i a t i o n f r a m e s . T h e s e a t t a c k s p e r s i s t e v e n i f 8 0 2 . 1 1 i i s u s e d . ‐T h e r e a r e a l s o s e v e r a l D o Sa t t a c k s t h a t e x p l o i t t h e u n p r o t e c t e d E A P m e s s a g e s i n 8 0 2 . 1 X a u t h e n t i c a t i o n . H o w e v e r , t h e s e v u l n e r a b i l i t i e s f o r t u n a t e l y c a n b e e l i m i n a t e d i n 8 0 2 . 1 1 i b y s i m p l y i g n o r i n g t h e s e m e s s a g e s . ・E A P O L ( E A P o v e r L A N ) - S t a r t , E A P O L - S u c c e s s , E A P O L - F a i l u r e , E A P O L - L o g o f f ETRI-ISIT 1st joint seminar 10

  11. Summary: 802.11i security ・ S a t i s f a c t o r y d a t a c o n f i d e n t i a l i t y , i n t e g r i t y , a n d r e p l a y p r o t e c t i o n f o r d a t a p a c k e t s i s p r o v i d e d b y u s i n g o f C C M P ( A E S ) . ・ M u t u a l a u t h e n t i c a t i o n i s p r o v i d e d b y E A P - T L S a n d 4 - w a y h a n d s h a k e . ・ I n o r d e r t o s u p p o r t a b o v e f e a t u r e s a n d t o k e e p u p p e r c o m p a t i b i l i t y w i t h I E E E 8 0 2 . 1 1 a n d I E E E 8 0 2 . 1 X ( p r e - R S N A ) , w e s h o u l d c o n s i d e r a v a i l a b i l i t y . ETRI-ISIT 1st joint seminar 11

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols 01 Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief introduction to security protocols; Model checking of security protocols, particularly using the process

1.28k views • 110 slides
Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security Symposium, 2008 Many Protocols Authentication and key exchange SSL/TLS, Kerberos, IKE, JFK, IKEv2, Wireless and mobile computing Mobile IP, WEP,

959 views • 71 slides
Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless

Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless

Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless Protocols Contents WPA and WPA2? Common parts in WPA & WPA2 WPA Encryption and Decryption WPA2 Encryption and Decryption Attacks on WPA Attacks on

235 views • 21 slides
Wireless Wireless Medium Access Control Medium Access Control Protocols Protocols

Wireless Wireless Medium Access Control Medium Access Control Protocols Protocols

Wireless Wireless Medium Access Control Medium Access Control Protocols Protocols Telecomunicazioni Undergraduate course in Electrical Engineering University of Rome La Sapienza Rome, Italy 2007-2008 Classification of of wireless

597 views • 35 slides
Wireless Networks: Network Protocols/Mobile IP Mo$va$on

Wireless Networks: Network Protocols/Mobile IP Mo$va$on

Wireless Networks: Network Protocols/Mobile IP Mo$va$on Problems Data transfer DHCP Encapsula$on Security IPv6 Adapted from J. Schiller,

441 views • 29 slides
Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola 600.647

Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola 600.647

Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola 600.647 Advanced Topics in Wireless Networks Our focus: MANETs Multi-hop routing: unicast multicast infrastructure access Our focus: MANETs

894 views • 26 slides
Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor

Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor

Computer Aided Security: Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks Pascal Lafourcade November 6, 2012

624 views • 44 slides
Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols

Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols

Mathy Vanhoef Public PhD Defense A Security Analysis of the WPA- TKIP and TLS Security Protocols Data handled by computers: Banking details Emails Messaging Adult websites Private files Mobile devices 2 Goal of dissertation Is the

758 views • 51 slides
Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over

Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over

Security Protocols Q: Why security protocols? Bob Alice A: To allow reliable communication over an untrusted channel (eg. Internet) 2 Security Protocols are out there Authentication Confidentiality Example: HTTPS (HTTP + TLS)

669 views • 42 slides
Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering They are where cryptography and system mechanisms meet They allow trust to be taken from where it exists to where it s needed But they are

941 views • 67 slides
Wireless Privacy: Analysis of 802.11 Security Nikita Borisov UC Berkeley

Wireless Privacy: Analysis of 802.11 Security Nikita Borisov UC Berkeley

Wireless Privacy: Analysis of 802.11 Security Nikita Borisov UC Berkeley nikitab@cs.berkeley.edu Wireless Networking is Here Internet 802.11 wireless networking is on the rise installed base: ~ 15 million users currently a $1

803 views • 37 slides
Selfishness in packet forwarding/ Secure protocols for behavior enforcement Security and

Selfishness in packet forwarding/ Secure protocols for behavior enforcement Security and

Selfishness in packet forwarding/ Secure protocols for behavior enforcement Security and Cooperation in Wireless Networks Georg-August University Gttingen Part I: Selfishness in packet forwarding the operation of multi-hop wireless networks

860 views • 36 slides
Automated Analysis of Wireless Communication Protocols via SDR Bachelor thesis colloquium Roman

Automated Analysis of Wireless Communication Protocols via SDR Bachelor thesis colloquium Roman

