Wireless Security Best Practices for Remote Monitoring Applications

Charlie StiernbergRemote Data Acquisition Product Manager, National Instruments

2

A Wireless Security Story…

• The Maroochy Shire sewage treatment plant (Australia) Between January and April 2000 the sewage system experienced 47

unexplainable faults Millions of liters of sewage were spilled

• On October 31, 2001 Vitek Boden was convicted of: 26 counts of willfully using a computer to cause damage 1 count of causing serious environment harm

3

Agenda

• Wireless network security: a history• IEEE 802.11i security for Wi-Fi networks• IEEE 802.15.4 for wireless sensor networks• ZigBee security protocols• Network design best practices: an IT perspective

4

A Brief History of Wireless Security

• 1897 – Marconi • 1997 – 802.11, WEP• 2001 – FMS attack • 2003 – WPA• 2004 – 802.11i ratified• 2006 – WPA2 Mandatory

http://navajopeople.org/navajo-code-talker.htm

5

Common Wireless Network Threats

• Dictionary Attack: brute force method for “guessing” passwords / credentials

• Man-in-the-Middle Attack: Rogue AP’s “trick” clients into sending them their security credentials

• Denial of Service (DoS): a flood of packets that consumes network resources

6

IEEE 802.11 SECURITY

7

IEEE 802.11 Overview

• “Wireless Ethernet”• High bandwidth for streaming / waveform

measurements• 10+ years in the IT sector

Version Released Frequency Max PHY Rate Max TCP Rate

802.11 1997 2.4 GHz 2 Mb/s 1 Mbps

802.11b 1999 2.4 GHz 11 Mb/s 14.4 Mbps

802.11a 1999 5 GHz 54 Mb/s 24.4 Mbps

802.11g 2003 2.4 GHz 54 Mb/s 24.4 Mbps

802.11n 2009? 2.4 GHz ~540 Mb/s ~100 Mbps

8

IEEE 802.11 (Wi-Fi) Security

• Three levels of IEEE 802.11 security WEP (weak) WPA (ok) WPA2 (best) <IEEE 802.11i>

• IEEE 802.11i security has two key components Encryption = data protection Authentication = access control

10

Encryption

• TKIP = Temporal Key Integrity Protocol (WPA)• AES = Advanced Encryption Standard (WPA2)

NIST-endorsed standard for government agencies FIPS-approved (FIPS 197)

Key size (bits) Number of alternative keys

Time required at 1 decryption/us

Time required at 106 decryptions/us

32 232 = 4.3 x 109 35.8 minutes 2.15 milliseconds

56 256 = 7.2 x 1016 1,142 years 10 hours

128 2128 = 3.4 x 1038 5.4 x 1024 years 5.4 x 1018 years

Time required for exhaustive key search (brute force attack) http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

12

Authentication

• Three players in 802.11i authentication Supplicant = client trying to access network (Wi-Fi DAQ) Authenticator = WAP hardwired to secured network Authentication Server = verifies identity of client

Supplicant Authenticator AuthenticationSever

13

IEEE 802.1X Port-Controlled Authentication

Uncontrolled Port

Controlled Port

802.1X Traffic

Non-802.1X Traffic (Blocked)

Before Authentication

After Authentication 802.1X Traffic

Non-802.1X Traffic (Blocked)

14

802.1X (EAP-Request Identity)

802.1X (EAP-Response Identity)

EAP Transport (EAP-Response Identity)

EAP-specific (mutual) authentication

EAP Transport (EAP-Success, PMK)

802.1X (EAP-Success)

Derive Pairwise Master Key (PMK) Derive Pairwise Master Key (PMK)

802.1X Backend EAP Transport

802.1X Message Flow

15

EAP = Extensible Authentication Protocol

• EAP is a framework with different implementations• ~40 different EAP methods• Some require passwords/user credentials (PEAP)• Some require client-side and/or server-side

certificates (EAP-TLS)• EAP can provide mutual authentication for the network

and the supplicant

16

IEEE 802.15.4 SECURITY

17

IEEE 802.15.4 Overview

Application

ZigBee Application Layer (APL)

ZigBee Network Layer (NWK)

802.15.4 Medium Access Control Layer (MAC)

802.15.4 Physical Layer (PHY)

ZigBee Security Service Provider

End User

ZigBee Alliance

IEEE 802.15.4

18

IEEE 802.15.4 Security

• Security services defined in the MAC layer• Access Control List (ACL) Mode

The MAC maintains a list of hardware devices addresses with which it will communicate

• Secured Mode adds… AES encryption up to 128 bits Frame integrity with message integrity code (MIC) Sequential freshness appends values to MAC frame to

prevent replay attacks

19

ZigBee Overview

• ZigBee Coordinator – starts and controls the network• ZigBee Routers – extend network coverage• ZigBee End Devices – transmit/receive messages

Star Tree Mesh

ZCZC ZC

ZRZR

ZR

ZRZRZR

ZR

20

ZigBee Security

• ZigBee security builds on IEEE 802.15.4 Application and Network Layer security Key management for encryption and authentication

• ZigBee Trust Center Authenticates joining devices Manages key distribution in the network

• Standard Security Mode• High Security Mode

21

ZigBee Security Keys

Keys are used for encryption & authentication• Network Keys

All devices on a ZigBee network share the same key• Link Keys

Secure unicast messages between two devices• Master Keys

Used as an initial shared secret between two devices to perform SKKE to generate link key

22

ZigBee Commissioning & Security

• Standard security Preconfigured with active network key Preconfigured with a Trust Center link key and

address• High security

Preconfigured with a Trust Center master key and address

• Not preconfigured (not recommended)

23

AN IT PERSPECTIVE

24

IT & Engineering Network Convergence

Traditional Model – Separate Networks for IT/Corporate & Measurement/Control

Converged Model – Shared Network for IT/Corporate & Measurement/Control

HMI

Sensors Motors

PLCPAC

Control Network Gateway

Back-EndServers

BusinessLogic

HMI

Sensors Motors

Wireless DAQ

Ethernet DAQ PAC

Back-EndServers

BusinessLogic

25

Firewall

• Blocks unauthorized access while permitting outward communication

• Can also permit, deny, encrypt, decrypt, or proxy all traffic between different security domains

26

Virtual Local Area Networks (VLANs)• OSI Layer 2 technology• Switch ports assigned to a VLAN• Data is only forwarded to ports

within the same VLAN• Broadcasts and multicasts are

restricted to their respective VLANs• A Layer 3 device (router or Layer 3

switch) can pass messages between different VLANs

1

2

3

4

5

VLAN 1 VLAN 2

VLAN 3

27

VLAN Best Practices

• Logically segment networks (ie, instrumentation VLAN vs enterprise VLAN)

• Assign VLANs to devices when traffic patterns are known

• Limit the flow of producer/consumer traffic outside of required devices

• Use Layer 3 switch or router to exchange data between VLANs

28

Wireless Intrusion Prevention System (WIPS)• Continuous monitoring of radio spectrum for

unauthorized devices (intrusion detection) and automatic countermeasures (intrusion prevention) Rogue AP Man-in-the-Middle Ad-hoc DoS MAC-Spoofing Etc.

29

Pulling it All Together

• Logically segmented network (NIST SP 800-82)

• Firewalls & VLANs• Demilitarized Zone (DMZ)• Wireless link encryption

& authentication• WIPS

Measurement & Control Network

DMZ

Enterprise

Internet

30

Summary

• Wireless security can be robust when implemented correctly

• If you are still using WEP, stop…now• New security technologies are still evolving for WSN• Start planning with your IT group before they start

planning for you

31

For More Information

Charlie Stiernbergcharlie.stiernberg@ni.com

ni.com/wireless