Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Wireless Security"

From NetSec
Jump to: navigation, search
(Authentication)
(Encryption)
 
(2 intermediate revisions by one other user not shown)
Line 27: Line 27:
  
 
==Encryption==
 
==Encryption==
[[Encryption]] is an important part of good wireless security, though not to say that it can't be broken. A strong encryption standard, matched with a strong encryption key, can help stop all but the most dedicated of users. There are many forms of encryption, but we're going to deal specifically with the [[Layer_2|Layer 2]] and [[Layer_3|Layer 3]] encryption methods. The most common encryption methods today are WEP, WPAv1, and WPAv2.
+
[[Cryptography|Encryption]] is an important part of good wireless security, though not to say that it can't be broken. A strong encryption standard, matched with a strong encryption key, can help stop all but the most dedicated of users. There are many forms of encryption, but we're going to deal specifically with the [[Layer_2|Layer 2]] and [[Layer_3|Layer 3]] encryption methods. The most common encryption methods today are WEP, WPAv1, and WPAv2.
  
 
===Wired Equivalent Privacy (WEP)===
 
===Wired Equivalent Privacy (WEP)===
Line 51: Line 51:
  
 
WPA2 supports both TKIP and CCMP, with implementation of CCMP being mandatory. CCMP stands for the Counter Cipher Mode with Block Chaining Message Authentication Code Protocol, but you'll never need to remember that. CCMP is based on AES processing, using a 128-bit key with a 128-bit block size.  When the pass phrase is sufficiently unique, brute-forcing may be extremely difficult, though not impossible.
 
WPA2 supports both TKIP and CCMP, with implementation of CCMP being mandatory. CCMP stands for the Counter Cipher Mode with Block Chaining Message Authentication Code Protocol, but you'll never need to remember that. CCMP is based on AES processing, using a 128-bit key with a 128-bit block size.  When the pass phrase is sufficiently unique, brute-forcing may be extremely difficult, though not impossible.
 
===PSK vs SKA===
 
Pre-shared Keys (PSK) provide a much better security than previous Shared-Key authentication (SKA) methods. A PSK uses a four-way handshake to establish a Pairwise Transient Key (PTK). The PTK is a concatenation of the Pairwise Master Key (PMK), the AP [[nonce]], the client nonce, the AP [[MAC]] address, and the client [[MAC]] address, which is then run through a cryptographic hashing function. The PMK is the shared secret key necessary for decryption of network traffic, and is exchanged as little as possible.
 
 
Shared Key Authentication (SKA) is a symmetric-key algorithm, meaning it uses the same key for both encryption of the plaintext, as well as decryption of the ciphertext. This shared secret between parties is extremely susceptible to [[MITM|Man in the Middle]] attacks.
 
  
 
===Wi-Fi Protected Setup===
 
===Wi-Fi Protected Setup===
Line 67: Line 62:
  
 
{{Protip|Turn WPS off on all of your new home routers.}}
 
{{Protip|Turn WPS off on all of your new home routers.}}
 +
 +
===PSK vs SKA===
 +
Pre-shared Keys (PSK) provide a much better security than previous Shared-Key authentication (SKA) methods. A PSK uses a four-way handshake to establish a Pairwise Transient Key (PTK). The PTK is a concatenation of the Pairwise Master Key (PMK), the AP [[nonce]], the client nonce, the AP [[MAC]] address, and the client [[MAC]] address, which is then run through a cryptographic hashing function. The PMK is the shared secret key necessary for decryption of network traffic, and is exchanged as little as possible.
 +
 +
Shared Key Authentication (SKA) is a symmetric-key algorithm, meaning it uses the same key for both encryption of the plaintext, as well as decryption of the ciphertext. This shared secret between parties is extremely susceptible to [[MITM_attack|Man in the Middle]] attacks.
  
 
==RADIUS==
 
==RADIUS==

Latest revision as of 07:06, 26 May 2012

Wireless networks, and in turn, wireless security, play a vital role in today's society. More and more businesses are turning to wireless networks (IEEE 802.11) over the traditional ethernet networks (IEEE 802.3). Wireless networks add not only a convenience that wasn't there before, but also a whole array of vulnerabilities.

Basics

Infrastructure vs Adhoc

There are two main types of wireless networks. The first, Ad-hoc (IBSS) is a form of peer-to-peer (p2p) wireless networking that relies only on the wireless interfaces of the devices connected to the network. Ad-hoc, because of its p2p nature, is slower and often insecure. Ad-hoc networks allow all devices to connect to each other equally, so they often don't scale well. The other, Infrastructure (BSS or ESS), relies on an access point as a central connection point. The wireless access point (AP) allows wireless devices to connect to a wired network. APs are usually connected to a router, though are more often part of the router itself now.

