Chapter 7: Wireless LANs 2
Chapter 7: Wireless LANs 2
Chapter 7:
Wireless LANs 2
1
Explain 802.11i Wi-Fi Security
2
7.1 Drive-By Hacking
3
7.2 Scope of 802.11i Security Protection (2 of 3)
4
802.11 Core Security Standards
5
WEP Initial core security standard.
Easily cracked today.
NEVER USE!!!!
WPA Has been partially cracked.
Excuse to use: Large installed base makes upgrading the entire network to 802.11i expensive. [No longer a valid excuse for most companies]
802.11i (WPA2) Today’s preferred standard.
Extremely strong.
5
WPA3
Announced by the WiFi Alliance in June 2018.
Not the approved 802.11i standard yet… TBD
Four main enhancements over WPA2
Strengthens user privacy in open networks through individualized data encryption.
Protects against brute-force dictionary attacks of WiFi passphrases
Offers simplified security for devices that often have no display for configuring security settings, i.e. IoT devices.
Provides a 192-bit security suite for protecting WiFi users’ networks with higher security requirements
6
7.3 Phases in 802.11i Cryptographic Protection
Initial authentication
Must vet the supplicant strongly
Ongoing protection
Less intensive authentication needed for each message
7
7.3 Phases in 802.11i Cryptographic Protections (1 of 2)
There are two alternatives for initial authentication at the start of a session
8
7.5 802.11i Pre-Shared Key (PSK) Initial Authentication Mode (1 of 2)
More precisely, does a calculation to prove that it has the PSK
9
7.4 802.11i Modes of Operation
7-10
Pre-Shared Key (PSK) Mode
(Personal Mode) 802.1X Mode
(Enterprise Mode)
Environment Home, Business few WAPs Companies with multiple WAPs
Uses a Central Authentication Server? No. The WAP does all the authentication work. Yes
Authentication Knowledge of Pre-Shared Key (PSK is a fancy way of saying “WiFi password”) Credentials on 802.1x authentication server
Technical Security Technologically strong, but weak human security can compromise the technological security Technically extremely strong but can be defeated by rogue access points and evil twin attacks
Operational threats Mismanaging the PSK Rouge WAPs, MitM evil-twin attacks
10
7.5 802.11i Pre-Shared Key (P S K) Initial Authentication Mode (2 of 2)
11
7.6 Unshared Pairwise Session Key after Initial Authentication in P S K Mode (1 of 2)
12
7.6 Unshared Pairwise Session Key after Initial Authentication in P S K Mode (2 of 2)
13
7.7 Operational Security Threats in PSK Initial Authentication Mode (1 of 3)
Three weaknesses of PSK
Unauthorized disclosure of the PSK
PSK changes after employee leaves
Weak PSKs are easy to crack or guess
14
7.8 802.1X Initial Authentication Mode (1 of 4)
15
7.8 802.1X Initial Authentication Mode (2 of 4)
16
7.8 802.1X Initial Authentication Mode (3 of 4)
17
7.8 802.1X Initial Authentication Mode (4 of 4)
After initial authentication
18
Explain Why 802.11i Security is Not Enough
19
7.9 Rogue Access Point (1 of 2)
20
7.9 Rogue Access Point (2 of 2)
21
7.10 Desired Operation Versus Evil Twin Connection (1 of 3)
22
7.10 Desired Operation Versus Evil Twin Connection (3 of 3)
23
7.12 Defeating an Evil Twin Attack with a Virtual Private Network (V P N)
24
802.11 W LAN Management
25
7.13 Access Point Placement in a Building
26
27
Decibel Representation (More Information)
28
Wireless Signal strength – dBm
29
Peer-to-Peer Local Standards for the IoT
30
Deviation from Text
The Bluetooth info in the text is very good to know, but will not be testable for CIS 3043.
You will be required to answer one question regarding Bluetooth communication:
Since Bluetooth operates in the 2.4GHz frequency range, as does 802.11g/n, how does Bluetooth ensure there is no interference?
Answer: FHSS and AFH (and describe briefly what they mean)
7-31
31
Frequency Hopping Spread Spectrum
802.11 Wi-Fi uses 20 MHz or wider channels in the 2.4 GHz and 5 GHz bands.
Bluetooth operates only in the 2.4 GHz band.
Bluetooth divides the band into 79 channels, each 1 MHz wide.
For spread spectrum transmission, hops between channels every few frames
32
32
Frequency Hopping Spread Spectrum
Bluetooth radios hop among the frequencies up to 1,600 times per second.
These radios avoid channels where other devices (including 802.11 devices) are active.
33
33
Adaptive Frequency Hopping (AFH)
When a Bluetooth device uses AFH it scans the radio frequencies before transmitting to detect and avoid used channels by hopping to an unused channel.
34
34
35
35