lecture_7
DESCRIPTION
bvnbvTRANSCRIPT
![Page 1: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/1.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 1/24
Mario Čagalj
University of Split
2013/2014.
FELK 1! Se"#rity of $ireless%et&or's(
![Page 2: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/2.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 2/24
$iFi )*n+Se"#rity , 2st
part!-#lnerailities of $ an$2ssele fro ierent so#r"es! $al'er
Le5ere 6#ttyan ...
ro#"e y Mario Čagalj
![Page 3: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/3.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 3/24
3
*ntro#"tion! *EEE 702.11i
$e 5ave seen t5at $E is "riti"ally 8a&e *EEE 702.11i e9ne to properly se"#re &ireless
L%s )2004+Spe"i9es ro#st se"#rity e"5aniss for $L%s:e9nes ;ransition Se"#rity %et&or' );S%+<alle $iFi=rote"te ""ess )$+ y $iFi=llian"e6ase on >ne&? ;K* )t5at #ses >ol? @<4 li'e $E+6a"'&ar "opatiility )&it5 ol @<4=only 5ar&are+*EEE 702.1A a#t5enti"ation frae&or'
More iportantly e9nes a @o#st Se"#rity %et&or')@S%+<alle $iFi=rote"te ""ess 2 )$2+ y $iFi=llian"e6ase on ES an optionally ;K*
lso #ses *EEE 702.1A a#t5enti"ation frae&or'
![Page 4: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/4.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 4/24
4
;ranBi"ija prea *EEE 702.11i
IEEE 802.11b
WEPWPA
IEEE 802.11i
(WPA2)
Tajnost podataka
(enkripcija)WEP (RC4) TIP (RC4)
AE!"
(opcija TIP)
Inte#ritet podataka WEP (RC4) $ CRC TIP%&ICAE!%&AC
(opcija TIP%&IC)
A'tentikacija i
kontroa prist'pa
!ared e*
A'tentication
IEEE 802.1+,EAP
($ EAP%T-!" -EAP)
IEEE 802.1+,EAP
($ EAP%T-!" -EAP)
TIP: Temporal Key IntegrityProtocol
AE!: Advanced Encryption Standard&IC: Message Integrity Code&AC: Message Authentication Code
EAP: Extensible Authentication ProtocolT-!: Transport ayer Security-EAP: ight EAP !Cisco"
![Page 5: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/5.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 5/24
C
#tenti9'a"ijs'i oel *EEE702.1A # $iFi
ort=ase %et&or' ""ess <ontrolD Moilni 'lijent Ba5tijeva prist#p #sl#gaa )eli se spojiti na
re#+D 'ontrolira prist#p #sl#gaa )'ontrolirani port+D #tenti9'a"ijs'i server )S+
•
Moilni 'lijent i S se e#sono a#tenti9"iraj#• S inforira a oe otvoriti 'ontrolirani port oilno
&obini kijent
AP
-A/(Internet)
A'tentiikacijskiserer
ontroiranport
!obodan(otoren) port
![Page 6: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/6.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 6/24
-#lnerailities of 5oenet&or's
ssele fro ierent so#r"es! $al'er
Le5ere 6#ttyan ...
![Page 7: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/7.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 7/24
G
Hpera"ijs'e faBe *EEE 702.11i!'#Ine i a 5o" ree #tenti9'a"ijs'i server nije pris#tan #tenti9'a"ija Basnovana na ijeljeno 'lj#J# )re=S5are Key
SK +
&obini kijent (&) Prist'pna toka (AP)P!('3jesto P&)
tkrianje si#'rnosni'nkcionanosti
IEEE 802.1+ ke* 3ana#e3ent(Projera P!,PT5 64%7a* andsake)
9a:tita podataka(TIP" CC&P,AE!)
