wifi security
play

WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open - PowerPoint PPT Presentation

Oct 24, 2023 •207 likes •674 views

Advanced Network Security (2019-2020) WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home WiFi network IEEE 802.11 WEP WPA/WPA2/WPA3 Personal/Enterprise Eduroam Attacks 2

  1. Advanced Network Security (2019-2020) WiFi security Harald Vranken 1

  2. Agenda • Introduction to WiFi • Open WiFi networks • Home WiFi network • IEEE 802.11 – WEP – WPA/WPA2/WPA3 Personal/Enterprise – Eduroam – Attacks 2

  3. Introduction to WiFi • IEEE 802.11 standard – Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications – Original version 1997; latest version 2016 (~3500 pages!) • Numerous amendments, eg. 802.11i Medium Access Control (MAC) Security Enhancements • Security certification programs by WiFi Alliance, eg. WPA2 and WPA3 – ensure that Wi-Fi products from multiple manufacturers work well together • Some terminology: – Station (STA): device with WiFi capability – Access Point (AP): station that other stations can connect to to get access to a network (also referred to as authenticator) – Supplicant: indicates client when authenticating – SSID (Service Set Identifier): name of the network – MIC (Message Integrity Check): is Message Authentication Code (MAC); to prevent confusion with Medium Access Control (MAC) 3

  4. WiFi security Security of public WiFi hotspots across the world (2016) • Open access • Protected access – Wireless Equivalent Privacy (WEP) – WiFi Protected Access (WPA/WPA2/WPA3) Source: https://securelist.com/research-on-unsecured-wi-fi-networks-across-the-world/76733/ 4

  5. Open networks • Public hotspots for free WiFi – May provide captive portal – May use pre-shared key (PSK) o PSK is announced publically (on paper/wall/…) o PSK is used in "4-way handshake" to derive encryption keys for bulk wireless data • No encryption of traffic – Attacker can eavesdrop on all network traffic – Also in case of PSK, because o PSK is known by everyone o Attacker can eavesdrop on 4-way handshake and derive encryption keys o In case attacker missed 4-way handshake, a forged "deauthenticate" can be issued that will cause client and AP to redo 4-way handshake 5

  6. Open networks • New in WPA3 (2018): Opportunistic Wireless Encryption (OWE) – Specified in RFC 8110 – Intended to make eavesdropping a bit harder in public networks (open or with PSK) – Client and AP perform Diffie-Hellman key exchange to obtain shared key (instead of PSK) – Provides data encryption (but no authentication) 6

  7. Open networks • Broken access control measures – Hidden network (security by obscurity; access requires knowing SSID) o Access point continuously sends beacon packets; may hide by not including SSID o Easy to eavesdrop on clients that have SSID (not only when client actually connects to network; client also constantly sends connection requests to ‘saved networks’ in order to improve connectivity) – Filter based on whitelist of MAC addresses o Client can easily spoof its MAC address 7

  8. Open networks • Evil twin attack – Malicious access point pretends to be a preferred network of user – When user connects, attacker can sniff all traffic and act as man-in-the-middle • KARMA: special case of evil twin attack – Vulnerable client devices broadcast ‘preferred network list’ (PNL) containing SSIDs of access points to which client has previously connected – Malicious access point receives PNL and takes an SSID from PNL Dai Zovi, D. A., & Macaulay, S. A. (2005). Attacking Automatic Wireless Network Selection Proceedings from the 6th Annual IEEE SMC Information Assurance Workshop, p. 365–372 • OWE offers no protection against evil twin attack 8

  9. Wireless home network • WPS (Wi-Fi Protected Setup) – security specification certified by WiFi Alliance to create a secure wireless home network • Connect wireless device to AP by entering PIN on device – easily retrieved by brute-force attack due to vulnerabilities in WPS protocol • In case attacker has physical access to AP – PIN is written on AP – Connect wireless device to AP by pushing (virtual) button on device and AP 9

  10. IEEE 802.11-1999 • WEP (Wired Equivalent Privacy) Authentication Data encryption • 4-step challenge–response handshake – Rivest Cipher 4 (RC4) stream cipher between client and access point – preshared WEP key • preshared WEP key 10