Infrastructure has many clear advantages, including but not limited to the ability to scale to large sizes through the addition of new access points, the ability to offer a secure authentication service before allowing a user to connect, and the ability to include a hardware firewall. Many home routers today come with firewalls, access points, and even basic access control, as well as supporting a number of authentication/encryption possibilities.

Frames

Coming shortly...

Attack Vectors

Wireless Packet Sniffing, Beacon Injection, and encryption cracking are some of the most basic wireless exploitation vectors.

Contrary to popular belief, wireless penetration is unbelievably simple. Whether a network uses WPA or WEP, an attacker finds it rather simple to crack large wireless networks. The first method of cracking into a network is device driver and hardware level exploitation. These are exploitation vectors which refer to vulnerabilities in device drivers and physical hardware in popular wireless cards, such as the Broadcom, Apple Airport, and Centrino wireless cards. Buffer overflows and frame parsing errors plague the hardware and software supporting these wireless cards and allow for what is called kernel-mode remote code execution. This is why wireless networks are dangerous liabilities for corporations.

Wireless Sniffing

Wireless sniffing also plagues wireless networks and is less difficult than sniffing wired networks. The reason that it is so easy to sniff out traffic on a wireless network is because an attacker can simply switch his wireless card into monitor mode and view all wireless data being transmitted at the physical device layer. This is equivalent to turning the receiver portion of the card on and then receiving all transmissions.

Beacon Injection

Another danger of wireless networks is what is referred to as “Beacon Injection”, which refers to a wireless hardware level MITM attack. The way the 802.11 protocol works, an access point is constantly broadcasting beacon packets at a particular interval, disclosing MAC address, channel and frequency, as well as the SSID of the access point. An attacker can transmit his or her own beacon packets, with the same SSID as the target access point however using his or her own MAC address, then use a MIMO (multiple input/multiple output) card to bridge the connection into the target access point. The result of this attack vector is the victim machine connecting to and believing that the attacker machine is the access point, and transmitting all data to the attacker’s machine rather than to the access point, while the attacker forwards the traffic to the real access point, recording all sensitive victim data.

Encryption Cracking

WEP and WPA cracking is a very simple exploitation vector. Using kismet or airsnort an attacker can change his or her wireless card over to monitor mode and begin recording encrypted packets. Because of modern-day protocols, the encryption type is publically viewable.

Using kismet and airsnort in combination with aircrack, once an attacker is recording wireless traffic, cracking the key is only a matter of time. Given enough packets, the key could be cracked in less than a minute. This is another reason that wireless networks should never be trusted for sensitive data.

Encryption

Encryption is an important part of good wireless security, though not to say that it can't be broken. A strong encryption standard, matched with a strong encryption key, can help stop all but the most dedicated of users. There are many forms of encryption, but we're going to deal specifically with the Layer 2 and Layer 3 encryption methods. The most common encryption methods today are WEP, WPAv1, and WPAv2.

Wired Equivalent Privacy (WEP)

WEP - to be blunt but fair - is outdated and offers only minor security for wireless networks against an intruder. Although there still might be residential wireless networks that use WEP, major networks will most likely have more secure measures of protection.

There are two main methods of authentication that can be used with WEP: Open System authentication and Shared Key authentication.

Open System is as bad (or as good) as it sounds, meaning there are no credentials required for authentication at the access point. This means that absolutely anyone in range can use it.

Shared Key authentication requires a four way handshake to occur for the client authentication;

  • The client sends a request to the access point
  • The access point responds with a clear text challenge
  • The client then responds with another request using the configured key
  • The access point then deciphers the key and if the text matches the challenge access is granted.

Wi-Fi Protected Access Version 1

Wi-Fi Protected Access (WPAv1) is simply a software and firmware improvement over WEP, meaning that all wireless network interface cards that support WEP also support WPAv1. Access Points needed more rigorous upgrades though, and weren't able to be upgraded to support WPA. WPAv1 is based on the 802.11i security standard, developed by the IEEE.

WPA uses the Temporal Key Integrity Protocol (TKIP), which is based on the WEP method of encryption, with a few minor upgrades. WEP used a 40-bit or 104-bit encryption key, which, after being entered, never changed. TKIP, on the other hand, generates a new 128-bit key for each packet, preventing the WEP attack from working on WPAv1.