![Page 8: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/8.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 8/24
7
Key erivation an istri#tion
;K )air&ise ;ransient Key+ , #ni#e for t5is M ant5is
Guillaume Lehembre, hakin9 6/2005
![Page 9: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/9.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 9/24
![Page 10: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/10.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 10/24
10
4=$ay Qans5a'e )over a raio"5annel+
Guillaum
eLehe
mbre,
hakin96
PTK
PTK = EAPoL-PRF(PSK, ANonce | SNonce |
AP MAC Addr | M’s MAC Addr)
![Page 11: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/11.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 11/24
11
-#lnerailities of 4=&ay5ans5a'e )1/3+e"ts ot5 $ an $2ass&or=to=Key MappingUses K<S NC v2.0 6K:F2 to generate a 2CO=it SK fro an S<**
pass&orMKPSK P 6K:F2 )ass&or SS*: SS*:lengt5 40O 2CO+Salt P SS*: so SK ierent for ierent SS*:s40O is t5e n#er of 5as5es #se in t5is pro"essass&or lengt5 et&een 7 an O3 printale S<** "5ara"ters
-#lneraility ;5e ;K #se in 4=&ay 5ans5a'e erive fro SK anSKPf)$:+4=&ay 5ans5a'e prote"te &it5 ;K 4=&ay 5ans5a'e essages transite over a p#li" raio
"5annel
![Page 12: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/12.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 12/24
12
-#lnerailities of 4=&ay5ans5a'e )2/3+ ;5e streng5t of ;K relies on t5e SK &5i"5 ee"tively eans on t5e strengt5 of t5e pass&or $:
HRine brute-force an dictionary atta"'s possile
1.atta"'er "apt#res )re"ors+ 4=&ay 5ans5a'e )only 9rst 2essages &5yT+2.atta"'er perfors brute-force or dictionary atta"'s )at 5oe+
1. guee or read from the dictionary t5e "aniate !"#tet
2. "al"#lates !$% tet P 6K:F2 )!"#tet SS*: SS*:lengt5 40O 2CO+ !&% tet P EoL=@F)!$% tet %on"e S%on"e M< r MVs
M< r+ !&% tet gives %'% tet )#se for essage a#t5enti"ation in 4=&ay 5an+ ()'tet P M<)%'% tet p#li" info+
3. if )()'tetPP()'ca*tured+ o#tp#t !"#tet as t5e pass&or g#ess
else go to 1.
![Page 13: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/13.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 13/24
13
-#lnerailities of 4=&ay5ans5a'e )3/3+Qo& to "apt#re t5e 4=&ay 5ans5a'eT
1. Enter t5e onitoring oe2. :is"over neary net&or's an asso"iate "lients M< aresses $ or $2 SS*:
3. :isasso"iate "lients to for"e t5e to r#n again 4=&ay5ans5a'e Use fa'e isasso"iation "ontrol pa"'ets )not prote"te y *EEE 702.11i+
4. @e"or t5e ne& 4=&ay 5ans5a'e e.g. #sing ireplay
C. Wo 5oe an la#n"5 a i"tionary atta"' ir"ra"'
![Page 14: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/14.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 14/24
14
tta"' "opleity
:epens on t5e entropy of pass&ors$ea' pass&ors easy to "ra"'Strong pass&orsE.g. a rano passp5rase of 13 "5ara"ters )sele"te fro t5e set of
C peritte "5ara"ters+ gives C13 X 27C
Slow hashing algorithm )6K:F2 involves any iteration of QM<=SQ1+ SK P 6K:F2 )ass&or SS*: SS*:lengt5 40O 2CO+ *n pra"ti"e 6K:F2 for"es t5e atta"'er to iterate SQ1 1O.000
ties
*n"reases t5e atta"erVs "ost )t5e tie to test a single p&+ E.g. y slo&ing o&n t5e atta"'er y t5e fa"tor of 3OC0 iplies
t5at t5e eort of 1 ay in"reases to 3OC0 ays )10 years+
Unfort#natelly people o not sele"t 13 rano
"5ara"ters
![Page 15: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/15.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 15/24
1C
Speeing #p t5e i"tionaryatta"'@e"all t5e dictionary attack
1. atta"'er "apt#res )re"ors+ 4=&ay 5ans5a'e2. atta"'er perfors i"tionary atta"'s )at 5oe+
1. reas fro t5e i"tionary t5e "aniate !"#tet
2. "al"#lates !$% tet P 6K:F2 )!"#tet SS*: SS*:lengt5 40O 2CO+ !&% tet P EoL=@F)!$% tet %on"e S%on"e M< r
MVs M< r+ !&% tet gives %'% tet )#se for essage a#t5enti"ation in 4=&ay
5an+ ()'tet P M<)%'% tet p#li" info+
3. if )()'tetPP()'ca*tured+ o#tp#t !"#tet as t5e pass&or g#esselse go to 1.
&hi *art ilo+
![Page 16: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/16.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 16/24
1O
Speeing #p t5e i"tionaryatta"'re="op#te t5e slo& part )efore atta"'ing+ an re=
#se against any net&or'sSK test P 6K:F2 )$:test SS*: SS*:lengt5 40O 2CO+Hserve not5ing spe"i9" ao#t t5e "#rrent session
$5ere "an t5e atta"'er re=#se t5e pre="op#te ataT$it5 net&or's s5aring t5e sae SS*:
Qo& #"5 ata t5e atta"'er 5as to storeT*t epens on t5e "on"rete atta"' ipleentation an
targete s#""ess proailityE.g. 100.000.000 pass&ors of average lengt5 10 "5ars
)letters an n#ers+ =Y 2326 i.e. ao#t 4W6
![Page 17: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/17.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 17/24
1G
Se"#ring against t5e i"tionaryatta"'s ;o se"#re yo#r net&or' against t5ese pre="op#te
i"tionaries a'e s#re t5at Zo#r SS*: is #ni#e )oes not appear in t5e eisting
tales+
Zo#r $: is strong eno#g5 )s#["iently long an rano!=+
![Page 18: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/18.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 18/24
-#lnerailities of enterprisenet&or's
ssele fro ierent so#r"es! $al'er
Le5ere 6#ttyan ...
