TRANSPORT-LEVEL SECURITY

Web Security Considerations

The World Wide Web is fundamentally a client/server application running
over the
Internet and TCP/IP intranets.
The following characteristics of Web usage suggest the need for tailored
security tools:

1. Although Web browsers are very easy to use, Web servers are
relatively easy to configure and manage, and Web content is
increasingly easy to develop, the underlying software is
extraordinarily complex.

This complex software may hide many potential security flaws.

The Web is filled with examples of new and upgraded systems,

properly installed, that are vulnerable to a variety of security
attacks.
2. A web server can be exploited as a launching pad into the
corporation’s or agency’s entire computer.
Once the web server is subverted, an attacker may be able to
gain access to data and systems not part of the web – itself
connected to the server at the local site.
3. Casual and untrained users are common clients for web based
services.
Such users are not necessarily aware of the security risks.

Web Security Threats

A web threat is any threat that uses the World Wide Web to facilitate cybercrime. Web threats
use multiple types of malware and fraud, all of which utilize HTTP or HTTPS protocols, but may
also employ other protocols and components, such as links in email or IM, or malware
attachments or on servers that access the Web.
Different types of security threats
 Botnets.
 Distributed denial-of-service (DDoS)
 Hacking.
 Malware.
 Pharming.
 Phishing.
 Ransomware.
 Spam.

 Table provides a summary of the types of security threats faced

when using the Web.

1
  One way to group these threats is in terms of passive and active
attacks.
 Passive attacks include eavesdropping on network traffic between
browser and server.
 Active attacks include impersonating another user, altering
messages in transit between client and server, and altering
information on a Web site.

Another way to classify Web security threats is in terms of the location of

the threat:
Web server,
Web browser, and
network traffic between browser and server.
Issues of server and browser security fall into the category of computer
system security

Web Traffic Security Approaches

 A number of approaches to providing web security are possible.

 The various approaches that have been considered are similar in the
services they provide and to some extent,
 In the mechanism that they use, but they differ with respect to their
scope of applicability and their relative location within the TCP/IP
protocol stack.
 Fig illustrates the difference

2
 1. One way to provide Web security is to use IP security (IPsec) (Figure
a). The advantage of using IPsec is that it is transparent to end
users and applications and provides a general-purpose solution .

Furthermore, IPsec includes a filtering capability so that only

selected traffic need incur the overhead of IPsec processing.

2. Another relatively general-purpose solution is to implement security

just above TCP (Fig. b). The foremost example of this approach is
the Secure Sockets Layer (SSL) and the follow-on Internet standard
known as Transport Layer Security (TLS).

At this level, there are two implementation choices. For full

generality, SSL (or TLS) could be provided as part of the underlying
protocol suite and therefore be transparent to applications.

Alternatively, SSL can be embedded in specific packages.

For example, Netscape and Microsoft Explorer browsers come
equipped with SSL, and most Web servers have implemented the
protocol.

3. Application-specific security services are embedded within the

particular application. Figure c shows examples of this architecture.
The advantage of this approach is that the service can be tailored to
the specific needs of a given application.

SECURE SOCKET LAYER

 One of the most widely used security services is the Secure Sockets Layer (SSL) and
follow-on

 Internet standard known as Transport Layer Security (TLS) and it is defined in RFC
5246.

 SSL is a general-purpose service implemented as a set of protocols that rely on TCP.

 At this level there two implementation choices -

1. For full generality , SSL or TLS could be provided as part of the underlying
protocol suite to transparent to applications.

3
 2. Alternatively SSL can be embedded in specific packages in browsers equipped
with SSL and most web servers have implemented the protocol.

SSL Architecture

 SSL is designed to make use of TCP to provide a reliable end-to-end secure service.
 SSL is not a single protocol but rather two layers of protocols as illustrated in Fig…..

 The SSL record protocol provides basic security services to various higher-layer
protocols.

 In particular, the HTTP – Hypertext Transfer Protocol which provides the transfer
service for Web Client/server interaction. This can be operated on top of SSL

 Three higher-layer protocols are defined as part of SSL, They are

1. The Handshake Protocol
2. The Change Cipher protocol
3. The Alert Protocol
 These SSL-specific protocols are used in management of SSL exchanges.

 SSL have important concepts, they are

1. SSL session
2. SSL connection

Connection : A connection is a transport ( OSI layer ) that provides a suitable type

of service. For SSL such connection are peer-to-peer relationships.
Session:
 An SSL session is an association between a client and server.
 Sessions are created by Handshake protocol.
 Sessions define a set of cryptographic security parameter which can
be shared among multiple connections.
 Sessions are used to avoid the expensive negotiation of new security
parameters for each connection.
 Between any pair of parties such as HTTP on client and server there may be multiple
secure connections.
 There are a number of states associated with each session

4
  Once a session is established, there is a current operating state both read and write
i.e. receive and send.
 During the Handshake protocol, pending read and write states are created.
 Upon successful conclusion of the Handshake Protocol the pending states become
the current states.

Different parameters are defined for session and connection state, they are

A session state is defined by the following parameters:

Session identifier – An arbitrary byte sequence chosen by the server to identify an
active or resumable session state.

Peer certificate – An X509.v3 certificate of the peer. This element of the state may
be
Null.
Compression method – The algorithm used to compare data prior to encryption.
Cipher spc – specifies the bulk date encryption algorithm such as AES, and
hash algorithm such as MD5 or SHA-1 for MAC calculation.
Master secret – 48-byte secret shared between the client and the server.
Is resumable – A flag indicating whether the session can be used to initiate new
connections.
A connection state is defined by the following parameter:
Server and client random – Byte sequence that are chosen by the server and client
for each connection.
Server with MAC secret – The secret key used in MAC operation on data sent by the
server.
Client with Mac secret – The secret key used in MAC operation on date sent by the
client.
Server with key – The secret encryption key for data encrypted by the server and
decrypted by the server.
Client with key – The symmetric encryption key for data encrypted by the client and
decrypted by the server.
Initialization vectors – When a block cipher in CBC mode is used, an initialization
vector (IV) is maintained for each key.
Sequence numbers – Each party maintains separate sequence numbers for
transmitted and received messages for each connection.
When a party sends or receives a change cipher spec message,
the appropriate sequence number is set to Zero.
Sequence numbers may not exceed 264 -1.

SSL Record Protocol

 The SSL record protocol provides two services for SSL connections:
o Confidentiality: The Handshake protocol defines a shared secret key that is
used for conventional encryption of SSL payloads.

5
 o Message Integrity: The Handshake protocol also defines a shared secret key
that is used to form a message authentication code (MAC).

 Fig indicates the overall operation the SSL record protocol

 The Record Protocol takes an application message to be transmitted, fragments the

data into manageable blocks.
 Optionally compresses the data.
 Applies a MAC or add MAC.
 Encrypts the data.
 Adds a header
 Verifies the data
 And transmits the resulting unit to a TCP segment.
 Received data are
 decrypted
 decompressed
 and reassembled before being delivered to the higher-level users.

 The fist step is fragmentation

Each upper-layer message is fragmented into blocks of 2 14 bytes (16384 bytes) or
less.
 Next compression is optionally applied – compression may not increase the content
length by more than 1024 bytes – no compression algorithm is specified, so default
compression algorithm is null.
 The next step in processing is to compute a MAC ( Message Authentication Code)
over the compressed data.
o For this a shared key is used.
o The calculation is defined as

6
 Next the compressed message plus the MAC are encrypted using symmetric
encryption.
 Encryption may not increase the content length by more than 1024 bytes, so that
length may not exceed 214 + 2048.
 The following encryption are permitted.

 The final step of SSL Record Protocol processing is to prepare a header consisting of
the following fields.
o Content Type ( 8 bits ): The higher-layer protocol used to process the
enclosed fragment.
o Major Version (8 bits): Indicates major version of SSL is in use.
o Minor Version (8 bits): Indicates minor version is in use.

7
 o Compressed Length (16 bits): The length in bytes of the plaintext fragment .
 The maximum value is 214+2048.
 Fig illustrates the SSL record format.

Change Cipher Spec Protocol

 The change cipher spec protocol is one of the three SSL specific protocols that use
the SSL record protocol.
 This protocol consists of a single message as shown in the fig. which consists of a
single byte with the value 1.

 The purpose of this message is to cause the pending state to be copied into the
current state, which updates the cipher suite to be used on this connection.

Alert Protocol
 The Alert protocol is used to convey SSL-related alerts to the peer entity.
 Alert messages are compressed and encrypted as specified by the current
state.
 Each message in this protocol consists of two bytes as shown in Fig..

8
  The first byte takes the value warning (1) or fatal (2) to convey the severity of
the message.
o If the level is fatal – SSL immediately terminates the connection and
other connections on the same session may continue, but no new
connections may be established.
 The second byte contains a code that indicates the specific alert. They are…..

Handshake Protocol
 The most complex part of SSL is the Handshake protocol.
 This protocol allows the server and client to authenticate each other and to
negotiate an encryption and MAC algorithm and cryptographic key to be used to
protect the data sent in an SSL record.
 The handshake is used before any application data is transmitted.

9
 The handshake protocol consists of series of messages exchanged by client and
server. Fig shows the format of handshake protocol each message has three fields.

 They are
o Type (1 byte): Indicates one to ten messages shown in table defined as
message types.
o Length (3 bytes): The length of the message in bytes.
o Content ( >= 0 bytes): The parameters associated with this message , these
are listed in Table below.

 Fig shows the initial exchange needed to establish a logical connection between
client and server.
 The exchange can be viewed in four phases.

10
Phase 1 – Establish Security Capabilities

 This phase is used to initate a logical connection and to establish the security
capabilities that will be associated with it.
 The exchange initiated by the client which sends a client_hello message with the
following parameters
o Version: This highest SSL version understood by the client.
o Random: A Client generated by a secure structure consisting of 32 bit time
stamp and 28 bytes .
o Session ID: A variable length session identifier.
o Cipher Suite: This is a list contains the combination of cryptographic
algorithms supported by the client.
o Compression Method: This is a list of the compression methods the client
supports.
Phase 2 – Server Authentication and Key Exchange
 The server begins this phase by sending its certificate if it needs to be authenticated.
 The message contains one or a chain of X.509 certificates.

11
Phase 3 – Client Authentication and Key Exchange
 Upon receipt of the server_done message the client should verify that the server
provided a valid certificate and check that the server_hello parameters are
acceptable.
 If the server has requested a certificate, the client begins this phase by sending a
certificate message.
 Next the client_key_exchange message, which must be sent in this phase.
 The content of the message depends on the type of key exchange.
Phase 4 -Finish
 This phase completes the setting up of a secure connection.
 The client sends a change_cipher_pec message and copies the pending cipherspec
into the current cipherspec.

Cryptographic computations
There are two way of computations, they are
1. Creation of a shared master secret by means of the key exchange
2. The generation of cryptographic parameters from the master secret.

Transport Layer Security

 TLS is an IETF standardization initiative whose goal is to produce an Internet

standard version of SSL.
 TLS is defined as a proposed Internet Standard in RFC 5346.
 The TLS Record Format is same as that of SSL Record Format.

12
HTTPS – Hyper Text Transfer Protocol over SSL

 HTTPS refers to the combination of HTTP and SSL to implement secure

communication between a web browser and a web server.
 The HTTPS capability is built into all modern web browsers.
 It depends on the web server supporting HTTPS communication.
 For example – some search engines do not support HTTPS.
Google provides and option https://google.com

 The principle difference seen by the user of a web browser is that URL
addresses being with https:// rather than http://
 A normal HTTP connection uses port 80.
 If HTTPS is specified port 443 is used which invokes SSL.

When HTTPS is used, the following elements of the communication are

encrypted….
 URL of the requested document.
 Contents of the document.
 Contents of browser forms.
 Cookies sent from browser to server and from server to browser.
 Contents of HTTP header.

