802.11 Wireless Security

John BertiSenior Manager

Deloitte – Security and Privacy Services

Agenda

•Introduction to Wireless•Wireless Networks•Wireless Security•Top 8 Security Issues with 802.11•Security Controls for Wireless Networks•Summary Best Practices•Final Thoughts

Introduction to Wireless

Cell Phones

PDAs

WLANs

The Wireless World

Cordless Phones

Toys

Appliances

Introduction to Wireless

103 Hz

106 Hz

109 Hz

1012 Hz

1015 Hz

1018 Hz

1021 Hz

Radio

Microwave

Infrared

Visible LightUltraviolet

X-Ray

Gamma Rays

Introduction to Wireless

The Radio Frequency Band

0 100 200 300 400 500 600 700 800 900 1GHz 3GHz 5GHz 10GHz

AM Radio (535 – 1605 KHz)

VHF TV (174 – 216 MHz)

FM Radio (88 – 108 MHz)

UHF TV (512 – 806 MHz)

Analog Cellular (824-894 MHz)

Digital Cellular (1850-1900 MHz)

Cordless Phones, Toys (900 MHz)

802.11b,g Bluetooth, Phones (2.4 GHz)

802.11a, g (5 GHz)

                          

                 

Unlicensed Radio Frequencies

Licensed Radio Frequencies

Introduction to Wireless

Wireless Networks

What is a Wireless Network

Wireless AccessPoint

Demilitarized Zone(Firewall, Web Servers)

Wireless NetworkCard

Wireless Laptop

Wireless Phone

Wireless PDA

InternalInternalNetworkNetworkInternal Network

Wireless Networks

Wireless Network Standards

Bluetooth• Intended as a replacement for cables over shorter

distances, with an effective range of up to 10 meters. • 1 Mbps Date Rate• 2.4 GHz Frequency Band

802.11b• Extension to 802.11 Wireless LAN standard• 11 Mbps Data Rate• 2.4 GHz Frequency Band• Digital Sequence Spread Spectrum (DSSS)

Wireless Networks

Wireless Network Standards

802.11a• Extension to 802.11 Wireless LAN standard• 54 Mbps Data Rate• 5 GHz Frequency Band• Orthogonal Frequency Division Multiplexing (OFDM)

802.11g • Replacement for 802.11b with higher rate • 54 Mbs Data Rate• 2.4 GHz and 5 GHz Frequency Bands

Wireless Networks

Wireless Networks

802.11 Standards Comparison

Wireless Standard

802.11b 802.11a 802.11g

Popularity Widely Adopted Not Very Popular Widely Adopted

Speed 11 Mbps 54 Mbps 54 Mbps

Cost Inexpensive More Expensive Inexpensive

Frequency 2.4 GHz 5 GHz 2.4 GHz

Range 300 – 1750 ft 60 – 100 ft 100 – 150 ft

Public Access

Hotspots available at most airports,

colleges and some restaurants and

coffee shops

NoneHotspots readily

available

Compatibility 802.11b 802.11a802.11b802.11g

Comparison Data From http://www.linksys.com/edu/wirelessstandards.asp

Wireless Networks

Other task groups:

•802.11e – Quality of Service•802.11n – 100mb over Wireless•802.11s – Mesh Networks (Self Healing)•802.11r – Fast Hand-off – Re-association from AP to AP

•802.11p – Wi-Fi in moving vehicles

Wireless Security

Wireless Security

•There are numerous risks associated with wireless technology that could potentially be detrimental to an organization and its wireless infrastructure.

•These risks can be categorized into 6 classes:–Eavesdropping;–Transitive Trust;– Impersonation or masquerading;–Denial of Service;– Infrastructure;–Device vulnerability;

802.1x – Access Control– Complete and published standard for controlled port access– Dynamically generated, session based WEP keys– Both session & packet authentication– User oriented authentication support– Extensible Authentication Protocol (EAP) – an extension to

RADIUS servers enabling wireless client authentication to the wired LAN.

– Several vendors, like Cisco and 3Com, have already begun measures to ensure their implementations comply with the latest draft of 802.1x standards

802.11i – Security – 100% focus on security– Standard completed– Provides extensions to current WEP requirements

Authentication algorithm yet to be determined

Advanced Encryption Standard (AES) - block cipher encryption algorithm

Wireless Security

Wireless Security

• Wired Equivalent Privacy (WEP) is the standard for WLAN encryption– It is not widely used (50% of networks don’t use it)– Easily broken– It uses shared keys

For more details on WEP Cracking see the paper by Scott Fluhrer, Itsik Mantin, and Adi Shamir. http://www.drizzle.com/%7Eaboba/IEEE/rc4_ksaproc.pdf

• Newer WLAN equipment will support Wi-Fi Protected Access (WPA) standards – Subset of WLAN security standards based on 802.11i working group– WPA – TKIP – Changing of keys– WPA2 - Advanced Encryption Standard (AES)

Problems with WEP

1. WEP is hardly used!

•In this scan done recently on my way to work only 15 of the 45 access points detected used WEP.