Chair for Network Architectures and Services Technische Universit at M unchen Automated Analysis of Wireless Communication Protocols via SDR Bachelor thesis colloquium Roman Leuprecht November 4, 2015 Chair for Network Architectures and

583 views • 22 slides
Towards computationally sound symbolic security analysis Daniele Micciancio, UCSD DIMACS

Towards computationally sound symbolic security analysis Daniele Micciancio, UCSD DIMACS

Towards computationally sound symbolic security analysis Daniele Micciancio, UCSD DIMACS Tutorial June 2004 Security protocols Protocols: distributed programs Goal: maintain prescribed behavior in adversarial execution environment

1.34k views • 51 slides
Security Analysis of Network Protocols John Mitchell Reference:

Security Analysis of Network Protocols John Mitchell Reference:

CS259 Winter 2008 Security Analysis of Network Protocols John Mitchell Reference: http://www.stanford.edu/class/cs259/ Course organization Lectures Tues, Thurs for approx first six weeks of quarter Project presentations in 3

805 views • 42 slides
Wireless Networks and Protocols MAP-TELE Jaime Dias, Manuel Ricardo Faculdade de Engenharia da

Wireless Networks and Protocols MAP-TELE Jaime Dias, Manuel Ricardo Faculdade de Engenharia da

WNP-MPR-Sec 1 Wireless Networks and Protocols MAP-TELE Jaime Dias, Manuel Ricardo Faculdade de Engenharia da Universidade do Porto WNP-MPR-Sec 2 Topics Scheduled for Today Authentication and access control Security basic

775 views • 49 slides
This power point presentation has been put together to support and provide explanation to the

This power point presentation has been put together to support and provide explanation to the

This power point presentation has been put together to support and provide explanation to the submission made by:- The Wellington Recreational Marine Fishers Association To the Wellington Regional Council Proposed Natural Resources Plan

340 views • 29 slides
Valuation Valuation Wetland Wetland Valuation of Environment and Resource Value is defined as

Valuation Valuation Wetland Wetland Valuation of Environment and Resource Value is defined as

Valuation Valuation Wetland Wetland Valuation of Environment and Resource Value is defined as the level of importance man places on the environment compared to other market goods. The economic value of any good or service is generally

869 views • 42 slides
GEOLOGIC HISTORY OF SKAGIT VALLEY Years Ago Volcano Event 6,000,000 Cascade Mountain range

GEOLOGIC HISTORY OF SKAGIT VALLEY Years Ago Volcano Event 6,000,000 Cascade Mountain range

GEOLOGIC HISTORY OF SKAGIT VALLEY Years Ago Volcano Event 6,000,000 Cascade Mountain range began to uplift. 8 2,000,000 Northern Washington was buried by several continental ice sheets.8 Oldest known deposits are in the White Chuck River

337 views • 33 slides
2019 California Current Ecosystem Status Report NOAA California Current IEA Team Presented to

2019 California Current Ecosystem Status Report NOAA California Current IEA Team Presented to

Supplemental CCIEA Presentation 1 Agenda Item E.1.a March 2019 2019 California Current Ecosystem Status Report NOAA California Current IEA Team Presented to the Pacific Fishery Management Council March 7, 2019, Vancouver, WA Summary

673 views • 44 slides
1H 2018 Results 14 September 2018 Disclaimer This presentation and its contents are This

1H 2018 Results 14 September 2018 Disclaimer This presentation and its contents are This

1H 2018 Results 14 September 2018 Disclaimer This presentation and its contents are This presentation is directed solely at persons To the extent available, any industry and without limitation, any statements preceded by, followed by or

443 views • 23 slides
WHY THE COAST MATTERS: REFLECTIONS ON GLOBALISATION AND GENDER IN TANZANIAN COASTAL COMMUNITIES

WHY THE COAST MATTERS: REFLECTIONS ON GLOBALISATION AND GENDER IN TANZANIAN COASTAL COMMUNITIES

WHY THE COAST MATTERS: REFLECTIONS ON GLOBALISATION AND GENDER IN TANZANIAN COASTAL COMMUNITIES Marilyn Porter* Department of Sociology, Memorial University, St. Johns, Newfoundland and Labrador A1C 2Z1, Canada. Mporter2008@gmail.com . This

618 views • 46 slides
Fisheries, I CM, MPAs and Scaling-up to MPA networks in the Coral Triangle Alan T. White Senior

Fisheries, I CM, MPAs and Scaling-up to MPA networks in the Coral Triangle Alan T. White Senior

Fisheries, I CM, MPAs and Scaling-up to MPA networks in the Coral Triangle Alan T. White Senior Scientist, The Global Marine Initiative The Nature Conservancy What is the Coral Triangle Initiative? Six objectives/strategies overall 1.

599 views • 24 slides
Conservation Education, Communication and Outreach Success Stories: Bridging the Gap Between

Conservation Education, Communication and Outreach Success Stories: Bridging the Gap Between

Conservation Education, Communication and Outreach Success Stories: Bridging the Gap Between Conservation and Communities and Solving Conservation Problems by Changing Behavior NAAEE Annual Meeting Pre-Conference Workshop Bridging

930 views • 62 slides

More recommend