Lecture Notes 2005.10.6. Thursday

1
Lecture Notes2005.10.6. Thursday

• http//an.kaist.ac.kr/courses/2005/cs492
• Sue B. Moon

2
From Last Class on AODV

• Waiting time for a response on a RREQ?
• If a route is not received within
  NET_TRAVERSAL_TIME ms, then a node may broadcast
  another RREQ, up to a maximum of RREQ_RETRIES
• Use exponential backoff for next waiting time
• 2 NET_TRAVERSAL_TIME, 4 ..., 8 ...
• A node should not originate more than
  RREQ_RATELIMIT RREQ messages per second
• Refer to RFC3561 for further details
• How scalable is the protocol?
• Modifications made for scalability expanding
  ring search, query localization, local repair
• S-J Lee et al., Scalability Study of the Ad Hoc
  On-Demand Distance Vector Routing Protocol,
  Intl Journal on Network Management, Mar-Apr.
  2003.

3
802.11 MAC Frame Format

• Types
• control frames, management frames, data frames
• Sequence numbers
• important against duplicated frames due to lost
  ACKs
• Addresses
• receiver, transmitter (physical), BSS identifier,
  sender (logical)
• Miscellaneous
• sending time, checksum, frame control, data

4
MAC Frame Type/Subtype

• Management (00)
• Association/reassociation/probe request/response
• Beacon, ATIM
• Disassocation, authentication/deauthentication
• Control (01)
• Power Save (PS) poll
• RTS/CTS
• ACK, CF-End, CF-EndCF-Ack
• Data (11)
• Data, DataCF-Ack, DataCF-Poll,
  DataCF-AckCF-Poll
• CF-Ack, CF-Poll, CF-Ack CF-Poll

5
Beacon Frame Body

• Timestamp
• Beacon interval
• Capability information
• SSID
• Supported rates
• FH Parameter set
• DS Parameter set
• CF Parameter set CFPCount/Period/MaxDur ...
• IBSS Parameter set
• TIM
• DTIM count, DTIM period, Bitmap control, Partial
  virtual bitmap

6
Power saving with wake-up patterns
(infrastructure)
TIM interval
DTIM interval
D
T
T
D
B
B
d
access point
busy
busy
busy
busy
medium
p
d
station
t
7
Power-Saving with PCF/DCF

• Superframe CFP (PCF) CP (DCF)

8
Power saving with wake-up patterns (ad-hoc)
ATIM window
beacon interval
B1
B1
A
D
station1
B2
B2
a
d
station2
t
D
B
transmit data
beacon frame
random delay
a
d
awake
acknowledge ATIM
acknowledge data
9
IEEE 802.11 security

• War-driving drive around Bay area, see what
  802.11 networks available?
• More than 9000 accessible from public roadways
• 85 use no encryption/authentication
• packet-sniffing and various attacks easy!
• Securing 802.11
• encryption, authentication
• first attempt at 802.11 security Wired
  Equivalent Privacy (WEP) a failure
• current attempt 802.11i

10
Wired Equivalent Privacy (WEP)

• authentication as in protocol ap4.0
• host requests authentication from access point
• access point sends 128 bit nonce
• host encrypts nonce using shared symmetric key
• access point decrypts nonce, authenticates host
• no key distribution mechanism
• authentication knowing the shared key is enough

11
WEP data encryption

• Host/AP share 40 bit symmetric key
  (semi-permanent)
• Host appends 24-bit initialization vector (IV) to
  create 64-bit key
• 64 bit key used to generate stream of keys, kiIV
• kiIV used to encrypt ith byte, di, in frame
• ci di XOR kiIV
• IV and encrypted bytes, ci sent in frame

12
802.11 WEP encryption
Sender-side WEP encryption
13
Breaking 802.11 WEP encryption

• Security hole
• 24-bit IV, one IV per frame, -gt IVs eventually
  reused
• IV transmitted in plaintext -gt IV reuse detected
• Attack
• Trudy causes Alice to encrypt known plaintext d1
  d2 d3 d4
• Trudy sees ci di XOR kiIV
• Trudy knows ci di, so can compute kiIV
• Trudy knows encrypting key sequence k1IV k2IV
  k3IV
• Next time IV is used, Trudy can decrypt!

14
802.11i improved security

• numerous (stronger) forms of encryption possible
• provides key distribution
• uses authentication server separate from access
  point

15
802.11i four phases of operation
AP access point
STA client station
AS Authentication server
wired network
STA and AS mutually authenticate,
together generate Master Key (MK). AP servers as
pass through
STA derives Pairwise Master Key (PMK)
AS derives same PMK, sends to AP
16
EAP extensible authentication protocol

• EAP end-end client (mobile) to authentication
  server protocol
• EAP sent over separate links
• mobile-to-AP (EAP over LAN)
• AP to authentication server (RADIUS over UDP)

wired network
EAP TLS
EAP
RADIUS
EAP over LAN (EAPoL)
IEEE 802.11
UDP/IP
17
Network Security (summary)

• Basic techniques...
• cryptography (symmetric and public)
• authentication
• message integrity
• key distribution
• . used in many different security scenarios
• secure email
• secure transport (SSL)
• IP sec
• 802.11

18
Acknolwedgements

• Slides on WEP and 802.11 security from
• Kurose and Rosss book distribution