IV. SECURITY
A. INTRODUCTION:
The crucial point in a network installation, whether it be wired or wireless, is the establishment of protective elements. Security has always been the weak point of wireless networks, mainly because of its physical nature: the radio is a transmission medium shared by any persons within in the coverage area can listen to the media and enter the network. It may even, through booster antennas, is beyond the reach of radio coverage to penetrate this network. These security issues also arise for wired networks but passive listening requires a physical intrusion. For anyone with some knowledge of computer and some equipment can easily find information and programs to listen to and penetrate wireless networks. In addition to these inherent weaknesses to radio waves, a wireless network must be protected from conventional attacks. These vulnerabilities have focused certain damage to his development company, since these flaws become access points to the internal network on which it is connected. There are security devices implanted base on the WiFi hardware (card and access point) enabling a first level of protection, but these means of security are easily circumvented. New security countermeasures are being standardized and will be usable within a few months, for the moment the best security is to use the same mechanisms of protection as wired networks.
We will first, before seeing the various attacks that could reach a wireless network, review some concepts used to meet the three basic security principles are: Coding, Authentication and Integrity.
B. SOME IDEAS:
1. CRYPTOGRAPHY:
cryptography is to make the text incomprehensible coding. Are encoded (crypt or figure) the text by performing an operation on the plaintext from a rule called the encryption key. The coded text (ciphertext) can then be sent to the recipient. Cryptanalysis is to decrypt an encrypted text by performing on the text with a key. There are three cryptography: symmetric key, asymmetric key (or public key), in combination wrench (use the previous two).
Note: In France the regulations limit the maximum length of 40-bit key for public use and 128 bits for personal use.
· Wrench symmetrical
The sender and recipient use the same key (for encoding and decoding), all persons wishing to transmit data must share the same key. Algorithms using this system are fast and reliable, cons by the fault of this system is in the transmission of this shared key. Types of symmetric key algorithms:
-DES (Data Encryption Standard) was the most used, but no longer used since 1998 considered unsafe. Key 40 to 56 bits.
-IDEA (International Data Encryption Algorithm) is used by PGP (Pretty Good Privacy) encryption software the most widely used. 128-bit key.
- RC Series (Ron's Code) RC2 RC 6: algorithm developed by Ron Rivest, version RC4 is used in WEP IEEE 802.11.
-AES (Advanced Encryption Standard): replacement of DES in the U.S. administration and RC4 in the 802.11 with 802.11i. Based on the Rijndael algorithm, is considered unbreakable.
· Wrench asymmetric or public key:
This system solves the problem of key transmission previously met. In 1976, two mathematicians, Whitfield Diffie and Martin Hellman proposed a new way to encrypt. It uses two keys, a private key to decrypt the data, but which remains confidential, and a public key to encrypt data, which can be transmitted and left available to all users. Operating principle between two users (A and B is the sender address):
1) makes two key B (P = Public, S = Secret) from mathematically related numbers. Knowing that even with the P key (public) and the encoded message can not find the key S (secret).
2) B sends the key to A. P
3) A encrypts the message (m) with P: P (m) and sends it.
4) B receives the message P (m) and decrypts it with its private key:
S (P (m)) = message.
If A wants to send a message, it will proceed in the same way, it will create a set of keys. In the end we will create four keys.
This system also allows authentication: A encrypts a message with his private key, B decrypts the message with the public key of A. (A can only encrypt with the private key of A. The problem is to find two mathematical functions (P and S) related to one another can encrypt and decrypt while not allowing that to be possible to infer one from another.
From these bases, in 1977, D. Rivest, A. Shamir and L. Adleman, have developed an algorithm addressing this issue. This algorithm, the RSA (named its inventors) is still used today.
Basic principle of RSA : From the product of two large primes, p and q, a hundred digits each, we deduce an integer n: n = pq. The data of n is the public key (it is enough to encrypt), p and q are the private key to decrypt it be known. It is very difficult to find the factors p and q from n. In practice, because of their slowness, the public key algorithms are useless for applications requiring several key exchanges. It then uses algorithms to combination wrench.
· Wrench mixed
This principle uses the two previous techniques, key symmetric and public key, combining the advantages of both while avoiding their disadvantages. The general principle is to perform data encryption using symmetric keys, but having done initially sending the symmetric key with a public key algorithm.
