lecture_7

7/21/2019 Lecture_7

http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 1/24

Mario Čagalj

University of Split

2013/2014.

FELK 1! Se"#rity of $ireless%et&or's(

7/21/2019 Lecture_7


$iFi )*n+Se"#rity , 2st

part!-#lnerailities of $ an$2ssele fro ierent so#r"es! $al'er

Le5ere 6#ttyan ...

ro#"e y Mario Čagalj

7/21/2019 Lecture_7


3

*ntro#"tion! *EEE 702.11i

$e 5ave seen t5at $E is "riti"ally 8a&e *EEE 702.11i e9ne to properly se"#re &ireless

L%s )2004+Spe"i9es ro#st se"#rity e"5aniss for $L%s:e9nes ;ransition Se"#rity %et&or' );S%+<alle $iFi=rote"te ""ess )$+ y $iFi=llian"e6ase on >ne&? ;K* )t5at #ses >ol? @<4 li'e $E+6a"'&ar "opatiility )&it5 ol @<4=only 5ar&are+*EEE 702.1A a#t5enti"ation frae&or'

More iportantly e9nes a @o#st Se"#rity %et&or')@S%+<alle $iFi=rote"te ""ess 2 )$2+ y $iFi=llian"e6ase on ES an optionally ;K*

lso #ses *EEE 702.1A a#t5enti"ation frae&or'

7/21/2019 Lecture_7


4

;ranBi"ija prea *EEE 702.11i

IEEE 802.11b

WEPWPA

IEEE 802.11i

(WPA2)

Tajnost podataka

(enkripcija)WEP (RC4) TIP (RC4)

AE!"

(opcija TIP)

Inte#ritet podataka WEP (RC4) $ CRC TIP%&ICAE!%&AC

(opcija TIP%&IC)

A'tentikacija i

kontroa prist'pa

!ared e*

A'tentication

IEEE 802.1+,EAP

($ EAP%T-!" -EAP)

IEEE 802.1+,EAP

($ EAP%T-!" -EAP)

TIP: Temporal Key IntegrityProtocol

AE!: Advanced Encryption Standard&IC: Message Integrity Code&AC: Message Authentication Code

EAP: Extensible Authentication ProtocolT-!: Transport ayer Security-EAP: ight EAP !Cisco"

7/21/2019 Lecture_7


C

#tenti9'a"ijs'i oel *EEE702.1A # $iFi

ort=ase %et&or' ""ess <ontrolD Moilni 'lijent Ba5tijeva prist#p #sl#gaa )eli se spojiti na

re#+D 'ontrolira prist#p #sl#gaa )'ontrolirani port+D #tenti9'a"ijs'i server )S+

•

Moilni 'lijent i S se e#sono a#tenti9"iraj#• S inforira a oe otvoriti 'ontrolirani port oilno

&obini kijent

AP

-A/(Internet)

A'tentiikacijskiserer

ontroiranport

!obodan(otoren) port

7/21/2019 Lecture_7


-#lnerailities of 5oenet&or's

ssele fro ierent so#r"es! $al'er

Le5ere 6#ttyan ...

7/21/2019 Lecture_7


G

Hpera"ijs'e faBe *EEE 702.11i!'#Ine i a 5o" ree #tenti9'a"ijs'i server nije pris#tan #tenti9'a"ija Basnovana na ijeljeno 'lj#J# )re=S5are Key

SK +

&obini kijent (&) Prist'pna toka (AP)P!('3jesto P&)

tkrianje si#'rnosni'nkcionanosti

IEEE 802.1+ ke* 3ana#e3ent(Projera P!,PT5 64%7a* andsake)

9a:tita podataka(TIP" CC&P,AE!)

7/21/2019 Lecture_7


7

Key erivation an istri#tion

;K )air&ise ;ransient Key+ , #ni#e for t5is M ant5is

Guillaume Lehembre, hakin9 6/2005

7/21/2019 Lecture_7


7/21/2019 Lecture_7


10

4=$ay Qans5a'e )over a raio"5annel+

Guillaum

eLehe

mbre,

hakin96

PTK

PTK = EAPoL-PRF(PSK, ANonce | SNonce |

AP MAC Addr | M’s MAC Addr)

7/21/2019 Lecture_7


11

-#lnerailities of 4=&ay5ans5a'e )1/3+e"ts ot5 $ an $2ass&or=to=Key MappingUses K<S NC v2.0 6K:F2 to generate a 2CO=it SK fro an S<**

pass&orMKPSK P 6K:F2 )ass&or SS*: SS*:lengt5 40O 2CO+Salt P SS*: so SK ierent for ierent SS*:s40O is t5e n#er of 5as5es #se in t5is pro"essass&or lengt5 et&een 7 an O3 printale S<** "5ara"ters