![Page 19: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/19.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 19/24
1
#tenti9'a"ijs'i oel *EEE702.1A # $iFi
ort=ase %et&or' ""ess <ontrolD Moilni 'lijent Ba5tijeva prist#p #sl#gaa )eli se spojiti na
re#+D 'ontrolira prist#p #sl#gaa )'ontrolirani port+D #tenti9'a"ijs'i server )S+
•
Moilni 'lijent i S se e#sono a#tenti9"iraj#• S inforira a oe otvoriti 'ontrolirani port oilno
&obini kijent
AP
-A/(Internet)
A'tentiikacijskiserer
ontroiranport
!obodan(otoren) port
![Page 20: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/20.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 20/24
20
Hpera"ijs'e faBe *EEE 702.11i
&obini kijent (&) Prist'pna toka (AP) A'tentikacijski serer (A!)
tkrianje si#'rnosni
'nkcionanosti
;istrib'cija P& kj'a(npr. p'te3 RA;I<!%a)
9a:tita podataka(TIP" CC&P,AE!)
Re='tat> & i A!%#eneriraj' &aster e* (&)%i=ed' Pair7ise & (P&)
802.1+ a'tentiikacija
Re='tat> & i AP
%projere P&%i=ed' Pai7ise Transient e* (PT)%PT e=an '= o1aj & i o1' AP
802.1+ ke* 3ana#e3ent
<<M P <o#nter=Moe / <ip5er 6lo"' <5ainingMessage #t5enti"ation <oe roto"ol ase on
![Page 21: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/21.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 21/24
;#nnele ;LS over Etensile #t5enti"ation roto"ol )E= ;;LS+rovies prote"tion for initial a#t5enti"ation essages )plaintet
pass&ors e.g. #se y FES6+
21
Eaple! FES6 $iFi )E=;;LSan +
&obini kijent (&) Prist'pna toka (AP) A'tentiikacijskiserer (A!)
TT-! serer
Estabisin# an a'tentication T-! t'nne
T-! protected a'tentication
?%%no tr'st%%@ ?%%tr'st%%@ ?%%tr'st%%@
?%%%%%%%%%%%certiicate%%%%%%%%%%@
W-A/ 3astersession ke*
A'tentication
;ata traic
on sec'red ink
![Page 22: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/22.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 22/24
-aliation of t5e a#t5enti"ation server ase on "erti9"atevaliation ;r#ste iss#ing a#t5ority at"5ing "erti9"ate o&nerVs <oon
%ae )<%+
Many E )E=;;LS+ eployents fail to properly eployMali"io#s a#t5enti"ation server gains a""ess to inner a#t5enti"ation
et5osE! MS=<Qv2 ;;LS! MS=<Qv2 <Q et".
22
Eaple! FES6 $iFi )E=;;LSan +
&obini kijent (&) Prist'pna toka (AP) TT-! serer
Estabisin# an a'tentication T-! t'nne7it te ro#'e A't!r
T-! protected inner a'tentication
?%%no tr'st%%@ ?%%tr'st%%@ ?%%tr'st%%@
Record session
controlled by te !tt!c"er (Ro#$e AP)
![Page 23: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/23.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 23/24
PEAP: Pwned Extensible AuthenticationProtocol y \os5#a $rig5t an 6ra ntonie&i"BS5oo<on 2007
23
Qo& to set properly set#p E=li'e a#t5enti"ation et5os
![Page 24: Lecture_7](https://reader034.vdocuments.site/reader034/viewer/2022052510/5695d0201a28ab9b0291120d/html5/thumbnails/24.jpg)
7/21/2019 Lecture_7
http://slidepdf.com/reader/full/lecture7-56d9ec35e9258 24/24
stanar t5at attepts to allo& easy estalis5entof a se"#re &ireless 5oe net&or'
;5e stanar allo&s fo#r #sage oes aie at a 5oenet&or' #ser aing a ne& evi"e to t5e net&or'!*% Met5o )e.g. enter t5e *% on into t5e "lient+
#s5=6#tton=Met5o )a #ser si#ltaneo#sly p#s5es a #tton on t5e ant5e "lient+%ear=Fiel=<o#ni"ation Met5o )ring t5e "lient "lose to t5e +US6 Met5o
*n :e"eer 2011 resear"5er Stefan -ie5]"' reporte a esign anipleentation 8a& t5at a'es r#te=for"e atta"'s against *%=ase
$S feasile to perfor on $S=enale $i=Fi net&or's s#""essf#l atta"' on $S allo&s #na#t5oriBe parties to gain a""ess to t5e
net&or'
&he only eectie +orkaround i to diable "!$
)m*oible on ome ! 24
$i=Fi rote"te Set#p )$S+*nse"#rities )5oe nets again+