CWNA Guide to Wireless

LANs, Second Edition

Chapter Nine
Implementing Wireless LAN Security
 Objectives
• List wireless security solutions
• Tell the components of the transitional security
model
• Describe the personal security model
• List the components that make up the enterprise
security model

CWNA Guide to Wireless LANs, Second Edition 2

 Wireless Security Solutions
• IEEE 802.11a and 802.11b standards included
WEP specification
– Vulnerabilities quickly realized
– Organizations implemented “quick fixes”
• Did not adequately address encryption and
authentication
• IEEE and Wi-Fi Alliance started working on
comprehensive solutions
– IEEE 802.11i and Wi-Fi Protected Access (WPA)
• Foundations of today’s wireless security

CWNA Guide to Wireless LANs, Second Edition 3

 WEP2
• Attempted to overcome WEP limitations by adding
two new security enhancements
– WEP key increased to 128 bits
– Kerberos authentication
• User issued “ticket” by Kerberos server
• Presents ticket to network for a service
– Used to authenticate user
• No more secure than WEP
– Collisions still occur
– New dictionary-based attacks available

CWNA Guide to Wireless LANs, Second Edition 4

 Dynamic WEP
• Solves weak IV problem by rotating keys frequently
– More difficult to crack encrypted packet
• Uses different keys for unicast and broadcast
traffic
– Unicast WEP key unique to each user’s session
• Dynamically generated and changed frequently
– Broadcast WEP key must be same for all users on a
particular subnet and AP

CWNA Guide to Wireless LANs, Second Edition 5

 Dynamic WEP (continued)

Figure 9-1: Dynamic WEP

CWNA Guide to Wireless LANs, Second Edition 6
 Dynamic WEP (continued)
• Can be implemented without upgrading device
drivers or AP firmware
– No-cost and minimal effort to deploy
• Does not protect against man-in-the-middle attacks
• Susceptible to DoS attacks

CWNA Guide to Wireless LANs, Second Edition 7

 IEEE 802.11i
• Provides solid wireless security model
– Robust security network (RSN)
– Addresses both encryption and authentication
• Encryption accomplished by replacing RC4 with a
block cipher
– Manipulates entire block of plaintext at one time
• Block cipher used is Advanced Encryption
Standard (AES)
– Three step process
– Second step consists of multiple rounds of
encryption
CWNA Guide to Wireless LANs, Second Edition 8
 IEEE 802.11i (continued)

Table 9-1: Time needed to break AES

CWNA Guide to Wireless LANs, Second Edition 9

 IEEE 802.11i (continued)
• IEEE 802.11i authentication and key management
is accomplished by IEEE 802.1x standard
– Implements port security
• Blocks all traffic on port-by-port basis until client
authenticated using credentials stored on
authentication server
• Key-caching: Stores information from a device on
the network, for faster re-authentication
• Pre-authentication: Allows a device to become
authenticated to an AP before moving to it

CWNA Guide to Wireless LANs, Second Edition 10

 IEEE 802.11i (continued)

Figure 9-2: IEEE 802.1x

CWNA Guide to Wireless LANs, Second Edition 11
 Wi-Fi Protected Access (WPA)
• Subset of 802.11i that addresses encryption and
authentication
• Temporal Key Integrity Protocol (TKIP):
Replaces WEP’s encryption key with 128-bit per-
packet key
– Dynamically generates new key for each packet
• Prevents collisions
– Authentication server can use 802.1x to produce
unique master key for user sessions
– Creates automated key hierarchy and management
system

CWNA Guide to Wireless LANs, Second Edition 12

 Wi-Fi Protected Access (continued)
• Message Integrity Check (MIC): Designed to
prevent attackers from capturing, altering, and
resending data packets
– Replaces CRC from WEP
– CRC does not adequately protect data integrity
• Authentication accomplished via IEEE 802.1x or
pre-shared key (PSK) technology
– PSK passphase serves as seed for generating keys

CWNA Guide to Wireless LANs, Second Edition 13

 Wi-Fi Protected Access (continued)

Figure 9-3: Message Integrity Check (MIC)

CWNA Guide to Wireless LANs, Second Edition 14
 Wi-Fi Protected Access 2 (WPA2)
• Second generation of WPA security
– Based on final IEEE 802.11i standard
– Uses AES for data encryption
– Supports IEEE 802.1x authentication or PSK
technology
– Allows both AES and TKIP clients to operate in
same WLAN

CWNA Guide to Wireless LANs, Second Edition 15

 Summary of Wireless Security
Solutions
• Wi-Fi Alliance categorizes WPA and WPA2 by
modes that apply to personal use and to larger
enterprises

Figure 9-4: Security timeline

CWNA Guide to Wireless LANs, Second Edition 16

 Summary of Wireless Security
Solutions (continued)

Table 9-2: Wi-Fi modes

Table 9-3: Wireless security solutions

CWNA Guide to Wireless LANs, Second Edition 17
 Transitional Security Model
• Transitional wireless implementation
– Should be temporary
• Until migration to stronger wireless security possible
– Should implement basic level of security for a WLAN
• Including authentication and encryption