  11. WEP security • Secret keys can be cracked in a few minutes using a basic laptop computer • Security is easy to crack and about as good as an open network • Stop using it! A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP) by A. Stubblefield, J. Ioannidis, and A. D. Rubin ACM Trans. Inf. Syst. Security, vol. 7, no. 2, pp. 319–332, May 2004 Breaking 104 bit WEP in less than 60 seconds by E. Tews, R.-P. Weinmann, and A. Pyshkin Information Security Applications, Lecture Notes in Computer Science, vol. 4867, pp. 188–202, 2007 11

  12. IEEE 802.11-2016 • Establishment Probe request – Discovery: find nearby networks by Probe response (security parameters) monitoring beacons or active probing Authentication request – Authentication: typically ‘Open’ Authentication response (included for WEP) Association request(security parameters) – Association: agreement on cipher suites Association response and security algorithms 802.1x EAP authentication • Optional: 802.1x EAP authentication 4-way handshake – Mutual authentication using EAP Data (Extensible Authentication Protocol) – Generation of PMK (shared secret key) • Optional: 4-way handshake – Confirmation that PMK is known – Exchange of session keys • Data exchange 12

  13. WPA (WiFi Protected Access) Certified by WiFi Alliance • WPA (2003): based on subset of IEEE 802.11i draft • WPA2 (2004): based on IEEE 802.11i std. – Uses AES instead of RC4 and provides stronger authentication • WPA3 (WiFi Alliance, 2018): – Prevents eavesdropping and forging of unicast management action frames; prevents forging of multicast management action frames – Stronger cryptography (192-bit mode) o Authenticated encryption: 256-bit Galois/Counter Mode Protocol (GCMP-256) o Key derivation and confirmation: HMAC-SHA384 o Key establishment and authentication: Elliptic Curve Diffie-Hellman (ECDH) exchange and Elliptic Curve Digital Signature Algorithm (ECDSA) using a 384-bit elliptic curve 13

  14. WPA security: data confidentiality Confidentiality Personal/Enterprise WPA TKIP • TKIP (Temporary Key Integrity Protocol) WPA2 CCMP – As WEP, based on RC4 stream cipher WPA3 GCMP – Also included in WPA2 for backwards compatibility – Deprecated in IEEE 802.11-2016 standard – Known to have biases that can be exploited to break it – Possible to inject and decrypt packets – Attack only takes about an hour, relies on generation of identical packets All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS by Mathy Vanhoef and Frank Piessens, Usenix Security 2015 • CCMP (Counter Mode – Cipher Block Chaining Message Authentication Code Protocol) – Most widely-used – Based on AES CCMP/ GCMP • GCMP (Galois/Counter Mode Protocol) encryption – Being rolled out (WiGig) Construct CCMP/GCMP header 14

  15. Authentication Personal Enterprise WPA security: authentication WPA PSK 802.1x • WPA personal WPA2 PSK 802.1x – Personal network WPA3 SAE 802.1x – WPA/WPA2: Pre-shared key (PSK) – WPA3: Simultaneous Authentication of Equals (SAE) • WPA Enterprise – Enterprise network – IEEE 802.1x authentication using Extensible Authentication Protocol (EAP) and Authentication server 15

  16. ‘Open’ method in authentication phase PSK (WPA/WPA2 Personal) • Authentication takes place in 4-way handshake • Uses pre-shared key (PSK) for authentication • PSK used directly as PMK in 4-way handshake Probe request Supplicant/station Authenticator/AP Probe response (security parameters) Authentication request ANonce Authentication response Association request(security parameters) Derive PTK SNonce, MIC Association response 802.1x EAP authentication Derive PTK ANonce, MIC, Enc KEK (GTK) 4-way handshake MIC Data Install PTK Install PTK Encrypted data frames 16