•That’s only 33%.

•Note: Some of these networks may actually use other methods of encrypting data such as VPN

Problems with WEP

2. WEP Can Be Cracked

• The IV is sent as plaintext with the encrypted packet. It can be sniffed.

• XOR is a simple process that can be easily used to deduce any unknown value if the other two values are known

• The first byte of transmitted data is always the same, giving an attacker knowledge of both the plaintext and ciphertext.

(The SNAP header, which equals “AA” in hex or “170” decimal.)

• A certain format of IVs are known to be weak. By targeting attacks on packets with weak IVs the amount of data and analysis needed to derive the shared key is greatly reduced.

• By combining the above observations about the implementation of WEP, hackers have developed tools that can obtain the shared key after collecting approximately 500,000 to 2,000,000 packets with < 1 minute cracking time.

Problems with WEP

3. WEP uses a Shared Key

• Using shared keys is impractical on large networks

• Key management is very difficult (Difficult to ensure keys can be periodically changed)

• Knowledge of the shared key is disseminated

• Inevitably someone will incorrectly configure a wireless device

IndexNetwork

Type ESSIDBSSID (MAC

address) Channel Cloaked WEP Data

RateMax Signal

Strength

1 Access Point <no ssid> 00:01:xx:xx:xx:xx 11 No Yes 11 62

2 Access Point <no ssid> 00:01:xx:xx:xx:xx 0 No No 0 69

3 probe wlan 00:01:xx:xx:xx:xx 0 No No 11 71

4 probe wlan 00:01:xx:xx:xx:xx 0 No No 11 73

5 unknown wlan 00:01:xx:xx:xx:xx 0 No No 11 60

6 unknown !OUxxxxxx 00:40:xx:xx:xx:xx 6 No No 11 71

WPA Security

WiFi Protected Access (WPA) – originally a temporary answer to flaws in WEP. At the heart of WPA is TKIP (Temporary Key Integrity Protocol) which uses re-keying to get away from the problems inherent in static WEP.

WPA Security

Adds authentication through one of two methods1) Pre-shared Key (PSK), which is similar to WEP, fine for small networks2) 802.1x authentication, uses a backend authentication server such as RADIUS

Top 8 Security Issues with 802.11

Wireless Lan VulnerabilitiesSubtopics

• Detection• Eavesdropping• Modification• Injection• Hijacking• WLAN Architecture• Radio Frequency

Management Corporate Intranet

Internet

Detection & Eavesdropping

• Detection– WLAN will generate

and broadcast detectable radio waves for a great distance

• Eavesdropping– WLAN signals

extend beyond physical security boundaries

Eavesdropping

• Service Set Identifier (SSID) may be broadcasted.• SSID string may identify your organization.

Eavesdropping

• Standard Wired Equivalent Privacy (WEP) encryption is often not used.

• When used, WEP is flawed and vulnerable.• No user authentication in WEP.

Clear Text Passwords

IP Addresses

Company Data

Modification, Injection & Hijacking

• Modification– Standard Wired Equivalent Privacy (WEP)

encryption has no effective integrity protection.• Injection

– Static WEP keys can be determined by analysis.– Adversaries can attach to the network without

authorization.• Hijacking

– Adversaries can hijack authenticated sessions protected only by WEP.

• Security Architecture

Firewall

Internal Network

Internet

DMZ

WLAN Architecture

Rogue AP

Radio Frequency Management

• Poor RF management will lead to unnecessary transmission of your RF signal into unwanted areas.

• Also consider other devices which may cause interference.

Building A

Parking Lot

Wireless LAN Security ControlsSubtopics

1. SSID Broadcasting2. MAC Address Filtering3. Security Architecture4. Radio Frequency Management5. Encryption6. Authentication7. New Wireless LAN Security Protocols

SSID Broadcasting

•Disable the broadcasting of the SSID.–Not possible on all Access Points–Easily bypassed–Only useful on low-value networks–SSID should also not be easily correlated to your organization name

MAC Address Filtering

•Some Access Points allow the administrator to specify which link layer (MAC) addresses can attach.–Easily bypassed–Does not scale–Only useful for low-value networks

Security Architecture

Firewall

Internal Network

Internet DMZ (VPN Server)

