applied communications technology wireless mobile security
DESCRIPTION
Applied Communications Technology Wireless Mobile Security. “20% of enterprise CIOs had found unsecured access points on their network.”. 50% of all network breaches start with Wi-Fi. - PowerPoint PPT PresentationTRANSCRIPT
Author: Bob Edwards, Edited by: Nic Shulver
Applied Communications TechnologyWireless Mobile Security
• Overview of needs• Wireless security• Attack types• GSM and UTMS security • Bluetooth
Slide1
“Nearly one out of every two recorded digital attacks are now taking place via the wireless route as opposed to one out of every ten, at the start of 2004.”
50% of all network breaches start with Wi-Fi
“20% of enterprise CIOs had found unsecured access points on their network.”
Author: Bob Edwards, Edited by: Nic Shulver
Why is security more of a concern in wireless?
No inherent physical protection Broadcast communications Eavesdropping is easy with a modified phone Impersonation of user’s signals and/or user data to
the network Impersonation of the network, looks like genuine
network Illegitimate access to the network and its services
is easy Denial of service is easily achieved by jamming
Slide 2
Author: Bob Edwards, Edited by: Nic Shulver
Wireless Security
Pain points:
“Air” is now a part of corporate networks. It must be monitored!RF signals can leak out of your office premisesInvisible network. Hard to manage what you cannot see“No Wi-Fi” policy keeps my network safe (yeah, right…)2.4GHz is license free, unregulated mediumFirewalls, VPNs, Wired Intrusion Detection systems are not sufficientNew stringent regulatory compliance
Slide 3
Author: Bob Edwards, Edited by: Nic Shulver
Wireless security requirements
Confidentiality : encrypt messages Authenticity: verify origin of messages Replay detection: check freshness of messages Verify message integrity - possible to modify
messages on-the-fly (during radio transmission) Access control
– access to network services only for “legitimate entities”
– access control should be constantly reapplied• Not enough to check when a user joins the
network• Or when logical associations are established• Logical associations can be hijacked at any
time Protection against jamming
Slide 4
Author: Bob Edwards, Edited by: Nic Shulver
Balancing Security and Access
Careful management of security policies is needed to maintain the balance between transparent access and use and the network security
Slide 5
Author: Bob Edwards, Edited by: Nic Shulver
WLAN Security Wheel
Always have a good WLAN Security Policy in place. Secure the network based on the policy
Slide 6
Author: Bob Edwards, Edited by: Nic Shulver
Vulnerabilities
– Configuration• Default, common or shared passwords• Unneeded services enabled• Few or no filters – router setup, file permissions etc.• Poor device maintenance
– Policy• Weak security policy (or no explicit security policy)• Poorly enforced policy• Physical access unrestricted or unsecured• Poor or no monitoring – logs, CCD, reporting
– Technology• TCP/IP – spoofing• WEP and Broadcast SSID – relatively easy to break• Association process – connection hand-shake spoofing• Wireless Interference
Slide 7
Author: Bob Edwards, Edited by: Nic Shulver
WLAN Security Attacks
Reconnaissance– unauthorized discovery (information gathering ) and
mapping of systems, services, or vulnerabilities– usually precedes an actual access or DoS attack.
Access– Usually involves running a script and/or “social
engineering”– Intruder attempts to gain access to a device for
which he does not have an account or password Denial-of-Service
– an attacker disables or corrupts the network with the intent of denying the service to authorized users
Slide 8
Author: Bob Edwards, Edited by: Nic Shulver
The “Parking Lot” Attacker
The “Rogue” Access Point
Slide 9
WLAN Security Issues
Author: Bob Edwards, Edited by: Nic Shulver
WLAN Security Considerations
Authentication – only authorized users and devices should be allowed.
Administration Security – only authorized users should be able to access the AP configuration interfaces
Encryption – traffic should be protected from unauthorized access.
– FTP, HTTP, POP3, and SMTP are insecure and should be avoided whenever possible. Utilize protocols with encryption.
Slide 10
TrafficTrafficTrafficTraffic No No EncryptionEncryption
No No EncryptionEncryption
EncryptionEncryptionEncryptionEncryption
Web BrowsingWeb BrowsingWeb BrowsingWeb Browsing HTTPS HTTPS HTTPS HTTPS HTTPHTTPHTTPHTTP
File TransferFile TransferFile TransferFile Transfer TFTP or FTPTFTP or FTPTFTP or FTPTFTP or FTP SCPSCPSCPSCP
EmailEmailEmailEmail
Remote MgmtRemote MgmtRemote MgmtRemote Mgmt
POP3 or SMTPPOP3 or SMTPPOP3 or SMTPPOP3 or SMTP SPOP3 SPOP3 SPOP3 SPOP3
TelnetTelnetTelnetTelnet SSHSSHSSHSSH
Author: Bob Edwards, Edited by: Nic Shulver Slide 11
Wireless LANs Security MAC address filtering Encryption is the method which will give the best level
of security– If companies wish to use the technology they will
want a level of knowledge that only the recipient can read the data and the non-repudiation of the packets sent
– Encryption Algorithms• WEP, WPA, WPA2
Author: Bob Edwards, Edited by: Nic Shulver
Admin Authentication on AP
To prevent unauthorized access to the AP configuration interfaces:
–Configure a secret password for the privileged mode access. (good)–Configure local usernames/passwords. (better)–Configure AP to utilize a security server for user access. (best)
SSID Stealth–In this mode, the Access point does not reveal its identity to probe requests from stations–This provides a primitive level of “security by obscurity”
Access Control Lists–The AP maintains a list of MAC addresses of trusted stations and requests from other MAC addresses are ignored
Slide 15
Author: Bob Edwards, Edited by: Nic Shulver
WLAN Security Hierarchy
No Encryption, Basic Authentication
Public “Hotspots”
Open Access
40-bit or 128-bitStatic WEP Encryption
Home Use
Basic Security802.1x,
KIP/WPA Encryption,
Mutual Authentication,
Scalable Key Mgmt., etc.
Business
Enhanced Security
Slide 16
VirtualPrivate
Network (VPN)
Business Traveler,
TelecommuterRemote
Access
Author: Bob Edwards, Edited by: Nic Shulver Slide 17
Attacker Capabilities
Man-in-the-middle– This is the capability whereby the intruder puts himself in
between the target user and a genuine network and has the ability to eavesdrop, modify, delete, re-order, replay, and spoof signalling and user data messages exchanged between the two parties.
Network Authentication Compromise– The intruder possesses a compromised authentication
vector (challenge-response pairs, cipher keys, integrity keys, etc.)
– For his attacks the intruder requires a modified Mobile Station (MS) and/or a modified Base Station (BS)
Author: Bob Edwards, Edited by: Nic Shulver
Identity catching
Mobile users are identified by temporary identities, but there are cases where the network requests the user to send its permanent identity in clear text
Passive identity catching– The attacker with a modified MS waits passively for a
new registration or a database crash as in such cases the user is requested to send its identity in clear text.
Active identity catching– In this case, the attacker with a modified BS entices
the user to camp on his BS and then asks him to send his International Mobile Subscriber Identity (IMSI)
Slide 19
Author: Bob Edwards, Edited by: Nic Shulver Slide 20
Impersonation of User
By the use of a compromised authentication vector By the use of an eavesdropped authentication
response– Hijacking outgoing calls in networks with encryption disabled
– Hijacking outgoing calls in networks with encryption enabled
– Hijacking incoming calls in networks with encryption disabled
– Hijacking incoming calls in networks with encryption enabled If you have a user’s authentication details you can
send a message as them, even if it’s a temporary authentication
Author: Bob Edwards, Edited by: Nic Shulver
Impersonation of the network
By suppressing encryption between the target user and the intruder: An attacker with a modified BS entices the user to camp on his false BS and when the service is initiated, the intruder does not enable encryption.
By suppressing encryption between the target user and the true network: During call setup the ciphering capabilities of the MS are modified by the intruder and it appears to the network that there is genuine mismatch of the ciphering and authentication algorithms. After this the network may decide to establish an un-enciphered connection: The intruder cuts the connection and impersonates the network to the target user.
By forcing the use of a compromised cipher key: The attacker with a modified BS/MS and a compromised authentication vector entices the user to setup a call while camped on his false BS/MS. The attacker then forces the use of a compromised cipher key. Slide 21
Author: Bob Edwards, Edited by: Nic Shulver Slide 22
Intro to Mobile Phone Security
The original first generation analogue mobile systems employed a simple electronic serial number to confirm that the terminal should be allowed access to the service. – It was not long before the protection afforded to
this number was broken. Second generation systems such as GSM were
designed from the beginning with security in mind.– The Home Environment operator can control the
use of the system by the provision of the Subscriber Identity Module (SIM) which contains a user identity and authentication key.
Author: Bob Edwards, Edited by: Nic Shulver
GSM Security Features
Authentication– network operator can verify the identity of the subscriber
making it infeasible to clone someone else’s mobile phone– challenge-response authentication protocol– encryption of the radio channel
Confidentiality– protects voice, data and sensitive signalling information
(e.g. dialled digits) against eavesdropping on the radio path
– encryption of the radio channel Anonymity
– protects against someone tracking the location of the user or identifying calls made to or from the user by eavesdropping
– use of temporary identities Slide 23
Author: Bob Edwards, Edited by: Nic Shulver
GPRS Encryption
Differences compared with GSM circuit-switched– Encryption terminated further back in network– Encryption applied at higher layer in protocol stack
• Logical Link Layer (LLC)– New stream cipher with different input/output parameters
• GPRS Encryption Algorithm (GEA)– GEA generates the keystream as a function of the cipher
key and the ‘LLC frame number’ - so the cipher is re-synchronised to every LLC frame
– LLC frame number is very large so keystream repeat is not an issue
Slide 28
Author: Bob Edwards, Edited by: Nic Shulver
Bluetooth
Short-range communications, master-slave principle
Eavesdropping is difficult:– Frequency hopping– Communication is over a few metres only
Security issues:– Authentication of the devices to each other– Confidential channel
based on secret link key
Slide 31
Author: Bob Edwards, Edited by: Nic Shulver Slide 33
Conclusion
Wireless and mobile security issues concentrate on the Integrity, confidentiality and authentication of the networks and users.
Access and use of service to avoid or reduce a legitimate charge.
Location privacy: unique to mobile networks. Mobile devices:
–Limited resources–Lack of physical protection
Roaming of users across different networks
Author: Bob Edwards, Edited by: Nic Shulver
Drive-by Cracking
Slide 34