Wireless Encryptions

20 12 2008

Wireless Encryptions

    • - See page 13 and pg 28 for pics ( Acsac.org )

      - WEP uses 40-bit RC4 encryption

      - uses 64 or 128-bit encryption keys

      - WEP key is static

      - RC4 is a stream cipher commonly used by SSL

      - WEP is already cracked (in Feb 2001 ) by Scott Fluhrer, Mantin, Shamir

      - Those exploit scripts was posted around Aug 2001 by someone

      - WEP keys can be reversed in as little as 15 minutes ( Jerry Wang )
      - the 24-bit IV (initialization vector) is used by 64-bit and 128-bit keys

      - short IV subjectto brute force attacks

      - subject to man-in-the-middle attacks

      - the message can be modified

      - no user authentication

      - no key management

      - See page 13 and pg 28 for pic Acsac.org )

      - initially referred to as WEP2

      - uses 48bit Initialzation Vector

      - starts with a shared 128-bit key among clients and access points

      - combines the temporal key with the client’s MAC address

      - adds a relatively large 16-octet initialization vector

      - still uses the RC4 to perform the encryption

      - changes temporal keys every 10,000 packets

      EAP-MD0n login and passwd

      EAP-Cisco ( LEAP ) uses MS-CHAPv1 w/ known vulnerabilities

      EAP-TLS uses X.509 digital certificates

      EAP-TTLS ( PEAP ) alternative to EAP-TLS

      - up to 256-bit encryption keys

      - WPA key is dynamic, changes every 50min on linksys

      - WPA-Personal mode, aka Pre-Shared Key (WPA-PSK)

      - WPA-Enterprise mode, aka WPA-RADIUS

      - WPA automatically generates a new unique encryption key periodically for each client

      - uses temporal keys ( TKIP )

      - user authentication ( Radius, LDAP )

      - Supports MIC – Message integrity code – 64-bit cryptographic tag
      - WPA2 uses AES instead of RC4

    • WEP – Wired Equivalent Privacy (WEP) algorithm

    TKIP – Temporal Key Integrity Protocol (replaces WEP )

    AES – Advanced Encryption Standard (to replace TKIP )

    EAP – Extensible Authentication Protocol ( RFC-2284 )

    WPA – Wi-Fi Protected Access ( Wi-Fi.org )

    MIC – Message Integrity Check ( aka Michael )

    SSN – Simple Secure Networks

    RSA/HiFn – proposal include Ron Rivest

WEP Example Key

      • WEPkey = Bits[0-N](SHA1(M | yyyymmddhhmmss))
        WEPkey = Bits[0-N](SHA1(M | Sender’s address | yyyymmddhhmmss))

      • Change your key often to minimize WEP vulnerabilities

      In WF1 the 802.11 WEP keys would be changed many times each hour, say

      every 10 minutes. A parameter, P , determines how many time per hour

      the key is to be changed, where P must divide 3600 evenly. The WEP

      keys are derived from a master key, M, by taking the low order N

      bits (N = 40, 104, whatever) of the SHA1 hash of the master key with

      the date and time (UTC) of the key change appended.

      WF1 – WEP fix-1

      WF2 – WEP fix-2

    • WlanResearch.com Cisco LEAP vs IPSec VPN

    Mail-Archive.com

« »


Actions

Information

One response

21 12 2008
tutos Linux (02:47:45) :

security it’s very important
Tutos Linux

Reply

Leave a comment