CISCO.pdf - Wireless LAN Security Chris Johnson CSE - Cisco...

This preview shows page 1 out of 40 pages.

Unformatted text preview: Wireless LAN Security Chris Johnson – CSE - Cisco Federal [email protected] - 703 484 5661 Course Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 1 Agenda • 802.11 Standards • WLAN Security Solutions • WLAN Design Concepts • Conclusion Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 2 WLAN – Changing how we Work, Live Play and, Learn In-Building Wireless LANs Campus Networking Public Access Hot Spots Home Networking Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 3 Comparing 802.11 Standards • 802.11b • 802.11a • 802.11g 2.4Ghz 5 Ghz 2.4Ghz 11Mb (auto stepdown) 54Mb (auto stepdown) 54 Mb (auto stepdown) Available today Available today Ratified June 2003 WiFi Interoperability WiFi Interoperability Compatible w/802.11b Security – WEP, WPA 802.11i (Q12004) Security – WEP, WPA Security – WEP, WPA 802.11i (Q1 2004) 802.11i (Q1 2004) • Cisco Aironet 340/350/1100/1200 Aironet 340/350 Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. Cisco Products – Q4CY03 • Cisco Aironet 1200 Aironet 1200 Cisco Aironet 1200, 1100 Aironet 1100 4 WLAN Security Overview & Directions • Network Security • WLAN Security Issues • WLAN Security Components • IPSec WLANs Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 5 WLAN Security is not an End Point It’s a Journey! • There are solutions to today’s threats • There will be threats to today’s solutions • Many security issues can be resolved by awareness, good implementation & good design Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 6 Key Components of a Secure Network Wired or Wireless Secure Connectivity VPN Tunneling Encryption Perimeter Security ACLs Firewalls Security Monitoring Intrusion Detection Scanning Identity Security Management Authentication Policy Mgmt Digital Certificates Device Mgmt Directory Svcs WLAN Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 7 802.11 WLAN Security Issues • Authentication • Data Privacy Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 8 IEEE 802.11 Security – Authentication (Pre WPA) • Open – No Authentication Issue – Anyone can be authenticated • Shared – Use WEP Key to encrypt AP Challenge Issue – Easy to determine WEP Key • Assumed Authentication Methods - SSID, MAC Address Issue – SSID – Association, never intended for security Issue – MAC – Sent in clear, very easily spoofed • Published Papers – University of Maryland, April 2001 Wireless LAN (WLAN) Client Presentation_ID Wired LAN Access Point (AP) © 2001, Cisco Systems, Inc. All rights reserved. 9 IEEE 802.11 Security – Data Privacy (Pre WPA) • Wired Equivalency Privacy Based on RC4 Algorithm (good algorithm) Weak Implementation (Weak IV, IV sent in clear, common WEP key • Issues (Based on WEP implementation) Weak IV – FMS Paper, July 2001 Key Derivation via monitoring - AirSnort Key Derivation via bit flipping – UC Berkley, Feb. 2001 IV & WEP Key Replay Attack - DoS, knowing IV & WEP No Key Management – Lends to invasion WiFi Interoperability Certification – 40 bit only Wireless LAN (WLAN) WEP Client Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. Access Point (AP) Wired LAN 10 WLAN Security Components (WPA & 802.11i) • Authentication Framework (802.1X) • Authentication Algorithm (EAP) • Data Encryption Algorithm (TKIP, AES) Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 11 WLAN Security Standards • IEEE 802.11 TGi - Proposed Standard 802.11i IEEE Task Group focused on WLAN Security Improvement Enhancement Proposed - 802.1X, EAP, TKIP, MIC, AES Expected Ratification – Q4CY03 • WECA – Wireless Ethernet Compatibility Alliance “Compatibility “Seal of Approval” WiFi Interoperability “WiFi” – WLAN Interoperability CY2000 WiFi Protected Access (WPA) – 802.1X, EAP, TKIP, MIC Accepted January 2003, Testing started February 2003 • FIPS – Federal Information Processing Standard Not specific for WLAN but does have implications for encrypting data sent over WLANs Regulated by NIST - Federal WLAN Guide Presentation_ID 12 © 2001, Cisco Systems, Inc. All rights reserved. FIPS Certification & Standards Implementation • What FIPS 140-1/2 does: Certification of Encryption Algorithm(s) & Modes DES, 3DES, AES – only certain modes of these algorithms • What FIPS 140-1/2 does not do: Certification of implementation standards (ie IEEE or IETF) • Therefore proprietary FIPS approved solutions exist FIPS Certified IPSec and 802.11i (when ratified) solutions offer open standards based, government certified solutions WPA probably will never be FIPS certified Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 13 802.1X Authentication Process AP Client Start Request Identity Identity Auth. Server AP Blocks All Requests Until Authentication Completes Identity RADIUS Server Authenticates Client EAP Authentication Algorithm Derive Key Client Authenticates RADIUS Server Broadcast Key Key Length Derive Key AP Sends Client Broadcast Key, Encrypted With Session Key WEP Key never sent over the wire, derived by end station & Authentication server Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 14 802.11i & WPA Encryption Algorithms • Static WEP – Not recommended (especially for Enterprise Configurations) • Dynamic WEP - Hardened WEP Session Keys - WPA Temporal Key Integrity Protocol (TKIP) - Reduce IV attack, strengthen key integrity Message Integrity Check (MIC) - Prevent Replay attack, authenticity of frame • Alternative to WEP-RC4 – 802.11i Advanced Encryption Standard (AES) - As strong as 3DES, faster computation, FIPS 140-2 direction (NIST & IEEE) - Currently DES nor 3DES supported as a data privacy algorithm in any 802.11 direction Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 15 IPSec WLAN Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 16 IPSec VPN Base Network CiscoSecure VPN Client DHCP WLAN Encrypted IP VPN Concentrator • End to End security IPSec VPN – Layer 3 – Client to Concentrator Haul back to Central Point of Data Privacy Stronger Data Encryption (3DES, AES) – today Standards based – RFC 2401 Can be implemented on top of Layer 2 WLAN Part of a Defense in Depth approach Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 17 Additional benefits of IPSec VPNs • Can be used for wired & wireless Remote Access (Cable) Dial-In (RAS) Traffic separation (Communities of Interests) • Same software for wired & wireless Usability, Support, Cost benefits Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 18 WLAN Design Concepts Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 19 Design Security Reducing Bandwidth Coverage 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps 5.5 Mbps 5.5 Mbps 5.5 Mbps 5.5 Mbps 5.5 Mbps 11 Mbps 11 Mbps 11 Mbps 11 Mbps 11 Mbps 11 Mbps 11 Mbps 11 Mbps 11 Mbps 11 Mbps 5.5 Mbps 5.5 Mbps 5.5 Mbps 5.5 Mbps 5.5 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps 2 Mbps - 11 Mbps connections only (or on edges of perimeter only) - Can also reduce the radio power to reduce coverage area Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 20 OSI Layer & WLAN Security Application User ID Password Presentation Session ACLs Transport • IPSec – Network Layer IETF Standards (RFC 2401) IP URL Filtering SSL DES, 3DES, AES • WLAN – Data Link IEEE Standards (802.11) ACLs Network Ethernet ACLs Data Link WEP (RC4) Physical WEP “Alternative” (AES) Lends to Defense in Depth Approach Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 21 