-#lneraility ;5e ;K #se in 4=&ay 5ans5a'e erive fro SK anSKPf)$:+4=&ay 5ans5a'e prote"te &it5 ;K 4=&ay 5ans5a'e essages transite over a p#li" raio

"5annel

7/21/2019 Lecture_7


12

-#lnerailities of 4=&ay5ans5a'e )2/3+ ;5e streng5t of ;K relies on t5e SK &5i"5 ee"tively eans on t5e strengt5 of t5e pass&or $:

HRine brute-force an dictionary atta"'s possile

1.atta"'er "apt#res )re"ors+ 4=&ay 5ans5a'e )only 9rst 2essages &5yT+2.atta"'er perfors brute-force or dictionary atta"'s )at 5oe+

1. guee or read from the dictionary t5e "aniate !"#tet

2. "al"#lates !$% tet P 6K:F2 )!"#tet SS*: SS*:lengt5 40O 2CO+ !&% tet P EoL=@F)!$% tet %on"e S%on"e M< r MVs

M< r+ !&% tet gives %'% tet )#se for essage a#t5enti"ation in 4=&ay 5an+ ()'tet P M<)%'% tet p#li" info+

3. if )()'tetPP()'ca*tured+ o#tp#t !"#tet as t5e pass&or g#ess

else go to 1.

7/21/2019 Lecture_7


13

-#lnerailities of 4=&ay5ans5a'e )3/3+Qo& to "apt#re t5e 4=&ay 5ans5a'eT

1. Enter t5e onitoring oe2. :is"over neary net&or's an asso"iate "lients M< aresses $ or $2 SS*:

3. :isasso"iate "lients to for"e t5e to r#n again 4=&ay5ans5a'e Use fa'e isasso"iation "ontrol pa"'ets )not prote"te y *EEE 702.11i+

4. @e"or t5e ne& 4=&ay 5ans5a'e e.g. #sing ireplay

C. Wo 5oe an la#n"5 a i"tionary atta"' ir"ra"'

7/21/2019 Lecture_7


14

tta"' "opleity

:epens on t5e entropy of pass&ors$ea' pass&ors easy to "ra"'Strong pass&orsE.g. a rano passp5rase of 13 "5ara"ters )sele"te fro t5e set of

C peritte "5ara"ters+ gives C13 X 27C

Slow hashing algorithm )6K:F2 involves any iteration of QM<=SQ1+ SK P 6K:F2 )ass&or SS*: SS*:lengt5 40O 2CO+ *n pra"ti"e 6K:F2 for"es t5e atta"'er to iterate SQ1 1O.000

ties

*n"reases t5e atta"erVs "ost )t5e tie to test a single p&+ E.g. y slo&ing o&n t5e atta"'er y t5e fa"tor of 3OC0 iplies

t5at t5e eort of 1 ay in"reases to 3OC0 ays )10 years+

Unfort#natelly people o not sele"t 13 rano

"5ara"ters

7/21/2019 Lecture_7


1C

Speeing #p t5e i"tionaryatta"'@e"all t5e dictionary attack

1. atta"'er "apt#res )re"ors+ 4=&ay 5ans5a'e2. atta"'er perfors i"tionary atta"'s )at 5oe+

1. reas fro t5e i"tionary t5e "aniate !"#tet

2. "al"#lates !$% tet P 6K:F2 )!"#tet SS*: SS*:lengt5 40O 2CO+ !&% tet P EoL=@F)!$% tet %on"e S%on"e M< r

MVs M< r+ !&% tet gives %'% tet )#se for essage a#t5enti"ation in 4=&ay

5an+ ()'tet P M<)%'% tet p#li" info+

3. if )()'tetPP()'ca*tured+ o#tp#t !"#tet as t5e pass&or g#esselse go to 1.

&hi *art ilo+

7/21/2019 Lecture_7


1O

Speeing #p t5e i"tionaryatta"'re="op#te t5e slo& part )efore atta"'ing+ an re=

#se against any net&or'sSK test P 6K:F2 )$:test SS*: SS*:lengt5 40O 2CO+Hserve not5ing spe"i9" ao#t t5e "#rrent session

$5ere "an t5e atta"'er re=#se t5e pre="op#te ataT$it5 net&or's s5aring t5e sae SS*:

Qo& #"5 ata t5e atta"'er 5as to storeT*t epens on t5e "on"rete atta"' ipleentation an

targete s#""ess proailityE.g. 100.000.000 pass&ors of average lengt5 10 "5ars

)letters an n#ers+ =Y 2326 i.e. ao#t 4W6

7/21/2019 Lecture_7


1G

Se"#ring against t5e i"tionaryatta"'s ;o se"#re yo#r net&or' against t5ese pre="op#te

i"tionaries a'e s#re t5at Zo#r SS*: is #ni#e )oes not appear in t5e eisting

tales+

Zo#r $: is strong eno#g5 )s#["iently long an rano!=+

7/21/2019 Lecture_7


-#lnerailities of enterprisenet&or's

ssele fro ierent so#r"es! $al'er

Le5ere 6#ttyan ...