Connection Initiation
 For HTTPS, The agent acting as the HTTP client also acts as the TLS.
 The client initiates a connection to the server on the appropriate port
and then sends the TLS certificate to being the TLS handshake.
 When TLs handshake finishes the client may the initiate the first HTTP
request.
 All HTTP data is to be sent as TLS application data.
 There are three levels of awareness of a connection in HTTPS.
o At the HTTP level, an HTTP client requests a connection to an
HTTP server by sending a connection request to the next lower
layer.
o Typically the next layer is TCP,
o AT the next level of TLS, a session is established between a TLS
client and a TLS server.
Connection Closure
 An HTTP client or server can indicate the closing of a connection by
including the following line in an HTTP record:connection:close.

13
  This indicates that the connection will be closed after this record is
delivered.
 The closure of an HTTPS connection requires that TLS close the
connection with the peer TLS entity on the remote side, which will
involve closing he underlying TCP connection.
 At the TLS level the proper way to close a connection is for each side to
use the TLS alert protocol to send a close_notify alert.
 TLS implementation must initiate an exchange of closure alert before
closing a connection without waiting for the peer to ends its closure
alert generating an “ incomplete close”.

Secure Shell (SSH)

 Secure shell (SSH) is a protocol for secure network communication

designed to be relatively simple and inexpensive to implement.
 The initial version SSH1 was focused on providing a secure remote logon
facility to replace TELNET .
 SSH also provides a more general client/server capability and can be
used for such network functions as file transfer and e-mail.
 A new version SSH2 fixes a number of security flaws.
 SSH is organized as three protocols that typically run on top of TCP as
shown in fig.

o Transport Layer Protocol – provides server authentication, data

confidentiality, and data integrity with forward secrecy.
The transport layer may optionally provide compression.
o User Authentication Protocol – Authentication the user to the
server.
o Connection Protocol – Multiplexes multiple logical
communications channels over a single, underlying SSH
connection.

14
Transport Layer Protocol

Host Keys –
 Server authentication occurs at the transport layer based on the server
processing a public/private key pair.
 A server may have multiple host keys using multiple different
asymmetric encryption algorithms.
 Multiple hosts may share the same host key.
 RFC 4251 dictates two alternative trust model that can be used.
o The client has a local database that associates each host name
with the corresponding public host key.
o The host name-to-key association is certified by a trusted
certification authority (CA).

Packet Exchange –
Fig illustrates the sequence of event in the SSH Transport Layer Protocol.

15
First the client establishes a TCP connection to the server, this is done via the
TCP protocol.
Once the connection is established the client and server exchange data
referred to as packets.
Each packet is in the following format .. below FIG

16
Packet Length: Length of the packet in bytes, not including the packet length
and MAC fields.
Padding Length: Length of the random padding filed.
Payload: Useful contents of the packet. Prior to algorithm negotiation, this
field is uncompressed, if compression is negotiated then field is compressed.
Random Padding: Once a encryption algorithm has been negotiated this field
is added.
It contains random bytes of padding so that total length of the packet is a
multiple of the cipher block size or 8 bytes for a stream cipher.
Message authentication code(MAC): If message authentication has been
negotiated this field contains the MAC value.
The MAC value is computed over the entire packet plus a sequence number,
excluding the MAC field.
The SSH Transport Layer packet exchange consists of a sequence of steps
shown in fig..

The first step - the authentication string exchange.

Next comes – algorithm negotiation
Next step – Key exchange
Next – End of key exchange
Final step – Service request

17
 WIRELESS NETWORK SECURITY
Wireless Security
 Wireless networks and the wireless devices that use them, introduce a
host of security problems over and above those found in wired
networks.
 Some of the key factors contributing to the higher security risk of
wireless networks compared to wired networks include the following …
Channel:
Wireless networking typically involves broadcast communications, which is far
more susceptible to eavesdropping and jamming than wired networks.
Wireless networks are also more vulnerable to active attacks in communications protocol.
Mobility:
Wireless devices are in principal and usually in practice, far more portable and
mobile than wired devices.
The mobility results in a number of risks.
Resources:
Some wireless devices , such as smartphone and tablets, have sophisticated
operating systems but limited memory and processing resources with which to
counter threats, including denial of service and malware.
Accessibility:
Some wireless devices, such as sensors and robots, may be left unattended in
remote location.
This greatly increases their vulnerability to physical attacks.