Conceptual View Configuration A Configuration B Security Enclave DISA Security Enclave DISA Base Base Hangar WLAN(s) WLAN Security Enclave Base WLAN(s) Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. WLAN Security Enclave Conf Room WLAN(s) Other WLAN(s) 22 WLAN Security Enclave External Authentication Server (Optional) WLAN Security Enclave VPN Concentrator Firewall IDS Network Control Center Authentication Server L3 Switch Backbone Network WLAN VLAN Wired VLANs Bldg1 WLSE Bldg2 Management Console ACS, WLSE & IDS WLAN Presentation_ID Wired Users © 2001, Cisco Systems, Inc. All rights reserved. WLAN Wired Users 23 802.11 Wireless Mobility VLAN 100 Wired Users VLAN 200 ROAM AP 100.100.100.0 – WLAN 200.200.200.0 - Wired Bldg1 Backbone Bldg2 100.100.101.0 – WLAN 200.200.201.0 - Wired Hangars 100.100.102.0 – WLAN 100.100.103.0 - WLAN 200.200.202.0 - Wired AP – VLAN 103 Bldg3 Wired Users VLAN 201 ROAM VLAN 101 Conference Rooms ROAM AP – VLAN 102 ROAM Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. Bldg4 Wired Users VLAN 202 Bldg6 Bldg5 24 Wireless IPSec VPN Concentrator WIN CE Based Scanner WLAN Client VPN Client Network Control Center ec S IP IP Se c ec IPS AP WEP WLAN Security Enclave Bldg1 Backbone Bldg3 Bldg2 Hardware VPN Client Laptop WLAN Client VPN Client WEP Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. AP AP MS-DOS Based Scanner WLAN Client No VPN Client WEP 25 802.11i with AES Design 802.11i w/AES NCC WIN CE Based Scanner WLAN Client EUB 802.11i - AES nel Tun ec AP IPS WLAN Security Enclave - 802.1X & EAP Authentication - AES IPsec From End User Buildings to Security Enclave Protection from other Base Traffic ITN Wireless VLAN back to Security enclave Laptop WLAN Client EUB EUB MS-DOS Based Scanner WLAN Client 802.11i - AES Presentation_ID AP © 2001, Cisco Systems, Inc. All rights reserved. AP 802.11i - AES 26 Different Users, Different Access – Common WLAN Cisco Secure ACS 3.1 Authentication via EAP for all users • Group 1 (Internal WLAN Users) IPSec VPN, Dynamic WEP, VLAN 100 • Group 2 (Scanner & Special Applications) No VPN, Dynamic WEP, VLAN 200 • Group 3 (Visiting Users) EAP (guest access or registration), No VPN, Internet Access ONLY, VLAN 300 Developer V Int LAN er 10 na l_V 0 LA N VLAN 200 Special Apps_VLAN 00 3 AN AN VL t_VL es Gu Si Guest or Contractor Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 27 Conclusion Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 28 Recommendations for WLAN Security • Change product defaults Unique SSID, turn off SSID broadcast, WEP Key (128 bit), userid/password on AP • Tie WLAN into your Organizational Security Policy • Site Survey – Know your environment, understand your implementation and goals Antennas Types, Association Parameters (Data Rate, Power, MAC Address), AP Placement • Separate network for WLAN Firewall and IDS before entering private LAN, separate infrastucture or VLAN & IP Addresses. • Defense in Depth Approach Layer 2 – WPA, 802.11i, Layer 3 – VPNs Boundary Protection – IDS, Firewalls Interoperability - Standards based, FIPS-140 Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 29 Conclusion • Wireless is here to stay Enables new applications, new enterprise • Security not just a WLAN issue – a Network issue Treat the network as an untrusted network and secure appropriately • WLAN can be extremely secure No quick fixes – planning and design Solutions to address security are available today and will continue to evolve Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 30 Cisco WLAN Security Links • Cisco WLAN Security website • Cisco Wireless Security Suite software downloading instructions • SAFE: Wireless LAN Security in Depth • Cisco Mobile Office: At Work (Click on - Technology