Presentation Transcript

1. Wireless Security Using WEP, WPA, and WPA2 By Johnathan Stump Marius Pettersen

2. Overview • RCA4 • WEP • Flaws • WPA • WPA2

3. RCA4-Description • Stream Cipher • Used in SSL • Simple • Pseudorandom Key • PRGA

4. PSGR • The lookup stage of RC4. The output byte is selected by looking up the values of S(i) and S(j), adding them together modulo 256, and then looking up the sum in S; S(S(i) + S(j)) is used as a byte of the key stream, K.

5. RC4-Weaknesses • First bits in Keystream are biased • No Separate nonce • Possibly Hash to fix • Combinatorial Attack

6. WEP-Description • Uses RC4 • 40 bit key with 24 bit initialization vector • Moved to 104 bit key with 24 bit IV • Standard from cryptography laws • Uses Hexadecimal format • 26 chars, 4x26 bits = 104 bits

7. WEP-Encryption • Basic WEP Encryption: RC4 Keystream XORed with Plaintext

8. WEP-Encryption

9. WEP-Decryption

10. WEP-Security Flaws • Key • 24 bit IV, repeated key • Single Shared Key • Very Easy to “Eavesdrop” • Easy as 1 minute of work sometimes

11. Too Many Flaws? • What next?

12. WPA (Wi-Fi Protected Access) • Constructed by Wi-Fi Alliance • Using RC4 encryption • EAP(Extended Authentication Protocol) • Michael (MIC) message integrity • Designed for use with 802.1X • More secure than WEP

13. WPA Uses RC4 with 4 new features: • Extended 48-bit Initialization Vector (IV) and IV Sequencing Rules • A Message Integrity Code (MIC) • Key Derivation and Distribution • Temporal Key Integrity Protocol generates per-packet keys

14. 1.Extended 48-bit IV and IV Sequencing Rules • A 48 bit vector increases the number of possible initialization vectors (2^48) and key/IV combinations. • Prevents reuse and collision of IV • Blocks weak IV’s • Implements advanced sequencing rules

15. 2. Key derivation and Distribution • Password-Based Key Derivation version 2 • Derives keys using a Pseudorandom function to derive keys. Using a passphrase and a salt. • Keys are distributed • Using a four-way handshake • Using Pairwise Master Key, Client Random number, Client MAC, AP random number, AP MAC • Gives 4 values (Data encryption key, Data integrity key, Key exchange encryption key, Key exchange integrity key

16. 3.Temporal Key Integrity Protocol generates per-packet keys • Synchronized changing of the unicast encryption key

17. WPA encryption

18. WPA decryption

19. WPA2 WI-FI Alliance: http://www.wi-fi.org/knowledge_center/webcast-wpa-061103/

20. WPA2 Integrity check (CBC)

21. WPA2 Counter encryption

22. WPA2 Encryption

23. WPA2 Decryption

24. References • WIKI Pedia (http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy) • WI-FI (http://www.wi-fiplanet.com/tutorials/article.php/1368661) • IEEE Std 802.11i™-2004 (http://standards.ieee.org/getieee802/download/802.1X-2001.pdf) • WI-FI protected Access Web cast (http://www.wi-fi.org/files/kc_17_WPA%20Web%20Cast_6-11-03.pdf) • Cracking Wi-Fi Protected Access(http://www.ciscopress.com/articles/article.asp?p=369221&seqNum=3&rl=1) • IEEE 802.11 Wireless LAN security with Microsoft Windows - white paper (http://www.microsoft.com/downloads/details.aspx?FamilyID=67fdeb48-74ec-4ee8-a650-334bb8ec38a9&displaylang=en)