Wireless Security IssuesWireless Security Issues

Implementing a wireless LAN Implementing a wireless LAN without compromising your without compromising your

networknetworkMarshall Breeding

Director for Innovative Technologies and ResearchVanderbilt University

http://staffweb.library.vanderbilt.edu/breedinghttp://www.librarytechnology.org

Security concernsSecurity concerns

Eavesdropping a major concernEavesdropping a major concern Unprotected wireless access points are an Unprotected wireless access points are an

easy of entry for mobile hackerseasy of entry for mobile hackers Many rogue Wireless LANS were put up in Many rogue Wireless LANS were put up in

corporate networks without IT support or corporate networks without IT support or adequate securityadequate security

War Driving / War ChalkingWar Driving / War Chalking Some war driving / freeloading happens in Some war driving / freeloading happens in

residential settingsresidential settings

Positioning your wireless Positioning your wireless networknetwork

Libraries should already have a Libraries should already have a network security architecture that network security architecture that separates public access computing separates public access computing from the business networkfrom the business network

Adding a wireless LAN is easy when Adding a wireless LAN is easy when the library already has a solid the library already has a solid security environment in placesecurity environment in place

Encryption necessary to Encryption necessary to ensure securityensure security

Sensitive data must be encrypted when Sensitive data must be encrypted when transmitted across any untrusted networktransmitted across any untrusted network

Most Encryption algorithms uses a secure Most Encryption algorithms uses a secure key to encode the data and decode it after key to encode the data and decode it after transmissiontransmission

The longer the key, the more difficult it is The longer the key, the more difficult it is to use brute force to decrypt the messageto use brute force to decrypt the message

WEP uses 40, 64, or 128 (WEP2) bit keysWEP uses 40, 64, or 128 (WEP2) bit keys

Wired Equivalency PrivacyWired Equivalency Privacy

Optional Encryption scheme part of the Optional Encryption scheme part of the 802.11b specification802.11b specification

RC4 encryptionRC4 encryption Single key encrypts all trafficSingle key encrypts all traffic No system for key managementNo system for key management Hackers can easily recover the key Hackers can easily recover the key WEP often not enabledWEP often not enabled WEP can be defeated by sophisticated WEP can be defeated by sophisticated

hackershackers Provides a barrier to most potential intrudersProvides a barrier to most potential intruders

Wireless Hacking toolsWireless Hacking tools

At least two open source tools are At least two open source tools are available for recovering 802.11 WEP available for recovering 802.11 WEP keys:keys:

WEPCrackWEPCrackhttp://wepcrack.sourceforge.net/http://wepcrack.sourceforge.net/

AirSnortAirSnorthttp://airsnort.shmoo.com/http://airsnort.shmoo.com/

802.11i802.11i

Security Standard for the 802.11 arenaSecurity Standard for the 802.11 arena Includes WPA and RSN (Robust Security Includes WPA and RSN (Robust Security

Network)Network) Relies on 802.1x Relies on 802.1x specification for port-specification for port-

based user and device authenticationbased user and device authentication Ratified June 2004Ratified June 2004 Marketed as WPA2Marketed as WPA2

WPAWPA

Wi-Fi Protected AccessWi-Fi Protected Access Enhanced security over WEPEnhanced security over WEP TKIPTKIP Available now Available now Backwardly compatible with WEP – Backwardly compatible with WEP –

requires only a firmware upgrade.requires only a firmware upgrade.

Temporal Key Integrity Temporal Key Integrity Protocol (TKIP)Protocol (TKIP)

128 bit encryption keys128 bit encryption keys Each packet encrypted with a different key based Each packet encrypted with a different key based

on a 48-bit serial number, incremented with each on a 48-bit serial number, incremented with each use.use.

Avoids replay attacksAvoids replay attacks Relies on a base key with is generated when a Relies on a base key with is generated when a

device associates with the base stationdevice associates with the base station Ideally unique base keys transmitted during Ideally unique base keys transmitted during

802.1x authentication802.1x authentication Pre-shared keys used otherwisePre-shared keys used otherwise

WPA2WPA2

WPA + AES = WPA2WPA + AES = WPA2 Advanced Encryption Standard instead of Advanced Encryption Standard instead of

TKIPTKIP Stronger encryption algorithm Stronger encryption algorithm Not guaranteed to be backwardly Not guaranteed to be backwardly

compatible with existing WEP equipmentcompatible with existing WEP equipment Personal version uses pre-shared keyPersonal version uses pre-shared key Enterprise version uses 802.1X Enterprise version uses 802.1X

authentication through RADIUS server.authentication through RADIUS server.

WPA/802.1x DiagramWPA/802.1x Diagram

See:See: http://www.infoworld.com/infoworld/http://www.infoworld.com/infoworld/

img/20FEwifi_in-x.gifimg/20FEwifi_in-x.gif

Wi-Fi Security ServicesWi-Fi Security Services

SecureMyWiFi (SecureMyWiFi (http://www.witopia.net/http://www.witopia.net/))

RADIUS authentication and security RADIUS authentication and security key distribution servicekey distribution service

Operates with AP’s that support WPA-Operates with AP’s that support WPA-Enterprise or WPA2-Enterprise Enterprise or WPA2-Enterprise

$29 annual fee$29 annual fee

Virtual Private Networks Virtual Private Networks (VPN)(VPN)

A technology that offers strong securityA technology that offers strong security Common approach for remote users that Common approach for remote users that

rely on accessing organizational resources rely on accessing organizational resources through the Internetthrough the Internet

Applicable to wireless users on premises Applicable to wireless users on premises Enhances security / adds inconvenience. Enhances security / adds inconvenience.

WEP SecurityWEP Security

VPN SecurityVPN Security

ConclusionsConclusions

Solutions are available that provide Solutions are available that provide solid security for wireless networkssolid security for wireless networks

Trade-off between convenience and Trade-off between convenience and security.security.

Open wireless networks can be Open wireless networks can be operated without jeopardizing the operated without jeopardizing the library’s business networklibrary’s business network