WIRELESS LAN SECURITY Using

1
WIRELESS LAN SECURITY Using

• EAP - TTLS

2
Security - In the Broad Sense

• Focuses on network security, system security,
  information security, and physical security
• Made up of a suite of multiple technologies that
  solve authentication, information integrity, and
  identification problems.
• Includes technologies firewalls, authentication
  servers, biometrics, cryptography, intrusion
  detection, virus protection, and VPNs.

3
Wireless Network Security Issues

• Security is an even greater problem for wireless
  networks
• Use radio frequency (RF) technology, to transmit
  and receive data over the air
• Authentication of network users is not strong
• Unauthorized users can access network resources.
• Traffic encryption is also weak, so attackers are
  able to recover transmissions

4
IEEE 802.11 Standard

• Wired Equivalent Privacy (WEP)
• Static WEP Key
• Open and Shared Authentication
• MAC address matches an address in an
  authentication table used by the access point. It
  can be forged or NIC stolen
• One Way Authentication (Client to AP)
• 15 min to crack a 40-bits key (45 min to crack
  128-bits)

5
802.1x - Authentication Methods

• EAP defines a standard message exchange that
  allows a server to authenticate a client based on
  an authentication protocol agreed upon by both
  parties.
• The access points defer to the Remote
  Authentication Dial-In User Service (RADIUS)
  server to authenticate users and to support
  particular EAP authentication types.

6
802.1x EAP Authentication Types

• EAP-Transport Layer Security (EAP-TLS)
• Tunneled Transport Layer Security (TTLS)
• Cisco Light Weighted EAP (LEAP)
• Protected EAP (PEAP).

7
EAP TLS and its Disadvantages

• In EAP-TLS, certificates are used to provide
  authentication in both directions.
• The server presents a certificate to the client,
  and, after validating the server's certificate
  the client presents a client certificate.
• Requires each user to have a certificate.
• Imposes substantial administrative burden in
  operating a certificate authority to distribute,
  revoke and manage user certificates

8
EAP- Tunneled Transport Layer Security (EAP- TTLS)

• EAP - TTLS protocol developed in response to the
  PKI barrier in EAP-TLS.
• Developed by Funk and Certicom.
• TTLS a two-stage protocol - establish security in
  stage one, exchange authentication in stage two.
• RADIUS servers, not the users, are required to
  have certificates
• The users identity and password-based
  credentials are tunneled during authentication

9
Advantages of Using EAP TTLS

• Users to be authenticated with existing password
  credentials, and, using strong public/private key
  cryptography
• Prevents dictionary attacks, man-in-the-middle
  attacks, and hijacked connections by wireless
  eavesdroppers.
• Does not require the use of client certificates.
• Requires little additional administration unlike
  EAP-TLS
• Dynamic per-session keys are generated to encrypt
  the wireless connection and protect data privacy

10
Situations when EAP TTLS can Fail

• User's identity is not hidden from the EAP-TTLS
  server and may be included in the clear in AAA
  messages between the access point, the EAP-TTLS
  server, and the AAA/H server.
• Server certificates within EAP-TTLS makes
  EAP-TTLS susceptible to attack.
• EAP TTLS is vulnerable to attacks by rogue
  EAP-TTLS servers

11
Comparison of EAP- TTLS and PEAP Protocols

• Microsoft, Cisco and RSA Security developed
  Protected Extensible Authentication Protocol
  (PEAP) over 802.11 WLANs
• Windows XP is currently the only operating system
  that supports PEAP.
• Only EAP - generic token card

• Funk Software and Interlink Networks added
  support for the proposed wireless security
  protocol, developed by Funk and Certicom,
• Linux, Mac OS X, Windows 95/98/ME, and Windows
  NT/2000/XP.
• Any Authentication Method - CHAP, PAP, MS-CHAP,
  and MS-CHAPv2 and EAP

12
Conclusions

• Selection of an authentication method is the key
  decision in securing a wireless LAN deployment.
• EAP-TLS is best suited under situations when a
  well configured PKI is already deployed
• TTLS slight degree of flexibility at the protocol
  level and supports wider of client operating
  systems.
• No single security solution is likely to address
  all security risks. Hence should implement
  multiple approaches to completely secure wireless
  application access

13
Future Areas of Research

• Implement TTLS in a Wireless LAN.
• Develop test benches to compare the two 802.1x
  standards EAP-TTLS and PEAP.
• Implement PEAP for other operating systems other
  than Windows XP.
• Develop ways to protect security between the
  access point, the EAP-TTLS server, and the AAA/H
  server by implementing firewalls or other such
  viable security techniques.
• Alternative ways to protect the private key in
  EAP TTLS servers as they are susceptible to
  attacks in the case where the EAP-TTLS
  certificates are lost or are to be compromised.

14
References

• www.ietf.org/internet-drafts/draft-ietf-pppext-eap
  -ttls-02.txt
• http//www.nwfusion.com/research/2002/0506ilabwlan
  .html
• http//www.oreillynet.com/pub/a/wireless/2002/10/1
  7/peap.html
• http//www.nwfusion.com/news/2002/1111funk.html
• http//www.nwfusion.com/news/2002/0923peap.html