Wi-Fi Protected Access Version 2

Replacing WPA & WEP, WPA2 is probably the most common security found on wireless networks. WPA2-PSK(Pre-shared key) is used for personal / residential wireless networks and can be problematic to crack. Each device on the wireless network authenticates with the access point using a key generated from a 256 bit encryption.

WPA2 supports both TKIP and CCMP, with implementation of CCMP being mandatory. CCMP stands for the Counter Cipher Mode with Block Chaining Message Authentication Code Protocol, but you'll never need to remember that. CCMP is based on AES processing, using a 128-bit key with a 128-bit block size. When the pass phrase is sufficiently unique, brute-forcing may be extremely difficult, though not impossible.

Wi-Fi Protected Setup

Wi-Fi Protected Setup (WPS) was originally intended to allow easy establishment of a secure wireless home network for users who were generally overwhelmed by the available security options. WPS was designed so that you wouldn't have to put in a long passphrase on each client in order to connect it. There are four methods of adding a device to the network using WPS:

  1. PIN Method, using a PIN either read from a sticker on the access point, or the display of the web interface. This method is a mandatory minimum for every WPS certified product.
  2. Push-Button Method, where a user simply has to push a button on both the access point and the new client, and a connection will be made.
  3. Near-Field-Communication Method, in which the user only has to bring a new client close to the access point, and NFC will set up the connection.
  4. USB Method is where a user uses a USB drive to transfer data between the access point and the new client. This method is optional, but deprecated.

WPS has been shown to easily fall to brute force attacks. A security flaw allows an attacker to recover the PIN, and with it, the WPA/WPA2 PSK in only a few hours. As if this wasn't bad enough, most home routers come with WPS enabled by default. This makes networks encryption, no matter how strong a key, a joke.


Protip: Turn WPS off on all of your new home routers.


PSK vs SKA

Pre-shared Keys (PSK) provide a much better security than previous Shared-Key authentication (SKA) methods. A PSK uses a four-way handshake to establish a Pairwise Transient Key (PTK). The PTK is a concatenation of the Pairwise Master Key (PMK), the AP nonce, the client nonce, the AP MAC address, and the client MAC address, which is then run through a cryptographic hashing function. The PMK is the shared secret key necessary for decryption of network traffic, and is exchanged as little as possible.

Shared Key Authentication (SKA) is a symmetric-key algorithm, meaning it uses the same key for both encryption of the plaintext, as well as decryption of the ciphertext. This shared secret between parties is extremely susceptible to Man in the Middle attacks.

RADIUS

Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides a centralized Authentication, Authorization, and Accounting management platform. RADIUS is a client/server protocol that runs in the application layer, using UDP transport.

Using RADIUS, a user sends a request to the remote access server (RAS) in order to gain access to a network using access credentials (typically a username/password combination). The RAS sends an Access Request message to the RADIUS server. The RADIUS server will then return one of three responses.

  • Access Reject - The user is denied access to all network resources.
    • Failed to provide authentication
    • Unknown or inactive user
  • Access Challenge - The user is required to provide additional information.
    • Secondary Password
    • Pin
  • Access Accept - The user is granted access, and authorization attributes are conveyed to the RAS, stipulating terms of access.

Authentication

Authentication, simply put, is the act of verifying that you are who you say you are. The three basic forms of authentication are:

  • Something you are
  • Something you have
  • Something you know

Digitally, authentication is usually confirmed using passwords, one-time tokens, or digital certificates. To put this in the three basic forms of authentication:

  • Passwords are something you know
  • One-time tokens are something you have
  • Digital Certificates are something you are.

Note:Authentication is not to be confused with authorization.

Authorization

Authorization determines whether or not an entity is allowed to perform an action. In RADIUS, authorization is a function of the authentication process.

Authorization attributes in RADIUS generally include:

  • The IP address to be assigned to the user
  • Maximum time that the user can be connected
  • An access list
  • Quality of Service parameters (QoS)

Accounting

Accounting, in wireless networking, simply refers to the tracking of network resource consumption by users. It's most commonly used for billing purposes, by keeping track of how long a user is connected.

RADIUS sends an Accounting Start record immediately after the authorization acceptance is sent. This signals the start of the user's network access. Periodically, Interim Update records are sent, updating the RADIUS server about the status of an active session. When the user's network access is closed, an Accounting Stop record is sent, telling the RADIUS server various information about the network session that just ended.

Tools