CWNA Guide to Wireless LANs, Second Edition 18

 Authentication: Shared Key
Authentication
• First and perhaps most important step
– Uses WEP keys
• Networks that support multiple devices should use
all four keys
– Same key should not be designated as default on
each device

CWNA Guide to Wireless LANs, Second Edition 19

 Authentication: SSID Beaconing
• Turn off SSID beaconing by configuring APs to not
include it
– Beaconing the SSID is default mode for all APs
• Good practice to use cryptic SSID
– Should not provide any information to attackers

CWNA Guide to Wireless LANs, Second Edition 20

 Authentication: MAC Address Filtering

Figure 9-6: MAC address filter

CWNA Guide to Wireless LANs, Second Edition 21
 WEP Encryption
• Although vulnerabilities exist, should be turned on if
no other options for encryption are available
– Use longest WEP key available
– May prevent script kiddies or “casual” eavesdroppers
from attacking

Table 9-4: Transitional security model

CWNA Guide to Wireless LANs, Second Edition 22
 Personal Security Model
• Designed for single users or small office home
office (SOHO) settings
– Generally 10 or fewer wireless devices
• Two sections:
– WPA: Older equipment
– WPA2: Newer equipment

CWNA Guide to Wireless LANs, Second Edition 23

 WPA Personal Security: PSK
Authentication
• Uses passphrase (PSK) that is manually entered to
generate the encryption key
– PSK used a seed for creating encryption keys
• Key must be created and entered in AP and also
on any wireless device (“shared”) prior to (“pre”) the
devices communicating with AP

CWNA Guide to Wireless LANs, Second Edition 24

 WPA Personal Security: TKIP
Encryption
• TKIP is a substitute for WEP encryption
– Fits into WEP procedure with minimal change
• Device starts with two keys:
– 128-bit temporal key
– 64-bit MIC
• Three major components to address vulnerabilities:
– MIC
– IV sequence
– TKIP key mixing
• TKIP required in WPA
CWNA Guide to Wireless LANs, Second Edition 25
 WPA Personal Security: TKIP
Encryption (continued)

Figure 9-7: TKIP/MIC process

CWNA Guide to Wireless LANs, Second Edition 26
 WPA2 Personal Security: PSK
Authentication
• PSK intended for personal and SOHO users
without enterprise authentication server
– Provides strong degree of authentication protection
• PSK keys automatically changed (rekeyed) and
authenticated between devices after specified
period of time or after set number of packets
transmitted (rekey interval)
• Employs consistent method for creating keys
– Uses shared secret entered at AP and devices
• Random sequence of at least 20 characters or 24
hexadecimal digits

CWNA Guide to Wireless LANs, Second Edition 27

 WPA2 Personal Security: AES-CCMP
Encryption
• WPA2 personal security model encryption
accomplished via AES
• AES-CCMP: Encryption protocol in 802.11i
– CCMP based on Counter Mode with CBC-MAC
(CCM) of AES encryption algorithm
– CCM provides data privacy
– CBC-MAC provides data integrity and authentication
• AES processes blocks of 128 bits
– Cipher key length can be 128, 192 and 256 bits
– Number of rounds can be 10, 12, and 14
CWNA Guide to Wireless LANs, Second Edition 28
 WPA2 Personal Security: AES-CCMP
Encryption (continued)
• AES encryption/decryption computationally
intensive
– Better to perform in hardware

Table 9-5: Personal security model

CWNA Guide to Wireless LANs, Second Edition 29

 Enterprise Security Model
• Most secure level of security that can be achieved
today for wireless LANs
– Designed for medium to large-size organizations
– Intended for setting with authentication server
• Like personal security model, divided into sections
for WPA and WPA2
• Additional security tools available to increase
network protection

CWNA Guide to Wireless LANs, Second Edition 30

WPA Enterprise Security: IEEE 802.1x
Authentication
• Uses port-based authentication mechanisms
• Network supporting 802.1x standard should consist
of three elements:
– Supplicant: Wireless device which requires secure
network access
– Authenticator: Intermediary device accepting
requests from supplicant
• Can be an AP or a switch
– Authentication Server: Accepts requests from
authenticator, grants or denies access

CWNA Guide to Wireless LANs, Second Edition 31

WPA Enterprise Security: IEEE 802.1x
Authentication (continued)

Figure 9-8: 802.1x protocol

CWNA Guide to Wireless LANs, Second Edition 32

WPA Enterprise Security: IEEE 802.1x
Authentication (continued)
• Supplicant is software on a client implementing
802.1x framework
• Authentication server stores list of names and
credentials of authorized users
– Remote Authentication Dial-In User Service
(RADIUS) typically used
• Allows user profiles to be maintained in central
database that all remote servers can share

CWNA Guide to Wireless LANs, Second Edition 33

WPA Enterprise Security: IEEE 802.1x
Authentication (continued)
• 802.1x based on Extensible Authentication
Protocol (EAP)
– Several variations:
• EAP-Transport Layer Security (EAP-TLS)
• Lightweight EAP (LEAP)
• EAP-Tunneled TLS (EAP-TTLS)
• Protected EAP (PEAP)
• Flexible Authentication via Secure Tunneling (FAST)
– Each maps to different types of user logons,
credentials, and databases used in authentication

