Transcription
Wireless LAN SecurityChris Johnson – CSE - Cisco Federalchrisj@cisco.com - 703 484 5661Course NumberPresentation ID 2001, Cisco Systems, Inc. All rights reserved.1
Agenda 802.11 Standards WLAN Security Solutions WLAN Design Concepts ConclusionPresentation ID 2001, Cisco Systems, Inc. All rights reserved.2
WLAN –Changing how we Work, Live Play and, LearnIn-Building Wireless LANsCampus NetworkingPublic Access Hot SpotsHome NetworkingPresentation ID 2001, Cisco Systems, Inc. All rights reserved.3
Comparing 802.11 Standards 802.11b 802.11a 802.11g2.4Ghz5 Ghz2.4Ghz11Mb (auto stepdown)54Mb (auto stepdown) 54 Mb (auto stepdown)Available todayAvailable todayRatified June 2003WiFi InteroperabilityWiFi InteroperabilityCompatible w/802.11bSecurity – WEP, WPA802.11i (Q12004)Security – WEP, WPA Security – WEP, WPA802.11i (Q1 2004)802.11i (Q1 2004) Cisco Aironet340/350/1100/1200Aironet 340/350Presentation ID 2001, Cisco Systems, Inc. All rights reserved.Cisco Products – Q4CY03 Cisco Aironet 1200Aironet 1200Cisco Aironet 1200, 1100Aironet 11004
WLAN Security Overview & Directions Network Security WLAN Security Issues WLAN Security Components IPSec WLANsPresentation ID 2001, Cisco Systems, Inc. All rights reserved.5
WLAN Security is not an End PointIt’s a Journey! There are solutions totoday’s threats There will be threats totoday’s solutions Many security issuescan be resolved byawareness, goodimplementation & gooddesignPresentation ID 2001, Cisco Systems, Inc. All rights reserved.6
Key Components of a Secure NetworkWired or usion icationPolicy MgmtDigital Certificates Device MgmtDirectory SvcsWLANPresentation ID 2001, Cisco Systems, Inc. All rights reserved.7
802.11 WLAN Security Issues Authentication Data PrivacyPresentation ID 2001, Cisco Systems, Inc. All rights reserved.8
IEEE 802.11 Security – Authentication(Pre WPA) Open – No AuthenticationIssue – Anyone can be authenticated Shared – Use WEP Key to encrypt AP ChallengeIssue – Easy to determine WEP Key Assumed Authentication Methods - SSID, MAC AddressIssue – SSID – Association, never intended for securityIssue – MAC – Sent in clear, very easily spoofed Published Papers – University of Maryland, April 2001Wireless LAN (WLAN)ClientPresentation IDWired LANAccess Point (AP) 2001, Cisco Systems, Inc. All rights reserved.9
IEEE 802.11 Security – Data Privacy(Pre WPA) Wired Equivalency PrivacyBased on RC4 Algorithm (good algorithm)Weak Implementation (Weak IV, IV sent in clear, common WEP key Issues (Based on WEP implementation)Weak IV – FMS Paper, July 2001Key Derivation via monitoring - AirSnortKey Derivation via bit flipping – UC Berkley, Feb. 2001IV & WEP Key Replay Attack - DoS, knowing IV & WEPNo Key Management – Lends to invasionWiFi Interoperability Certification – 40 bit onlyWireless LAN (WLAN)WEPClientPresentation ID 2001, Cisco Systems, Inc. All rights reserved.Access Point (AP)Wired LAN10
WLAN Security Components(WPA & 802.11i) Authentication Framework (802.1X) Authentication Algorithm (EAP) Data Encryption Algorithm (TKIP, AES)Presentation ID 2001, Cisco Systems, Inc. All rights reserved.11
WLAN Security Standards IEEE 802.11 TGi - Proposed Standard 802.11iIEEE Task Group focused on WLAN Security ImprovementEnhancement Proposed - 802.1X, EAP, TKIP, MIC, AESExpected Ratification – Q4CY03http://www.ieee.org WECA – Wireless Ethernet Compatibility Alliance“Compatibility “Seal of Approval”WiFi Interoperability “WiFi” – WLAN Interoperability CY2000WiFi Protected Access (WPA) – 802.1X, EAP, TKIP, MICAccepted January 2003, Testing started February 2003http://www.weca.net FIPS – Federal Information Processing StandardNot specific for WLAN but does have implications for encrypting data sent overWLANsRegulated by 0-48/NIST SP 800-48.pdf - Federal WLANGuidePresentation ID12 2001, Cisco Systems, Inc. All rights reserved.
FIPS Certification & StandardsImplementation What FIPS 140-1/2 does:Certification of Encryption Algorithm(s) & ModesDES, 3DES, AES – only certain modes of these algorithms What FIPS 140-1/2 does not do:Certification of implementation standards (ie IEEEor IETF) Therefore proprietary FIPS approved solutionsexistFIPS Certified IPSec and 802.11i (when ratified) solutionsoffer open standards based, government certifiedsolutionsWPA probably will never be FIPS certifiedPresentation ID 2001, Cisco Systems, Inc. All rights reserved.13
802.1X Authentication ProcessAPClientStartRequest IdentityIdentityAuth.ServerAP Blocks All Requests UntilAuthentication CompletesIdentityRADIUS Server Authenticates ClientEAP Authentication AlgorithmDeriveKeyClient Authenticates RADIUS ServerBroadcast KeyKey LengthDeriveKeyAP Sends Client BroadcastKey, Encrypted WithSession KeyWEP Key never sent over the wire, derived by end station & Authentication serverPresentation ID 2001, Cisco Systems, Inc. All rights reserved.14
802.11i & WPA Encryption Algorithms Static WEP – Not recommended(especially for Enterprise Configurations) Dynamic WEP - Hardened WEP Session Keys - WPATemporal Key Integrity Protocol (TKIP)- Reduce IV attack, strengthen key integrityMessage Integrity Check (MIC)- Prevent Replay attack, authenticity of frame Alternative to WEP-RC4 – 802.11iAdvanced Encryption Standard (AES)- As strong as 3DES, faster computation, FIPS 140-2 direction(NIST & IEEE)- Currently DES nor 3DES supported as a data privacyalgorithm in any 802.11 directionPresentation ID 2001, Cisco Systems, Inc. All rights reserved.15
IPSec WLANPresentation ID 2001, Cisco Systems, Inc. All rights reserved.16
IPSec VPNBaseNetworkCiscoSecure VPN ClientDHCPWLANEncrypted IPVPN Concentrator End to End securityIPSec VPN – Layer 3 – Client to ConcentratorHaul back to Central Point of Data PrivacyStronger Data Encryption (3DES, AES) – todayStandards based – RFC 2401Can be implemented on top of Layer 2 WLANPart of a Defense in Depth approachPresentation ID 2001, Cisco Systems, Inc. All rights reserved.17
Additional benefits of IPSec VPNs Can be used for wired & wirelessRemote Access (Cable)Dial-In (RAS)Traffic separation (Communities of Interests) Same software for wired & wirelessUsability, Support, Cost benefitsPresentation ID 2001, Cisco Systems, Inc. All rights reserved.18
WLAN Design ConceptsPresentation ID 2001, Cisco Systems, Inc. All rights reserved.19
Design SecurityReducing Bandwidth Coverage2 Mbps2 Mbps2 Mbps2 Mbps2 Mbps5.5 Mbps5.5 Mbps5.5 Mbps5.5 Mbps5.5 Mbps11 Mbps11 Mbps11 Mbps11 Mbps11 Mbps11 Mbps11 Mbps11 Mbps11 Mbps11 Mbps5.5 Mbps5.5 Mbps5.5 Mbps5.5 Mbps5.5 Mbps2 Mbps2 Mbps2 Mbps2 Mbps2 Mbps- 11 Mbps connections only (or on edges of perimeter only)- Can also reduce the radio power to reduce coverage areaPresentation ID 2001, Cisco Systems, Inc. All rights reserved.20
OSI Layer & WLAN SecurityApplicationUser IDPasswordPresentationSessionACLs Transport IPSec – Network LayerIETF Standards (RFC 2401)IPURLFilteringSSLDES, 3DES, AES WLAN – Data LinkIEEE Standards (802.11)ACLs NetworkEthernetACLs Data LinkWEP (RC4)PhysicalWEP “Alternative” (AES)Lends to Defense in Depth ApproachPresentation ID 2001, Cisco Systems, Inc. All rights reserved.21
Conceptual ViewConfiguration AConfiguration on ID 2001, Cisco Systems, Inc. All rights reserved.WLANSecurityEnclaveConf RoomWLAN(s)OtherWLAN(s)22
WLAN Security EnclaveExternalAuthenticationServer (Optional)WLAN Security terAuthenticationServerL3 SwitchBackboneNetworkWLAN VLANWired VLANsBldg1WLSEBldg2Management ConsoleACS, WLSE & IDSWLANPresentation IDWiredUsers 2001, Cisco Systems, Inc. All rights reserved.WLANWiredUsers23
802.11 Wireless MobilityVLAN 100WiredUsersVLAN 200ROAMAP100.100.100.0 – WLAN200.200.200.0 - WiredBldg1BackboneBldg2100.100.101.0 – WLAN200.200.201.0 - WiredHangars100.100.102.0 – WLAN100.100.103.0 - WLAN200.200.202.0 - WiredAP – VLAN 103Bldg3WiredUsersVLAN 201ROAMVLAN 101Conference RoomsROAMAP – VLAN 102ROAMPresentation ID 2001, Cisco Systems, Inc. All rights reserved.Bldg4WiredUsersVLAN 202Bldg6Bldg524
Wireless IPSecVPNConcentratorWIN CE Based ScannerWLAN ClientVPN SecurityEnclaveBldg1BackboneBldg3Bldg2HardwareVPN ClientLaptopWLAN ClientVPN ClientWEPPresentation ID 2001, Cisco Systems, Inc. All rights reserved.APAPMS-DOS Based ScannerWLAN ClientNo VPN ClientWEP25
802.11i with AES Design802.11i w/AESNCCWIN CE Based ScannerWLAN ClientEUB802.11i - AESnelTunecAPIPSWLANSecurityEnclave- 802.1X & EAP Authentication- AESIPsecFrom End User Buildings to Security EnclaveProtection from other Base TrafficITNWireless VLAN back toSecurity enclaveLaptopWLAN ClientEUBEUBMS-DOS Based ScannerWLAN Client802.11i - AESPresentation IDAP 2001, Cisco Systems, Inc. All rights reserved.AP802.11i - AES26
Different Users, Different Access –Common WLANCisco Secure ACS 3.1Authentication via EAP for all users Group 1 (Internal WLAN Users)IPSec VPN, Dynamic WEP, VLAN 100 Group 2 (Scanner & SpecialApplications)No VPN, Dynamic WEP, VLAN 200 Group 3 (Visiting Users)EAP (guest access or registration), NoVPN, Internet Access ONLY, VLAN 300DeveloperVInt LANer10nal V 0LANVLAN 200Special Apps VLAN003ANANVL t VLesGuSiGuest or ContractorPresentation ID 2001, Cisco Systems, Inc. All rights reserved.27
ConclusionPresentation ID 2001, Cisco Systems, Inc. All rights reserved.28
Recommendations for WLAN Security Change product defaultsUnique SSID, turn off SSID broadcast, WEP Key (128 bit),userid/password on AP Tie WLAN into your Organizational Security Policy Site Survey – Know your environment, understand yourimplementation and goalsAntennas Types, Association Parameters (Data Rate, Power, MACAddress), AP Placement Separate network for WLANFirewall and IDS before entering private LAN, separate infrastuctureor VLAN & IP Addresses. Defense in Depth ApproachLayer 2 – WPA, 802.11i, Layer 3 – VPNsBoundary Protection – IDS, FirewallsInteroperability - Standards based, FIPS-140Presentation ID 2001, Cisco Systems, Inc. All rights reserved.29
Conclusion Wireless is here to stayEnables new applications, new enterprise Security not just a WLAN issue – a Network issueTreat the network as an untrusted network and secureappropriately WLAN can be extremely secureNo quick fixes – planning and designSolutions to address security are available today andwill continue to evolvePresentation ID 2001, Cisco Systems, Inc. All rights reserved.30
Cisco WLAN Security Links Cisco WLAN Security websitehttp://www.cisco.com/go/aironet/security Cisco Wireless Security Suite software downloading /witc/ao350ap/prodlit/1674 pp.htm SAFE: Wireless LAN Security in pso/sqfr/safwl wp.htm Cisco Mobile Office: At Work (Click on - Technology n ID 2001, Cisco Systems, Inc. All rights reserved.31
Chris Johnson – CSE - Cisco Federalchrisj@cisco.com - 703 484 56613702 10 2001 c1 2001, Cisco Systems, Inc.32
Other IEEE 802.11 Standard Activities 802.11a—5 GHz, ratified in 1999 802.11b—11Mb 2.4 GHz, ratified in 1999 802.11g—Higher Datarate at 2.4 GHz 802.11e—Quality of Service 802.11f—Inter-Access Point Protocol (IAPP) 802.11h—Dynamic Channel Selection and Transmit PowerControl mechanisms 802.11i—Authentication and SecurityPresentation ID 2001, Cisco Systems, Inc. All rights reserved.33
802.1X & EAP 802.1X – IEEE Authentication FrameworkOriginally designed for wired networks, used (natively) for WLANSupplicant – Client (software on mobile device)Authenticator – APAuthentication Server – RADIUS EAP – Authentication Protocol (RFC2284)Works inside the 802.1X Authentication Framework802.11i does not stipulate any authentication algorithmCisco EAP, EAP-TLS, EAP-SIM (GSM), PEAP (Hybrid), Others EAP –Mutual AuthenticationWLAN authenticates the client, client authenticates the WLANDynamic WEP Key GenerationUnique WEP Key per authenticated userPresentation ID 2001, Cisco Systems, Inc. All rights reserved.34
WLAN Data Transmission Dynamic Session KeyUsed for encryption of data, unique to each authenticateduserDerived independently by client and authentication serverSession key sent to AP over wired networkSession Key never sent over wireless networkTimeout & renegotiate session keys – Cisco Value Add- Optional but recommended (hourly good idea)Presentation ID 2001, Cisco Systems, Inc. All rights reserved.35
802.11, WPA, 802.11i ComparisonFeatureAuthenticationOpen AuthenticationShared Authentication802.1XEAPWEP 40/128bitDynamic EncryptionKeyWEP-TKIP (128 Bit)MICAESPresentation ID 2001, Cisco Systems, Inc. All rights 11iWPA/802.11i802.11i36
Additional Cisco Value Add FeaturesAP Authentication– Rogue Access Point DetectionWired NetworkPer-packet hashing– Change WEP key per packetBroadcast key rotation– Change WEP Key for broadcastand multicastPublicly Secure PacketForwarding (PSPF)– Prevent client to clientcommunication in a WLANPresentation ID 2001, Cisco Systems, Inc. All rights reserved.PSPF37
IPSec VPN Design Ideas “Dummy” network –WLANUnique IP address range(ie 10.0.0.0)Not routed outside WLANperimeterOnly devices on networkare APs10.0.0.0RoutesWLAN VPN168.94.100.0WLAN10.0.0.0ecClient assigned valid IPaddress (in IPSec tunnel)Special IP range just forWLAN users (ie168.94.100.0/24)Corporate168.94.0.0IPS After VPNAuthenticationVPNConcentratorWLAN IP 10.1.1.1VPN IP 168.94.100.1APWEPPresentation ID 2001, Cisco Systems, Inc. All rights reserved.38
Initial IEEE 802.11 Security – Data PrivacyHow 802.11 WEP Encryption WorksRandom Number Generator (24 bits)24 bits Initialization Vector24 bitsSeedRC440 or 104 bitsWEPEncryptedPayloadAndICVWEP KeyCRC-32Frame PayloadPresentation IDMAC AddressesIn the clearIVIn the clearCRC-32ICV 2001, Cisco Systems, Inc. All rights reserved.39
802.11i Encryption AlgorithmsIVPLAINTEXT DATABASE KEYHASH Hardening WEPIVTemporal Key Integrity Protocol (TKIP)-Prevent Replay attack,authenticity of frameRC4 2001, Cisco Systems, Inc. All rights reserved.STREAM CIPHERWEP Frame - No MICDASAMICWEP Frame - MICPresentation IDCIPHERTEXT DATAXORPACKET KEY- Stronger keys, reduce IV attack,rotation of keysMessage Integrity Check (MIC)TKIPIVDataICVWEP EncryptedDASAIVDataSEQWEP EncryptedMICICV40
Server (Optional) Management Console ACS, WLSE & IDS Network Control Center IDS WLSE Firewall VPN Concentrator L3 Switch Bldg2 Bldg1 WLAN Wired WLAN Users Wired Users Backbone Network WLAN VLAN . Cisco Secure ACS 3.1 V L A N N 3 0 0 G u e s t _ V L A 3 0 0 G u e s t _ A V L A N e 1 0 0 I n t r n a l _ V L A N V L A N 1 0 0 I n t n a l _ V L A N.