7/21/2019 Lecture_7


1

#tenti9'a"ijs'i oel *EEE702.1A # $iFi

ort=ase %et&or' ""ess <ontrolD Moilni 'lijent Ba5tijeva prist#p #sl#gaa )eli se spojiti na

re#+D 'ontrolira prist#p #sl#gaa )'ontrolirani port+D #tenti9'a"ijs'i server )S+

•

Moilni 'lijent i S se e#sono a#tenti9"iraj#• S inforira a oe otvoriti 'ontrolirani port oilno

&obini kijent

AP

-A/(Internet)

A'tentiikacijskiserer

ontroiranport

!obodan(otoren) port

7/21/2019 Lecture_7


20

Hpera"ijs'e faBe *EEE 702.11i

&obini kijent (&) Prist'pna toka (AP) A'tentikacijski serer (A!)

tkrianje si#'rnosni

'nkcionanosti

;istrib'cija P& kj'a(npr. p'te3 RA;I<!%a)

9a:tita podataka(TIP" CC&P,AE!)

Re='tat> & i A!%#eneriraj' &aster e* (&)%i=ed' Pair7ise & (P&)

802.1+ a'tentiikacija

Re='tat> & i AP

%projere P&%i=ed' Pai7ise Transient e* (PT)%PT e=an '= o1aj & i o1' AP

802.1+ ke* 3ana#e3ent

<<M P <o#nter=Moe / <ip5er 6lo"' <5ainingMessage #t5enti"ation <oe roto"ol ase on

7/21/2019 Lecture_7


;#nnele ;LS over Etensile #t5enti"ation roto"ol )E= ;;LS+rovies prote"tion for initial a#t5enti"ation essages )plaintet

pass&ors e.g. #se y FES6+

21

Eaple! FES6 $iFi )E=;;LSan +

&obini kijent (&) Prist'pna toka (AP) A'tentiikacijskiserer (A!)

TT-! serer

Estabisin# an a'tentication T-! t'nne

T-! protected a'tentication

?%%no tr'st%%@ ?%%tr'st%%@ ?%%tr'st%%@

?%%%%%%%%%%%certiicate%%%%%%%%%%@

W-A/ 3astersession ke*

A'tentication

;ata traic

on sec'red ink

7/21/2019 Lecture_7


-aliation of t5e a#t5enti"ation server ase on "erti9"atevaliation ;r#ste iss#ing a#t5ority at"5ing "erti9"ate o&nerVs <oon

%ae )<%+

Many E )E=;;LS+ eployents fail to properly eployMali"io#s a#t5enti"ation server gains a""ess to inner a#t5enti"ation

et5osE! MS=<Qv2 ;;LS! MS=<Qv2 <Q et".

22

Eaple! FES6 $iFi )E=;;LSan +

&obini kijent (&) Prist'pna toka (AP) TT-! serer

Estabisin# an a'tentication T-! t'nne7it te ro#'e A't!r

T-! protected inner a'tentication

?%%no tr'st%%@ ?%%tr'st%%@ ?%%tr'st%%@

Record session

controlled by te !tt!c"er (Ro#$e AP)

7/21/2019 Lecture_7


PEAP: Pwned Extensible AuthenticationProtocol y \os5#a $rig5t an 6ra ntonie&i"BS5oo<on 2007

23

Qo& to set properly set#p E=li'e a#t5enti"ation et5os

7/21/2019 Lecture_7


stanar t5at attepts to allo& easy estalis5entof a se"#re &ireless 5oe net&or'

;5e stanar allo&s fo#r #sage oes aie at a 5oenet&or' #ser aing a ne& evi"e to t5e net&or'!*% Met5o )e.g. enter t5e *% on into t5e "lient+

#s5=6#tton=Met5o )a #ser si#ltaneo#sly p#s5es a #tton on t5e ant5e "lient+%ear=Fiel=<o#ni"ation Met5o )ring t5e "lient "lose to t5e +US6 Met5o

*n :e"eer 2011 resear"5er Stefan -ie5]"' reporte a esign anipleentation 8a& t5at a'es r#te=for"e atta"'s against *%=ase

$S feasile to perfor on $S=enale $i=Fi net&or's s#""essf#l atta"' on $S allo&s #na#t5oriBe parties to gain a""ess to t5e

net&or'

&he only eectie +orkaround i to diable "!$

)m*oible on ome ! 24

$i=Fi rote"te Set#p )$S+*nse"#rities )5oe nets again+

lecture_7

Documents