 In simple terms the wireless environment consists of three components

that provide point of attack shown in Fig.

 The wireless client can be a cell phone, a wi-fi enabled laptop or tablet, a
wireless sensor, a Bluetooth device.
 The wireless access point provides a connection to the network or
services.
o Examples of access points are..
 Cell towers, wi-fi hotspots and wireless access point to wired local or
WANs.

18
  The transmission medium which carries the radio waves for the data
transfer.

Wireless Network Threats

List below are the threats to wireless networks…..
 Accidental accessories:
Company wireless LANs or wireless access points to wired LANs in close
proximity (eg in the same or neighbouring buildings ) may create
overlapping transmission ranges.
A user intending to connect to LAN may unintentionally lock on to a
wireless access point from a neighbouring network.
 Malicious associations:
In this situation a wireless device is configured to appear to be a
legitimate access point, enabling the operator to steal passwords from
legitimate users.
 Ad hoc networks:
These are peer-to-peer networks between wireless computers with no
access point between them.
Such networks can pose a security threat due to a lack of a central point
of control.
 Non-traditional network:
Non-traditional networks and links, such as personal network Bluetooth
devices, barcode readers, and handheld PDA’s pose security risk in terms
both eavesdropping and spoofing.
 Identity theft(MAC spoofing):
This occurs when an attacker is able to eavesdrop on network traffic and
identify the MAC address of a computer with network privileges.
 Man-in-the middle attacks:
This type of attack involves persuading a user and an access point to
believe that they are talking to each other when in fact the
communication is going through an intermediate attacking device.
 Denial of Service (DoS):
This type of attack occurs when an attacker continually bombards a
wireless access point or some other accessible wireless port with various
protocol messages.
 Network injection:

19
 A network injection attack targets wireless access points that are
exposed to nonfiltered network traffic, such as routing protocol
messages or network management messages.
Wireless Security Measures
Following can group wireless security measures into those dealing with
wireless transmissions, wireless access point and wireless networks.
 Securing wireless Transmissions:
The principal threats to wireless transmission are eavesdropping,
altering or inserting messages, and disruption.
To deal with eavesdropping two types of countermeasures are
appropriate, they are
o Signal-hiding techniques:
Organizations can take a number of measures to make it more
difficult for an attacker to locate their wireless access points,
including turning off service set identifier(SSID) broadcasting by
wireless access points;
 assigning cryptic names to SSIDs
 reducing signal strength
 locating wireless access points
o Encryption:
Encryption of all wireless transmission is effective against
eavescountering attempts to alter or insert transmissions,
 Securing Wireless Access Points:
The main threat involving wireless access points is unauthrorized access
to the network.
The principal approach for preventing such access is the IEEE 802.1X
standard for port based network access control.
The standard provides an authentication mechanism for devices wishing
to attach to a LAN or wireless network.
 Securing Wireless Networks:
Recommends the following techniques for wireless network security..
1. Use Encryption-Wireless routers are typically equipped with built-in
encryption mechanism.
2. Use antivirus and antispyware software and a firewall -These
facilities should be enabled on all wireless network endpoints.
3. Turn off identifier broadcasting – wireless routers are typically
configured to broadcast and identifying signal so that any device
within range can learn of the router’s existence.
4. Change the identifier on your router from the default.
5. Change your router’s pre-set password for administration.

20
 6. Allow only specific computers to access your wireless network.

MOBILE DEVICE SECURITY

 Prior to the widespread use of smartphones, the dominant paradigm for
computer and network security in organizations was as follows: -
 Corporate IT was tightly controlled, user devices were typically limited to
Windows PCs.
 Business applications were controlled by IT and wither run locally or endpoints
or on physical servers in data centres.
 Network security was based upon clearly defined perimeters that separated
trusted internal networks from the untrusted internet.
 Today there have been massive changes in each of these assumptions.
 An organization’s network must accommodate the following ….
1. Growing use of new device: Organizations are experiencing significant
growth in employee user of mobile devices.
2. Cloud-based applications: Applications no longer run solely on physical
servers in corporate data centres.
Quite the opposite, applications can run anywhere-on traditional physical
servers, on mobile virtual servers or in the cloud.
End users can now take advantage of a wide variety of cloud-based
applications and IT services for personal and professional use like
facebook, skype, dropbox and box etc..
3. De-perimeterization: Given new device proliferation, application mobility,
and cloud-based consumer and corporate and corporate services.
Static Perimeters become quite dynamic as they must adapt to various
environmental conditions such as user role, device type, network location
and time of day.
4. External business requirements: The enterprise must also provide guests,
third-party contractors, and business partners network access using
various devices from a multitude of locations.

 Mobile devices have become an essential element for organizations as part of the
overall network infrastructure.
 Mobile devices such as smartphones, tablets, and memory sticks provide increased
convenience for individuals as well as the potential for increased productivity in the
workplace.
 Because of their use and unique characteristics, security for mobile devices is
complex issue.
 An organization needs to implement as security policy through a combination of
security features built into the mobile devices and additional security controls
provided by network components that regulate the use of the mobile devices.

21
Security Threats

Mobile devices need additional, specialized protection measures beyond those

implemented for other client devices, such as desktop and laptop devices that are used only
within the organization’s facilities and on the organization’s networks.

Lack of Physical Security Controls

 Mobile devices are typically under the complete control of the user, and are used
and kept in a variety of locations outside the organization’s control, including off
premises.
 Even if a device is required to remain on premises, the user may move the device
within the organization between secure and nonsecured locations.
 The security policy for mobile devices must be based on the assumption that any
mobile device may be stolen or at least accessed by a malicious party.
 The threat is twofold
o A malicious party may attempt to recover sensitive data from the device.
o May use the device to gain access to the organization’s resources.

Use of Untrusted Networks

 If a mobile is used on premises, it can connect to organization resources over the
organization’s own in-house wireless networks.
 The user will typically access organizational resources via Wi-Fi or cellular access to
the Internet and from the Internet to the organization.
 Thus, potentially susceptible to eavesdropping or man-in-the-middle types of
attacks.
 Thus, the security policy must be based on the assumption that the networks
between the mobile device and the organizations are not trustworthy.

Use or Applications Created by Unknown Parties

 By design, it is easy to find and install third-party applications on mobile devices.

Interaction with other Systems

 A common feature found on smartphone and tablets is the ability to automatically
synchronize data, apps, contacts, and so on.
 Unless an organization has control of all the devices and risk of the introductions of
malware.

Use of Untrusted Content

 Mobile devices may access and use content that other computing devices do not
encounter.
 Ex: An example is the Quick Response (QR) code, which is a two-dimensional
barcode.

22
 QR codes are designed to be captured by a mobile device camera and used by the
mobile device easily.

Use of Location Services

 The GPS capability on mobile devices can be used to maintain a knowledge of the
physical location of the device.
 While this feature might be useful to organization as part of a presence service, it
creates the security risks.
 An attacker can use the location information to determine where the device and
user are located, which may be of use of the attacker.

Mobile Device Security Strategy

 With the threats listed in the preceding discussion in mind, we outline the principal
elements of a mobile device security strategy.
 They fall into three categories
o Device security
o Client/Server traffic security
o Barrier security

23
Device Security
 A number of organizations will supply mobile devices for employee use and
preconfigure those devices to conform to the enterprise security policy.
 Many organizations will find it convenient or even necessary to adopt a bring-your-
own-device (BYOD) policy that allows the personal mobile devices of employees to
have access to corporate resources.
 IT managers should be able to inspect each device before allowing network access.
 The organization should configure the device with security controls, including the
following:
o Enable auto-lock, which causes the device to lock if it has not been used for a
given amount of time, requiring the user to re-enter a four-digit PIN or
password to re-activate the device.
o Enable password or PIN protection.
o Avoid using auto-complete features that remember user names or
passwords.
o Enable remote wipe.
o Ensure that SSL protection is enabled, if available.
o Make sure that software, including operating systems and applications is up
to date.
o Install antivirus software as it becomes available.
o Either sensitive data should be prohibited from storage on the mobile device
or it should be encrypted.
o IT staff should also have the ability to remotely access devices.
o The organizations may prohibit all installation of third-party applications,
implementing whitelisting to prohibit installation of all unapproved
applications.
o The organization can implement and enforce restrictions on what devices can
synchronize and on the use of cloud-based storage.
o To deal with the threat of untrusted content, security response can include
training of personnel on the risks inherent in untrusted content and disabling
camera use on corporate mobile devices.
o To counter the threat of malicious use of location services.

Traffic Security
 Traffic security is based on the usual mechanisms for encryption and authentication.
 All traffic should be encrypted and travel by secure means, such as SSL or IPv6.
 Virtual private networks (VPN’s) can be configured so that all traffic between the
mobile device and the organization’s network is via a VPN.
Barrier Security
 The organization should have security mechanisms to protect the network from
unauthorized access.

24
  The security strategy can also include firewall policies specific to mobile device
traffic.
 Firewall policies can limit the scope of data and application access for all mobile
devices.

IEEE 802.11 Wireless LAN

 IEEE 802 is a committee that has developed standards for a wide range of local area
networks (LAN’s).
 In 1990, the IEEE 802 committee formed a new working group, IEEE 802.11 with a
charter to develop a protocol and transmission specifications for wireless LAN’s
(WLANs).
 The demand for WLAN’s at different frequencies and data rates has exploded.
 The IEEE 802.11 working group has issued an ever-expanding list of standards
showing the figure….

The Wi-Fi Alliance

 The first 802.11 standard to gain broad industry acceptance was 802.11b.
 The 802.11b products are all based on the same standard, there is always a concern
whether products from different vendors will successfully interoperate.
 To meet this concern, the Wireless Ethernet Compatibility Alliance (WECA) , an
industry consortium was formed in 1999.
 This organization, subsequently renamed the Wi-Fi (Wireless Fidelity) Alliance,
created a test suite to certify interoperability for 802.11b products.
 The term used for certified 802.11b products is Wi-Fi.
 The Wi-Fi certification has been extended to 802.11g products.
 The Wi-Fi Alliance has also developed a certification process for 802.11g products
called Wi-FiFi5.

25
  Recently Wi-Fi Alliance has developed certification procedures for IEEE 802.11
security standards, referred to as Wi-Fi Protected Access (WPA).
 The most recent version of WPA known as WPA2, incorporates all of the features of
the IEEE 802.11i WLAN security specification.

IEEE 802 Protocol Architecture

IEEE 802.11 standards are defined within the structure of a layered set of protocols.
The structure used for IEEE 802 standards, are illustrated in Figure…

Physical Layer
 The lowest layer of the IEEE 802 reference model is the physical layer, which includes
such functions as encoding/decoding of signals and bit transmission/reception.
 In addition, the physical layer includes a specification of the transmission medium.
 In the case of IEEE 802.11, the physical layer also defines frequency bands and
antenna characteristics.
Media Access Control
 All LANs consist of collections of devices that share the network’s transmission
capacity.

26
  Some means of controlling access to the transmission medium is needed to provide
an orderly and efficient use of that capacity. This is the function of a media access
control (MAC) layer.
 The MAC layer receives data from a higher-layer protocol, typically the Logical Link
Control (LLC) layer, in the form of a block of data known as the MAC service data unit
(MSDU).
 In general the MAC layer performs the following functions:…
o On transmission, assemble data into a frame, known as a MAC protocol data
unit (MPDU) with address and error-detection fields.
o On reception, disassemble frame, and perform address recognition and error
detection.
o Govern access to the LAN transmission medium.
 The exact format of the MPDU differs somewhat for the various MAC protocol in
use.
 In general all the MPDUs have a format similar to that as in figure….

 The fields of this frame are as follows:

o MAC Control : This field contains any protocol control information needed for
the functioning of the MAC protocol.
o Destination MAC Address : The destination physical address on the LAN for
this MPDU.
o Source MAC Address : The source physical address on the LAN for this
MPDU.
o MAC Service Data Unit: The data from the next higher layer.
o CRC: The cyclic redundancy check field also known as the Frame Check
Sequence (FCS) field. This is an error-detecting code.
IEEE 802.11 Network Components and Architectural Model
 Figure illustrates the model developed by the 802.11 working group.
 The smallest building block of a wireless LAN is a basic service set (BSS), which
consists of wireless stations executing the same MAC protocol and competing for
access to the same shared wireless medium.

