Scribd
Upload
35 views16 pages

Wireless Security

This document provides an overview of wireless security standards and protocols. It discusses IEEE 802.11 and its early security weaknesses addressed by WEP. It then describes the improvements of WPA and WPA2/802.11i in using stronger encryption algorithms like AES. It also outlines the security protocols used in WAP including WTLS and its problems providing end-to-end security compared to i-mode. Finally, it mentions some future topics in wireless networks security.

Uploaded by

ayubniazi1976
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
35 views16 pages

Wireless Security

This document provides an overview of wireless security standards and protocols. It discusses IEEE 802.11 and its early security weaknesses addressed by WEP. It then describes the improvements of WPA and WPA2/802.11i in using stronger encryption algorithms like AES. It also outlines the security protocols used in WAP including WTLS and its problems providing end-to-end security compared to i-mode. Finally, it mentions some future topics in wireless networks security.

Uploaded by

ayubniazi1976
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 16

AN OVERVIEW OF WIRELESS

SECURITY
 802.11 Security
 WAP Security
IEEE 802.11
 A set of standards for WLAN computer communication
in 5 GHz and 2.4 GHz.

 Most popular members: 802.11b, 802.11g.

 Originally weak in security, even now.


802.11 SECURITY
 Two subsystems:
- A data encapsulation technique called WEP(Wired
Equivalent Privacy)
- An authentication algorithm called Shared Key
Authentication
 Severe security weakness in WEP.

 WPA, WPA2, 802.11i


WEP
 Stream cipher RC4 for confidentiality
-Standard 64-bit WEP:
40-bit pre-shared key
24-bit initialization vector(IV)

 CRC-32 checksum for integrity


WEP’S WEAKPOINTS

Pseudo-
Encryption Key K random number
generator

Random byte b
Plaintext data Ciphertext data

byte p byte c

When p1 and p2 are encrypted under the same “random” byte b:

c1 = p1  b c2 = p2  b

c1  c2 = (p1  b)  (p2  b) = p1  p2
WPA, WPA2
 WPA
-Partly implements of IEEE 802.11i
-RC4 stream cipher with a 128-bit key and 48-bit IV.
-Temporal Key Integrity Protocol(TKIP)
-Michael Algorithm
 WPA2

-Mandatory implements of 802.11i


-CCMP: AES-based algorithm
TEMPORAL KEY INTEGRITY
PROTOCOL(TKIP)
& MESSAGE INTEGRITY CODE(MIC)
 TKIP
-per-packet key mixing
-message integrity check
-rekeying mechanism
 MIC also named as MAC
CCMP: AES
 Counter Mode with Cipher Block Chaining Message
Authentication Code Protocol
 key management and message integrity is handled by a
single component built around AES
 Advanced Encryption Standard

-block cipher
-SubBytes, ShiftRows, MixColumns, AddRoundKey
-only successful attacks: side channel attacks
WAP PROTOCOLS
 Wireless Application Protocol
 Principal applications: for mobile phone and PDA,

-Devices with low processing power and small memory


capacities.
-Wireless networks with low bandwidth.
 From transport layer to application layer

 Competitor: i-mode
WAP STACKS
 WML: Wireless Markup
Language
 WSP: Wireless Session Protocol

 WTP: Wireless Transport


Protocol
 WTLS: Wireless Transport
Layer Security
 WCMP: Wireless Control
Management Protocol
 WDP: Wireless Datagram
Protocol
WIRELESS TRANSPORT LAYER
SECURITY
 Derived from TLS
-Compressed data structures
-New certificate format
-Packet based design

 Algorithm for public-key cryptography


-RSA
-ECC(Elliptic Curve Cryptography)

 Security problems
WTLS’S SECURITY PROBLEMS
 Security GAP
-reason: WTLS session exists only between the WAP
device and the Gateway.
-Temporarily in clear text on the Gateway when
translating WML to HTML until SSL established.
WTLS’S SECURITY PROBLEMS
 Solutions:
-Place Gateway and the
back-end system within a
secure environment.
-Provide integrity protection
on information(digital
signatures).
 Other problems:

-Client Implementation
I-MODE
 Based on Internet protocols
 HTTP and SSL/TLS are used end-to-end

 Equivalent to security offered in wired networks


FUTURE TOPICS IN WIRELESS
NETWORKS
 The next generation networks
 Ad-hoc networks

 Sensor networks

You might also like