CWNA Guide to Wireless LANs, Second Edition 34

 WPA Enterprise Security: TKIP
Encryption
• TKIP is a “wrapper” around WEP
– Provides adequate encryption mechanism for WPA
enterprise security
– Dovetails into existing WEP mechanism
• Vulnerabilities may be exposed in the future

CWNA Guide to Wireless LANs, Second Edition 35

 WPA2 Enterprise Security: IEEE
802.1x Authentication
• Enterprise security model using WPA2 provides
most secure level of authentication and encryption
available on a WLAN
• IEEE 802.1x is strongest type of wireless
authentication currently available
• Wi-Fi Alliance certifies WPA and WPA2 enterprise
products using EAP-TLS
– Other EAP types not tested, but should run a WAP
or WAP2 environment

CWNA Guide to Wireless LANs, Second Edition 36

 WPA2 Enterprise Security: AES-
CCMP Encryption
• AES: Block cipher that uses same key for
encryption and decryption
– Bits encrypted in blocks of plaintext
• Calculated independently
– block size of 128 bits
– Three possible key lengths: 128, 192, and 256 bits
– WPA2/802.11i uses128-bit key length
– Includes four stages that make up one round
• Each round is iterated 10 times

CWNA Guide to Wireless LANs, Second Edition 37

 WPA2 Enterprise Security: AES-
CCMP Encryption (continued)

Table 9-6: Enterprise security model

CWNA Guide to Wireless LANs, Second Edition 38

 Other Enterprise Security Tools:
Virtual Private Network (VPN)
• Virtual private network (VPN): Uses a public,
unsecured network as if it were private, secured
network
• Two common types:
– Remote-access VPN: User-to-LAN connection used
by remote users
– Site-to-site VPN: Multiple sites can connect to other
sites over Internet
• VPN transmissions are achieved through
communicating with endpoints

CWNA Guide to Wireless LANs, Second Edition 39

 Other Enterprise Security Tools:
Virtual Private Network (continued)
• Endpoint: End of tunnel between VPN devices
– Can local software, dedicated hardware device, or
even a firewall
• VPNs can be used in WLAN setting
– Tunnel though WLAN for added security
• Enterprise trusted gateway: Extension of VPN
– Pairs of devices create “trusted” VPN connection
between themselves
– Can protect unencrypted packets better than a VPN
endpoint

CWNA Guide to Wireless LANs, Second Edition 40

 Other Enterprise Security Tools:
Wireless Gateway
• AP equipped with additional functionality
– Most APs are wireless gateways
• Combine functionality of AP, router, network address
translator, firewall, and switch
• On enterprise level, wireless gateway may combine
functionality of a VPN and an authentication server
– Can provide increased security for connected APs

CWNA Guide to Wireless LANs, Second Edition 41

 Other Enterprise Security Tools:
Wireless Intrusion Detection System
(WIDS)
• Intrusion-detection system (IDS): Monitors
activity on network and what the packets are doing
– May perform specific function when attack detected
– May only report information, and not take action
• Wireless IDS (WIDS): Constantly monitors RF
frequency for attacks
– Based on database of attack signatures or on
abnormal behavior
– Wireless sensors lie at heart of WIDS
– Hardware-based have limited coverage, software-
based have extended coverage
CWNA Guide to Wireless LANs, Second Edition 42
 Other Enterprise Security Tools:
Captive Portal
• Web page that wireless users are forced to visit
before they are granted access to Internet
• Used in one of the following ways:
– Notify users of wireless policies and rules
– Advertise to users specific services or products
– Authenticate users against a RADIUS server
• Often used in public hotspots

CWNA Guide to Wireless LANs, Second Edition 43

 Summary
• IEEE 802.11i and Wi-Fi Protected Access (WPA),
have become the foundations of today’s wireless
security
• Dynamic WEP attempts to solve the weak
initialization vector (IV) problem by rotating the
keys frequently, making it much more difficult to
crack the encrypted packet
• The IEEE 802.11i standard provided a more solid
wireless security model, such as the block cipher
Advanced Encryption Standard (AES) and IEEE
802.1x port security

CWNA Guide to Wireless LANs, Second Edition 44

 Summary (continued)
• WPA is a subset of 802.11i and addresses both
encryption and authentication
• The transitional security model uses shared key
authentication, turning off SSID beaconing, and
implementing MAC address filtering
• The personal security model is designed for single
users or small office home office (SOHO) settings
of generally 10 or fewer wireless devices and does
not include an authentication server

CWNA Guide to Wireless LANs, Second Edition 45

 Summary (continued)
• The enterprise security model is intended for
settings in which an authentication server is
available; if an authentication server is not
available the highest level of the personal security
model should be used instead
• Additional security tools that can supplement the
enterprise security model to provide even a higher
degree of security include virtual private networks,
wireless gateways, wireless intrusion detection
systems (WIDS), and captive portals

CWNA Guide to Wireless LANs, Second Edition 46