27
IEEE 802.11 Services
 IEEE 802.11 services define nine services that need to be provided by the wireless
LAN to achieve functionality equivalent to that which is inherent to wired LAN’s.
 Table shows the list of services …….

 The service provider can be either the station or the DS.

 Station services are implemented in every 802.11 station, indicating AP station .
 Distribution services are provided between BSS’s. these services may be
implemented in an AP.
 Three of the services are used to control IEEE 802.11 LAN access and confidentiality.
 Six of the services are used to support delivery of MSDUs between stations.

28
IEEE 802.11i Wireless LAN Security
 There are two characteristics of a wired LAN that are not inherent in a wireless LAN.
1. In order to transmit over a wired LAN, a station must be physically connected to
the LAN.
2. Similarly, in order to receive a transmission from a station that is part of a wired
LAN, the receiving station also must be attached to the wired LAN.
 These difference between wired and wireless LANs suggest the increased need for
robust security services and mechanisms for wireless LANs.
 The original 802.11 specification included a set of security features for privacy and
authentication that were quite weak.
 For privacy 802.11 defined the Wired Equivalent Privacy (WEP) algorithm.
 The privacy portion of the 802.11 standard contained major weakness.
 In order to accelerate the introduction of strong security into WLANs, the Wi-Fi
Alliance promulgated Wi-Fi Protected Access (WPA) as a Wi-Fi standard.
 WPA is set of security mechanisms that eliminates most 802.11 security issues and
was based on the current state of the 802.11i standard.
 The final form of the 802.11i standard is referred to as a Robust Security Network
(RSN).

IEEE 802.11i Services

 The 802.11i RSN security specification defines the following services.
Authentication: A protocol is used to define an exchange between a user and an AS
that provides mutual authentication and generates temporary keys to be used
between client and the AP over the wireless link.
Access Control:
 This function enforces the use of the authentication function, routes the
messages properly and facilitates key exchange.
 It can work with a variety of authentication protocols.
 Privacy with message integrity: MAC-level data (eg. an LLC PDU) are encrypted
along with a message integrity code that ensures that the data have not been
altered.
 Fig indicates the security protocols used to support these services.

29
Fig shows the cryptographic algorithms used for these services..

IEEE 802.11 Phases of Operation

The operation of an IEEE 802.11i RSN can be broken down into five distinct phases of
operation.
The exact nature o the phases will depend on the configuration and the end points of the
communication , possibilities are shown in Fig.

30
1. Two wireless station in the same BSS communicating via the access point (AP) for
that BSS.
2. Two wireless stations (STAs) in the same ad hoc IBSS communicating directly with
each other.
3. Two wireless stations in different BSSs communicating via their respective APs across
a distribution system.
4. A wireless station communicating with an end station on a wired network via its AP
and the distribution system.

31
Discovery:
 An AP uses messages called Beacons and Probe Responses to advertise its IEEE
802.11i security policy.
 The STA uses these to identify the AP for a WLAN with which it wishes to
communicate.
 The STA associates with the AP, which it uses to select the cipher suite and
authentication mechanism.
Authentication:
 During this phase, the STA and AP prove their identities to each other.
 The AP blocks non-authentication traffic between the STA and AP until the
authentication transaction is successful.
Key generation and distribution:
 The AP and the STA perform several operations that cause cryptographic keys to
be generated and placed on the AP and the STA.
 Frames are exchanged between the AP and STA .
Protected data transfer:
 Frames are exchanged between the STA and the end station through the AP.
 AS denoted by the shading and the encryption module icon, secure data transfer
occurs between the STA and the AP.

Connection termination:

32
 The AP and STA exchange frames.
 During this phase the secure connection is torn down and the connection is restored
to the original state.

https://searchsecurity.techtarget.com/definition/Secure-Sockets-Layer-SSL
https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-
systems-security-fall-2014/lecture-notes/
https://assignmentessayhelp.com/mobile-security-research-it-sample/

33