DMZ (VPN Server) Firewall

Radio Frequency Management

Building A

Parking Lot

•Use a scanner to determine your RF footprint•Monitor interference sources

Wireless Encryption

•Static WEP keys are insufficient for many networks

•New secure protocols exist for WLAN protection

•Layered VPN is a common solution for WLAN networks

Subtopics

Wireless LAN Security Mechanisms:• Access Control• Authentication• Encryption• Integrity

802.11 Wireless LAN Security Protocols:• 802.1X / Dynamic WEP• Wi-Fi Protected Access (WPA)• Wi-Fi Protected Access 2 (WPA2)

Authentication

•Wireless LAN needs an authenticated key exchange mechanism

•Most secure WLAN implementations use Extensible Authentication Protocol (EAP)

•Many EAP methods are available–One factor include EAP-MD5, LEAP, PEAP-MSCHAP, TTLS-MSCHAP, EAP-SIM

–Two factor methods include EAP-TLS, TTLS with OTP, and PEAP-GTC

•Need mutual authentication

Encryption

•Static WEP•Dynamic WEP•Temporal Key Integrity Protocol (TKIP)–Uses RC4 Stream Cipher with 128 bit per-packet keys

•Counter-Mode-CBC-MAC Protocol (CCMP)–Uses Advanced Encryption Standard (AES) with 128 bit keys

Integrity Protection

•WEP has no cryptographically strong integrity protection

•TKIP uses a new Message Integrity Code called “Michael”

•CCMP uses AES in CBC-MAC mode

802.11 Security Solutions

802.1x Dynamic WEP

Wi-Fi Protected Access

Wi-Fi Protected Access 2

Access Control 802.1X 802.1X or Pre-Shared Key

802.1X or Pre-Shared Key

Authentication EAP methods EAP methods or Pre-Shared Key

EAP methods or Pre-Shared Key

Encryption WEP TKIP (RC4) CCMP (AES Counter Mode)

Integrity None Michael MIC CCMP (AES CBC-MAC)

Tools and Techniques

Hacker Tools and Techniques

Discovery

Association Polling– Set SSID to “Any” on Client– Card automatically associates with the strongest AP– Default setting for most wireless clients

* Reason that Fake APs are a threat to unsuspecting clients

Scan Mode Polling– Send a Scan Request to the card, receive a Scan response back with AP info– Card keeps track of received beacon packets and probe requests– Will detect both APs as well as adhoc networks– Will only detects Access Points that are configured to Beacon the SSID– Technique used by Netstumbler

Hacker Tools and Techniques

Discovery

Monitor Mode Protocol Analysis– Sets card into monitor mode and analyzes beacons and probes– Will detect closed APs & wireless nodes– Allows access to information such as SSID, Authentication Mechanisms,

Encryption Types, Speeds, etc.– Used by tools like Kismet

Hacker Tools and Techniques

Discovery Tools

Netstumbler• Latest version of NetStumbler requires Windows 2000, Windows XP, or

better.• The Proxim models 8410-WD and 8420-WD are known to work. The

8410-WD has also been sold as the Dell TrueMobile 1150, Compaq WL110, Avaya Wireless 802.11b PC Card, and others.

• Most cards based on the Intersil Prism/Prism2 chip set also work.• Most 802.11b, 802.11a and 802.11g wireless LAN adapters should

work on Windows XP. Some may work on Windows 2000 too. Many of them report inaccurate Signal strength, and if using the "NDIS 5.1" card access method then Noise level will not be reported.

Hacker Tools and Techniques

Discovery Tools

Kismet• Runs on Linux• Cards must be capable of running in RF-Monitor Mode• Can also be setup with drones to use it as a wireless intrusion

detection solution.

Summary Best Practices

Summary Best Practices

• Understand and respect the fact that WLANs are difficult to manage• Implement WLAN policies and management processes• Treat your WLAN like the Internet and run a VPN connection over it• Change the default vendor-set SSID for access points and for WLAN

terminals• Use Port access-control to protect WLANs from unauthorized access• Use at least WEP encryption (128-bit ), and some other access control

mechanism (RADIUS)• Ensure that access points are not broadcasting their SSIDs• Scan for, and make it known to employees that they are not permitted

to install rogue access points• Utilize WLAN network cards that support password-protection of

attribute changes• Deploy real-time, content-level security measures (such as antivirus

firewalls) in conjunction with each WLAN access point

Deployment Considerations

• Site Survey – Think vertical and horizontal!

• Layer Security– Secure Access Point– Use Secure Protocols (802.1x, IPSEC, SSL, etc)– Access Controls

• Logging, Monitoring, and Alerting Mechanisms– How do you know you are being attacked?

• Education and Awareness