Overview) Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 31 Chris Johnson – CSE - Cisco Federal [email protected] - 703 484 5661 3702_10_2001_c1 © 2001, Cisco Systems, Inc. 32 Other IEEE 802.11 Standard Activities • 802.11a—5 GHz, ratified in 1999 • 802.11b—11Mb 2.4 GHz, ratified in 1999 • 802.11g—Higher Datarate at 2.4 GHz • 802.11e—Quality of Service • 802.11f—Inter-Access Point Protocol (IAPP) • 802.11h—Dynamic Channel Selection and Transmit Power Control mechanisms • 802.11i—Authentication and Security Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 33 802.1X & EAP • 802.1X – IEEE Authentication Framework Originally designed for wired networks, used (natively) for WLAN Supplicant – Client (software on mobile device) Authenticator – AP Authentication Server – RADIUS • EAP – Authentication Protocol (RFC2284) Works inside the 802.1X Authentication Framework 802.11i does not stipulate any authentication algorithm Cisco EAP, EAP-TLS, EAP-SIM (GSM), PEAP (Hybrid), Others • EAP – Mutual Authentication WLAN authenticates the client, client authenticates the WLAN Dynamic WEP Key Generation Unique WEP Key per authenticated user Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 34 WLAN Data Transmission • Dynamic Session Key Used for encryption of data, unique to each authenticated user Derived independently by client and authentication server Session key sent to AP over wired network Session Key never sent over wireless network Timeout & renegotiate session keys – Cisco Value Add - Optional but recommended (hourly good idea) Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 35 802.11, WPA, 802.11i Comparison Feature Authentication Open Authentication Shared Authentication 802.1X EAP WEP 40/128bit Dynamic Encryption Key WEP-TKIP (128 Bit) MIC AES Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. Encryption Comments 802.11 3 3 3 3 802.11 WPA/802.11i WPA/802.11i 3 3 3 3 3 802.11/WiFi WPA/802.11i WPA/802.11i WPA/802.11i 802.11i 36 Additional Cisco Value Add Features AP Authentication – Rogue Access Point Detection Wired Network Per-packet hashing – Change WEP key per packet Broadcast key rotation – Change WEP Key for broadcast and multicast Publicly Secure Packet Forwarding (PSPF) – Prevent client to client communication in a WLAN Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. PSPF 37 IPSec VPN Design Ideas • “Dummy” network – WLAN Unique IP address range (ie 10.0.0.0) Not routed outside WLAN perimeter Only devices on network are APs 10.0.0.0 Routes WLAN VPN 168.94.100.0 WLAN 10.0.0.0 ec Client assigned valid IP address (in IPSec tunnel) Special IP range just for WLAN users (ie 168.94.100.0/24) Corporate 168.94.0.0 IPS • After VPN Authentication VPN Concentrator WLAN IP 10.1.1.1 VPN IP 168.94.100.1 AP WEP Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. 38 Initial IEEE 802.11 Security – Data Privacy How 802.11 WEP Encryption Works Random Number Generator (24 bits) 24 bits Initialization Vector 24 bits Seed RC4 40 or 104 bits WEP Encrypted Payload And ICV WEP Key CRC-32 Frame Payload Presentation_ID MAC Addresses In the clear IV In the clear CRC-32 ICV © 2001, Cisco Systems, Inc. All rights reserved. 39 802.11i Encryption Algorithms IV PLAINTEXT DATA BASE KEY HASH • Hardening WEP IV Temporal Key Integrity Protocol (TKIP) -Prevent Replay attack, authenticity of frame RC4 © 2001, Cisco Systems, Inc. All rights reserved. STREAM CIPHER WEP Frame - No MIC DA SA MIC WEP Frame - MIC Presentation_ID CIPHERTEXT DATA XOR PACKET KEY - Stronger keys, reduce IV attack, rotation of keys Message Integrity Check (MIC) TKIP IV Data ICV WEP Encrypted DA SA IV Data SEQ WEP Encrypted MIC ICV 40 ...
View Full Document

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture