Wireless Encryption and Beyond

1
Wireless Encryption and Beyond

• Justin Kontny, Chris Nassouri, and Matt Martens

2
History of Wireless Networks

• The first generation wireless modems were created
  in the early 1980's by amateur radio operators.
• These wireless data modems by adding a voice band
  data communication modem that had rates below
  9600 bit/s to an already made short range radio
  system.

3
Second generation networks

• Second generation wireless modems were created
  after the FCC announced that there would be
  experimental, non military use bands for spread
  spectrum technology.
• These modems were able to prove data rates of
  hundreds of kbs.

4
Third Generation

• The third generation wireless modems were
  directed towards compatibility with the current
  LAN that harbored data rates of Mbit/s.

5
Why security is needed

• Unlike LAN networks Wireless networks can be
  attacked without Physically being connected via
  network jack.
• Wireless signals are broadcasted beyond company
  walls.
• If authentication is not required (no encryption)
  then anyone can connect to the access point.

6
Cryptography

• Cryptography is method of taking legible and
  readable data and turning it into data that is
  unreadable.
• The purpose of this is to assure a safe
  transaction of private data from one user to
  another.
• When the other user receives the unreadable data,
  a secret key pass is used to convert it back to a
  legible state.

7
Cryptography

• The science of cryptography is much older than
  computers. This method of security was created by
  Julias Caesar in the days of old Rome.
• A very easy example of cryptography is to assign
  a letter to a progressively higher number. Doing
  this would give you, A1 B2 C3 and so forth.
• All through time, this has been used to keep
  secret data secure from falling into the wrong
  hands.
• As time passes, cryptography is getting stronger
  and stronger.

8
DES Cryptography

• A lot of cryptography methods use a secret key.
  The key is what allows someone to decrypt
  messages sent to them that have been made
  unreadable.
• The most commonly used secret key system is Data
  Encryption Stands, also known as DES.
• There is also Triple DES, which encrypts the data
  three times over.

9
Public Key Cryptography

• An even more common method of cryptography is the
  public key system.
• This method has two keys, which work together.
• There are two keys, a public key and a private
  key. The public key is accessible to anyone and
  the secret key is only known by specific users.
  It allows the person sending the private data to
  use the public key to encrypt it but the only way
  to decrypt it is with the secret key.

10
Hash Functions

• Hash functions offer a piece of mind to those who
  need to keep certain data safe.
• It assures the receiver of the message that the
  message was sent by a trusted user or source.
• Sometimes, hash functions are used with public
  and private key cryptography. Hash functions
  apply an algorithm to messages. This makes it so
  the message itself can not be recovered. It does
  not encrypt data for later decryption but it acts
  as a digital fingerprint for the message.
• When the message is received, the hash function
  is re-read, to make sure the message had not been
  altered during sending.

11
Cryptography

• Cryptography is a very reliable way of sending
  private data to another user safely.
• If a hacker was to try and break a private key,
  they would have to spend months using the brute
  force method.
• A brute force attack is the most commonly used
  attack, it attempts to crack the secret key. It
  works by trying a large number of key
  combinations, eventually trying every possible
  one.

12
Wireless Encryption

• Wireless encryption is used to disguise plain
  text over a network.
• Encryption is an algorithm used to encrypt and
  decrypt based on shared or private keys.
• Encryption comes in different strengths and
  algorithms.

13
Wireless Encryption

• WEP (wired equivalent protection)?
• WPA (Wi-Fi protected access)?
• WPA2 (New form of WPA)?
• PSK (Pre-shared key)?

14
WEP

• Wired Equivalent Protection
• WEP is a security scheme to secure IEEE 802.11
  wireless connections. The point of WEP is to try
  and keep a wireless connection secure but it can
  be easily cracked with certain softwares within a
  few moments. Basically, it is only good for
  protection against people who are looking for
  free Internet

15
WEP

• Encryption 40bit, and 64 bit can communicate.
• 128bit is the strongest
• All computers must share the same pass-phrase
  dedicated to a single access point.

16
WEP

• Pros to using WEP.
• Some security is better than no security.
• Most users can not bypass or crack WEP
  encryption.

17
Cons to using WEP

• Even without the Pass-phrase a user can connect
  to an access point. Although connected without
  the pass-phrase no network resources may be
  accessed.
• This allows for the capture of network traffic.
  Leading to security threats. This makes WEP
  easily crackable with software that is easily
  obtainable.

18
Cracking WEP
19
Simple Password Dump
20
Hash dump
21
Dictionary Attack
22
Brute Force Attack
23
Converting WPA Passphase
24
Hash Calculator
25
PSK and Security

• In cryptography, a pre-shared key or PSK is a
  shared secret key that shared between the two
  points.
• These points use some secure channel before it
  needs to be accessed. Most of these systems
  always always use the symmetric key cryptographic
  algorithm.

26
PSK and Security (Cont.)?

• The characteristics of this key are determined by
  the system which uses it. Some system designs
  require that such keys be in a particular format.
• It can be a password like 'bret13i', a pass
  phrase like 'Idaho hung gear id gene', or a
  hexadecimal string like '65E4 E556 8622 EEE1'.
• The key is used by all the systems involved in
  the processe used to secure the traffic between
  the systems

27
PSK and Security (Cont.)?

• Since one weakpoint of the crypto system is the
  encryption algorithms key, the strength of the
  key is important, and since the strength of a key
  is in part dependent on its length, it is
  important to choose a key whose length is
  cryptographically secure. There are several tools
  available to help one choose a strong key.
  Diceware is one example

28
WPA

• Wi-Fi protected access (WPA) is another class of
  systems used to secure wireless networks.
• Created in response to a number of serious
  weaknesses identified in WEP encryption.
• WPA is designed for use with an IEEE 802.1X
  authentication server. It distributes different
  keys to each user.
• It can also be used in a less secure PSK mode
  where every user is given the same pass-phrase.