  17. Supplicant/station Authenticator/AP Keys and 4-way handshake • Before starting 4-way handshake, client and ANonce access point share secret key PMK (Pairwise Master Key) Derive PTK • During 4-way handshake, client and access point SNonce, MIC derive a fresh session key PTK (Pairwise Transient Key) Derive PTK – Derived from PMK, ANonce, SNonce, ANonce, MIC, Enc KEK (GTK) and MAC addresses of client and access point MIC – Split into Install PTK Install PTK o KCK (Key Confirmation Key): for generating MIC Encrypted data frames o KEK (Key Encryption Key): for encryption of keys o TK (Temporal Key): for data confidentiality and integrity • Also group keys – GMK (Group Master Key) – GTK (Group Temporal Key): shared between all connected clients and access point, used for broadcast and multicast traffic 17

  18. PSK attack • PMK is derived from an ASCII password using a key derivation function (KDF): PMK = KDF(password, SSID) • Passive attacker can 1. obtain SSID, MAC addresses, nonces, MIC (HMAC using KCK) 2. perform offline brute-force attack on password (eg. dictionary attack or rainbow table attack) 3. obtain PMK and PTK • Often password is shared, eg. in coffee bars or restaurants... • What can an attacker do once the PSK is known? – Connect to the network ANonce, SNonce, SSID MAC addresses – Eavesdrop on other users KCK PSK/PMK PTK KEK Password KDF PRF TK 4-way handshake 18

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi

WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi

Advanced Network Security WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi IEEE 802.11 standard Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications original

721 views • 48 slides
WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise

WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise

Advanced Network Security WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise WPA3 Key reinstallaton aaacas 2 WiFi IEEE 802.11 standard Some terminology: Staton (STA) is a

479 views • 46 slides
WiFi Basics & Security Matthias Vallentin vallentin@net.in.tum.de Vorlesung

WiFi Basics & Security Matthias Vallentin vallentin@net.in.tum.de Vorlesung

WiFi Basics & Security Matthias Vallentin vallentin@net.in.tum.de Vorlesung Internetprotokolle SS06 Prof. Anja Feldmann, Ph.D. Outline 802.11 (WiFi) Basics Standards: 802.11{a,b,g,h,i} CSMA/CA WiFi Security

998 views • 42 slides
WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at

WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at

WiFi Social Engineering BIO Gabriel Mathenge Security enthusiast Security consultant at Ernst and Young (EY) Penetration testing and red teaming T: https://twitter.com/_V1VI E: gabriel@thevivi.net QUESTIONS Stop me whenever youre

891 views • 42 slides
Incentivize decentralized WiFi roaming through VPN on home routers RP2 rp-id 25, Security and

Incentivize decentralized WiFi roaming through VPN on home routers RP2 rp-id 25, Security and

Incentivize decentralized WiFi roaming through VPN on home routers RP2 rp-id 25, Security and Network Engineering, UvA Sander.Lentink@os3.nl Peter.Boers@surfnet.nl 2019-11-13 1 / 38 Introduction We desire Wi-Fi Wi-Fi being the best

576 views • 38 slides
INTERNET OF TARGETS Leif Nixon Sarcasm a pair vibrator with bluetooth wtf? no wifi no

INTERNET OF TARGETS Leif Nixon Sarcasm a pair vibrator with bluetooth wtf? no wifi no

INTERNET OF TARGETS Leif Nixon Sarcasm a pair vibrator with bluetooth wtf? no wifi no food no wifi no food do you have devices that need your wifi to be working? security cameras thermostats smart appliances smoke alarms smart

1.1k views • 82 slides
The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs Bluetooth Security and Cooperation in Wireless Networks Georg-August University Gttingen Security in Wireless Networks Wireless networks are

519 views • 48 slides
Overview Basic WiFi concepts Some deployment issues WiFi versions 15-441/641: WiFi

Overview Basic WiFi concepts Some deployment issues WiFi versions 15-441/641: WiFi

11/20/2019 Overview Basic WiFi concepts Some deployment issues WiFi versions 15-441/641: WiFi Networks 15-441 Fall 2019 Profs Peter Steenkiste & Justine Sherry Fall 2019 https://computer-networks.github.io/fa19/ 2

717 views • 10 slides
WEP/WPA2 WiFi Password Security & Exploiting IP Based Surveillance Cameras By Basiru

WEP/WPA2 WiFi Password Security & Exploiting IP Based Surveillance Cameras By Basiru

WEP/WPA2 WiFi Password Security & Exploiting IP Based Surveillance Cameras By Basiru Mohammed Rajkumar Ramadhin Alexander Martin Introduction With growing advancement in the "Internet of Things" we must take a look at the

468 views • 29 slides
SOCIAL WIFI PROPOSAL Thank you for your interest in our social wifi re-marketing platform. If

SOCIAL WIFI PROPOSAL Thank you for your interest in our social wifi re-marketing platform. If

SOCIAL WIFI PROPOSAL Thank you for your interest in our social wifi re-marketing platform. If you already provide free wifi in your establishment then Zyppee would definitely be of interest, considering the high footfall your business enjoy 's

228 views • 10 slides
Wifi Security -or- or Descending Into Depression g p and Drink Mike Kershaw / Dragorn d

Wifi Security -or- or Descending Into Depression g p and Drink Mike Kershaw / Dragorn d

Wifi Security -or- or Descending Into Depression g p and Drink Mike Kershaw / Dragorn d dragorn@kismetwireless.net @ki i l The plan 802.11 networks Well defended APs Well-defended APs Less Basic vulnerabilities

1.7k views • 148 slides
SOCIAL WIFI PROPOSAL Thank you for your interest in our social wifi re-marketing platform. If

SOCIAL WIFI PROPOSAL Thank you for your interest in our social wifi re-marketing platform. If

SOCIAL WIFI PROPOSAL Thank you for your interest in our social wifi re-marketing platform. If you already provide free wifi at your branches then Magico would definitely be of interest, considering the high footfall your branches enjoy.

590 views • 9 slides
WiFi On Boats By Digital Yacht Presented by: Nick Heyes CEO Digital Yacht WiFi On Boats The

WiFi On Boats By Digital Yacht Presented by: Nick Heyes CEO Digital Yacht WiFi On Boats The

WiFi On Boats By Digital Yacht Presented by: Nick Heyes CEO Digital Yacht WiFi On Boats The Possibilities WiFi Brand name for wireless networking under IEEE standard 802.11 _________________ Wireless access to the internet Distribute

258 views • 12 slides
NVK WiFi Hotspot Solution 2015 Managed, Legally, Future Proof WiFi Hotspot Networks Agenda

NVK WiFi Hotspot Solution 2015 Managed, Legally, Future Proof WiFi Hotspot Networks Agenda

NVK WiFi Hotspot Solution 2015 Managed, Legally, Future Proof WiFi Hotspot Networks Agenda Basic WiFi Architecture Monetized WiFi Architecture NVKs Solution providing EnGenius Professional AP EnGenius EWS SOLUTION NVK

642 views • 47 slides
WIFI Code: WIFI Guest - welcome2 Welcome IMPORTANT - Housekeeping Notice: 1) Fire Alarms

WIFI Code: WIFI Guest - welcome2 Welcome IMPORTANT - Housekeeping Notice: 1) Fire Alarms

WIFI Code: WIFI Guest - welcome2 Welcome IMPORTANT - Housekeeping Notice: 1) Fire Alarms / Fire Exit 2) Toilets 3) Please turn Mobile Phones to SILENT Session slides will be circulated on email to ALL attendees. Annual

906 views • 74 slides
Leeds 7 June 2017 @GlobalCompactUK #GlobalGoalsUK @PRME_UKI @centre_glgr WIFI: Visitor WiFi

Leeds 7 June 2017 @GlobalCompactUK #GlobalGoalsUK @PRME_UKI @centre_glgr WIFI: Visitor WiFi

Leeds 7 June 2017 @GlobalCompactUK #GlobalGoalsUK @PRME_UKI @centre_glgr WIFI: Visitor WiFi https://www.youtube.com/playlist?list=PLkDIhymNyNmawvPzi W3jz95LRNr8piTh9 Videos courtesy of Project Everyone http://www.project-everyone.org/

297 views • 25 slides
Sunday, December 16, 12 Sunday, December 16, 12 Sunday, December 16, 12 CLUB BAR TAVERN

Sunday, December 16, 12 Sunday, December 16, 12 Sunday, December 16, 12 CLUB BAR TAVERN

Sunday, December 16, 12 Sunday, December 16, 12 Sunday, December 16, 12 CLUB BAR TAVERN RESTAURANT Sunday, December 16, 12 52 Sunday, December 16, 12 52 Sunday, December 16, 12 52 Sunday, December 16, 12 RESTAURANT Sunday, December

681 views • 51 slides
Tendenze del contesto Tendenze del contesto Forte concentrazione nel settore del trasporto

Tendenze del contesto Tendenze del contesto Forte concentrazione nel settore del trasporto

Movimentazione portuale di Movimentazione portuale di contenitori contenitori Modelli di sviluppo, concentrazione, competizione tra i range europei nel periodo 1972-2002 Claudio Ferrari DIEM Univ. di Genova SIET VII Riunione

325 views • 11 slides
Charmonium ( cc ) mass in hadron-nucleus reactions, how the in-medium gluon condensate can be

Charmonium ( cc ) mass in hadron-nucleus reactions, how the in-medium gluon condensate can be

Charmonium ( cc ) mass in hadron-nucleus reactions, how the in-medium gluon condensate can be measured International workshop on Hadron structure and interaction in dense matter Tokai, 12.11.2018. Gy. Wolf MTA Wigner RCP Motivation

880 views • 33 slides
The current evaluation of |V | and the top-row test of CKM matrix unitarity ud CURRENT STATUS

The current evaluation of |V | and the top-row test of CKM matrix unitarity ud CURRENT STATUS

J.C. Hardy Cyclotron Institute Texas A&M University with I.S. Towner The current evaluation of |V | and the top-row test of CKM matrix unitarity ud CURRENT STATUS OF V ud .9700 .9800 .9750 nuclear 0 0 + + neutron nuclear

880 views • 61 slides
e rard Rauzy (1938 - 2010) Christian Mauduit (1958 - 2019) Grands math e maticiens et bons fol

e rard Rauzy (1938 - 2010) Christian Mauduit (1958 - 2019) Grands math e maticiens et bons fol

G e rard Rauzy (1938 - 2010) Christian Mauduit (1958 - 2019) Grands math e maticiens et bons fol a tres S e bastien FERENCZI Au moins sera de moy memoire Telle quil est dung bon folastre (Fran c ois Villon). fol atrer = to

422 views • 19 slides
AN INTRODUCTION TO OPTIMAL DESIGN G. Allaire, Ecole Polytechnique Optimal design of structures

AN INTRODUCTION TO OPTIMAL DESIGN G. Allaire, Ecole Polytechnique Optimal design of structures

1 OPTIMAL DESIGN OF STRUCTURES (MAP 562) G. ALLAIRE January 4th, 2017 Department of Applied Mathematics, Ecole Polytechnique CHAPTER I AN INTRODUCTION TO OPTIMAL DESIGN G. Allaire, Ecole Polytechnique Optimal design of structures 2 A FEW

531 views • 30 slides
Chapter 9: Rule Mining 9.1 OLAP 9.2 Association Rules 9.3 Iceberg Queries 9-1 IRDM WS 2005

Chapter 9: Rule Mining 9.1 OLAP 9.2 Association Rules 9.3 Iceberg Queries 9-1 IRDM WS 2005

Chapter 9: Rule Mining 9.1 OLAP 9.2 Association Rules 9.3 Iceberg Queries 9-1 IRDM WS 2005 9.1 OLAP: Online Analytical Processing Mining business data for interesting facts and decision support (CRM, cross-selling, fraud, trading/usage

379 views • 23 slides
Chapter VII: Frequent Itemsets & Association Rules Information Retrieval & Data Mining

Chapter VII: Frequent Itemsets & Association Rules Information Retrieval & Data Mining

Chapter VII: Frequent Itemsets & Association Rules Information Retrieval & Data Mining Universitt des Saarlandes, Saarbrcken Winter Semester 2011/12 Chapter VII: Frequent Itemsets & Association Rules VII.1 Definitions

524 views • 37 slides

More recommend