29
WPA

• Data is encrypted using the RC4 stream cipher,
  with a 128-bit key and a 48-bit initialization
  vector (IV).
• One major improvement in WPA over WEP is the
  Temporal Key Integrity Protocol (TKIP), which
  dynamically changes keys as the system is used.
• When combined with the much larger initialization
  vector, this defeats the well-known key recovery
  attacks on WEP.

30
WPA

• WPA provides vastly improved payload integrity.
  The cyclic redundancy check (CRC) used in WEP is
  unsecure and it is possible to alter the payload
  and update the message CRC without knowing the
  WEP key.
• A more secure message authentication code is used
  in WPA. It is an algorithm named "Michael".
• The MIC used in WPA includes a frame counter,
  which prevents replay attacks being executed.

31
WPA

• By increasing the size of the keys and IVs,
  reducing the number of packets sent with related
  keys, and adding a secure message verification
  system, WPA makes breaking into a wireless LAN
  far more difficult.
• The Michael algorithm was the strongest that WPA
  designers could come up with that would still
  work with most older network cards.

32
WPA

• Due to inevitable weaknesses of Michael, TKIP
  will shut down the network for one minute if two
  frames are discovered that fail the Michael check
  after passing all other integrity checks that
  would have caught noisy frames.
• It will then require generation of new keys and
  re-authentication when the network restarts,
  forcing the attacker to start over.

33
WPA2

• Strong encryption and authentication support for
  infrastructure and ad-hoc networks (WPA is
  limited to infrastructure networks)?
• Reduced overhead in key derivation during the
  wireless LAN authentication exchange
• Support for opportunistic key caching to reduce
  the overhead in roaming between access points
• Support for the CCMP (Counter Mode with Cipher
  Block Chaining Message Authentication Code
  Protocol) encryption mechanism based on the
  Advanced Encryption Standard (AES) cipher as an
  alternative to the TKIP protocol.

34
WPA2

• As of March 2006, the WPA2 certification became
  mandatory for all new equipment certified by the
  Wi-Fi Alliance, ensuring that any reasonably
  modern hardware will support both WPA and WPA2.

35
WPA2

• By leveraging the RC4 cipher (also used in the
  WEP protocol), the IEEE 802.11i task group was
  able to improve the security of legacy networks
  with TKIP while the IEEE 802.11i amendment was
  completed.
• It is important to note, however, that TKIP was
  designed as an interim solution for wireless
  security, with the goal of providing sufficient
  security for 5 years while organizations
  transitioned to the full IEEE 802.11i security
  mechanism.
• While there have not been any catastrophic
  weaknesses reported in the TKIP protocol,
  organizations should take this design requirement
  into consideration and plan to transition WPA
  networks to WPA2 to take advantage of the
  benefits provided by the RSN architecture.

36
Algorithms and Encryption

• Algorithms are mathematical procedures for
  performing encryption on data.
• Through the use of an algorithm, information is
  made into meaningless cipher text and requires
  the use of a key to transform the data back into
  its original form.

37
Algorithms and Encryption (Cont.)?

• There are many different types of security
  algorithms which include Blowfish, AES, RC4, RC5,
  and RC6.
• Blowfish is a symmetric encryption algorithm
  designed by Bruce Schneier in 1993 as an
  alternative to existing encryption algorithms,
  such as DES. Blowfish is a 64-bit block cipher
  that uses a key length that can vary between 32
  and 448 bits.

38
Algorithms and Encryption (Cont.)?

• AES is short for Advanced Encryption Standard. It
  is a symmetric 128-bit block data encryption
  technique developed byJoan Daemen and Vincent
  Rijmen.
• The U.S government adopted the algorithm as its
  encryption technique in October 2000, replacing
  the DES encryption it used. AES works at multiple
  network layers simultaneously.

39
Algorithms and Encryption (Cont.)?

• RC4 a variable key-size stream cipher with
  byte-oriented operations. The algorithm is based
  on the use of a random permutation.

40
Algorithms and Encryption (Cont.)?

• RC5 is a parameterized algorithm with a variable
  block size, a variable key size, and a variable
  number of rounds. Allowable choices for the block
  size are 32 bits, 64 bits, and 128 bits. The
  number of rounds can range from 0 to 255, while
  the key can range from 0 bits to 2040 bits in
  size.
• RC5 does three things
• Key expansion, encryption, and decryption.

41
Algorithms and Encryption (Cont.)?

• RC6 is a block cipher based on RC5.
• RC6 is a parameterized algorithm where the block
  size, the key size, and the number of rounds are
  variable. RC6 adds two features to RC5.
• The inclusion of integer multiplication and the
  use of four 4-bit working registers instead of
  RC5s two 2-bit registers.

42
Future of Wireless Security

• The future for wireless networking is not only to
  have the computer hooked up to another computer
  but for a whole house to be able to be run
  through a main computer.
• Wireless grows day by day and engineers are
  trying to find a way to have just about
  everything wireless.
• This concept has been giving a name in retail
  businesses and is called the Wireless
  Revolution.
• As far as security goes, theres no telling what
  the newest form of security could be. The reason
  for this is because wireless security is updated
  as new attacks are created.