2. ELECTRONIC SIGNATURE:
We have seen techniques to encode a text in order to safely send and decode it on arrival. Remains the problems of identifying the sender and data integrity. The electronic signature is used to identify and authenticate the sender of data while verifying data integrity, at least for the second method.
• Signature Public Key:
Principle of operation between a sender and a receiver B, there are two pairs of keys, public / private key A (PA, SA) and B (PB, SB):
1.phase of transmission: A encodes his message with his secret key: SA (m), then with the public key of B: PB (SA (m)) and sends it to B.
2.phase Received: B decodes with his private key: SB (PB (SA (m))) = SA (m), only he can do this calculation (= Security sending). Then with the public key of A, it decodes the message: PA (SA (m)) = m, which certifies A (A can only use SA).
This operation is very slow, using two pairs of keys and there is no control data integrity.
• Signature with hash:
The hash is to compute a very small summary of the message, this summary (called a digest or hashed) must not be allowed to reconstruct the original text if taken alone, and must be sensitive, that is to say that any change in the message causes a change in the summary. So by comparing the summary and the message, we can ensure the integrity of the message. This technique coupled with public key cryptography also enables the authentication of the sender.
Example:
1.phase of transmission: A computes the sum H (m) code with his private key SA (H (m)) and code with the public key of the message B: PB (m)) he sends them to B.
2.phase Received: B decodes the message with his private key: SB (PB (m)) = m ', it sums up the message H (m'). It decodes the received summary with the public key of A: AP (SA (H (m))), if H (m) = H (m) then A is authenticated and the message is correct. The main algorithms are
Series MD (Message Digest) including MD5 is widely used.
C. TYPES OF ATTACKS:
attacks can be classified into two main groups: passive attacks and active attacks, which are obviously more dangerous.
1. Passive attacks: In
a wireless passive listening is even easier than the media air is difficult to control. Often, the radio coverage of an access point goes beyond the private domain of a company or an individual. The passive attack is the most common research access point. This attack (called Wardriving) became the "game" a favorite of many hackers, the access points are easily detected by a scanner (laptop equipped with a WiFi card and a software research specific PA.) These wireless cards are equipped with directional antenna (Yagi) for listening to radio traffic at a distance outside the coverage area of the access point. There are two types of scanners, liabilities (Kismet, WifiScanner, prismstumbler ...) without leaving traces (signatures), virtually undetectable and assets (Netstumbler, dstumbler) detectable when listening, they send the "probe request". Netstumbler only works on Windows, others work in Linux.
sites detected are then indicated by marking out (with chalk) the coded (Warchalking):
An initial traffic analysis allows you to find the SSID (network name), the point's MAC address access, flow, use of WEP encryption and signal quality. Combined with a GPS, the software can locate (latitude longitude) the access point.
At a higher level of software (or type Aisnort Wepcrack) allow a few hours (depending on traffic) to decipher WEP key and so with tools for analyzing conventional networks seeking information can go further. The attacker can pass in an attack said to be active.
2. Active Attacks:
We will review, rather succinctly, the various known attacks in wired networks and affect, of course, the world of wireless.
DoS (Denial of Service):
denial of service network is often an alternative to other forms of attack because in many cases it is simpler to implement, requires less knowledge and is less easily traceable to a direct attack to come in a system to gain control. This attack is intended to prevent legitimate users from accessing services by saturating false requests these services. It is generally based on "bugs" software. In the mid
wifi, it includes blocking access points either by flooding or disassociation request deauthentication (Airjack type program), or more simply by jamming radio signals.
Spoofing (identity theft):
IP Spoofing is a technique that allows an attacker to send packets to a machine appears to be from a different IP address than the attacker's machine. IP spoofing is not provided an IP address change. More precisely, it is a travesty (he is the technical term) of the IP address in the packets, that is to say that packets sent are modified so that they seem to be able to a machine.
Man in the middle (home center) in rural Wi-Fi:
This attack is for a Wi-Fi, has to have an access point near abroad in other legitimate AP. Stations wishing to connect to the network to deliver PA "felon" their information for the connection. This information can be used by a pirate station. They just had a pirate station listening to the traffic, get MAC address of a legitimate station and its AP, and intercalated in the middle.
D. INTERNAL STANDARDIZED SOLUTIONS:
These solutions are implemented on all standard 802.11 hardware.
1. Network Access: The first
security mechanism of 802.11 is the access control network identifier or SSID (Service Set ID). All stations and all access points that belong to the same network have the same SSID (Infrastructure mode and Ad-Hoc). All stations wishing to connect to an 802.11 network must provide the access point SSID. It is the only security mechanism required in wireless
This protection is very brief, because the AP sends periodically clear that ID tags in frames, the network is called "open". Just listening to retrieve the SSID of the network. Otherwise just specify SSID as the word "any" in the configuration of the Wi-Fi station to retrieve all open networks SSID. Some manufacturers offer the possibility of preventing the broadcast of the SSID access point, it says that the network is closed, we can not close networks in Ad-Hoc. By cons can not completely prevent the SSID broadcast, as in the phase of authentication between a station and an access point, it is transmitted in the clear. Moreover
access points have a default SSID for each manufacturer, if that SSID is not changed by the user, it is easy to find.
It is the same for the password required to configure the access bridge, it must be modified by the user.
2. Access Control List: This protection
is to permit network access only to stations whose MAC address was registered in a list. It is very easy for a hacker to retrieve an address entitled, as they are transmitted in clear text and replace it with hers. So it is very easily circumvented protection.
3. WEP (Wired Equivalent Privacy):
· Operation
The 802.11 standard has developed a security protocol to protect wireless networks as effectively as wired networks: WEP. This protocol satisfies the three basic principles Security: authentication, data confidentiality and data integrity.
These principles are based on a symmetric key system, the same key is used to encrypt and decrypt data. This key is shared by all clients on the network and the access point. There are two possible key lengths, 64 and 128 bits (given that 24 bits are used to initialize the key).
· Authentication: authentication mechanism uses the shared key to send encrypted data. There are two authentication mechanisms:
-Open System Authentication: default mechanism, there is no real authentication, any station wishing to connect is automatically authenticated.
-Shared Key Authentication: This mechanism involves four steps:
1.la station sends an authentication request to the access point. 2.The
PA sends a 128 bit plaintext generated by the WEP algorithm.
3.la station encrypts the text with the shared key and sends it in a frame of authentication.
4.the PA decrypts the received text with the same shared key and compares with the previous text, if it confirms equal Station and its authentication, the station can then join. Otherwise the AP sends an authentication frame negative.
· encryption and integrity check: The mechanism for encryption and integrity check of WEP is based on the RC4 algorithm, developed by Ron Rivest for RSA Security in 1987. It is a secret symmetric key algorithm. Authentication ensures that the station does have the key. Encryption and integrity checking takes place in several stages:
the Key Scheduling Algorithm 1.Elaboration: It appends (adds) Shared Key (40 or 104 bits) and an initialization vector of 24 bits (IV: Initialization Vector that changes with each frame sent), thus forming the seed (seed) of RC4 Key Scheduling Algorithm also known (64 or 128 bits ). â [Key [PRNG (Key Integrity:
decryption and integrity checking takes place in several steps as above, but in reverse:
1. The shared key is concatenated with the IV of the received frame, the assembly is then fed into the PRNG to give the correct pseudo-random sequence that was used for encryption.
2. It performs an XOR between this sequence and random encrypted data received. We obtained data and the ICV in the clear.
3.On performs a control (ICV ') on the plaintext data to be compared with the ICV received. If ICV '= ICV can be sure data.
· Weaknesses There are weaknesses of the RC4 algorithm used but also the design of WEP. The principal is the key that is made by the concatenation of a unique key shared by all network members and a maximum length of 104 bits, and an initialization vector. This key is too short and the IV is transmitted in the clear, so one can easily after a while listening to deduce the key, knowing that usually the initialization vector starts at 0 at the start of transmission. All this is made with the help of specific software or type Airsnort Wepcrack. On the other hand, the CRC used is too low, this leads to the possibility for hackers to modify packets or inject forged packets with CRC has been changed. Another flaw comes from the authentication sequence in which a plaintext is sent by the AP and its coded version sent by the station. A simple listening can get these two elements which can more easily calculate the key. Note: All security algorithm required by the processor over load and this causes a decrease in performance including throughput. This decrease varies according to the maps, is to enable WEP can fall by 5 to 50% performance of the processor wireless card.
E. INTERNAL TEMPORARY SOLUTIONS:
These solutions are found today on most hardware or being implemented through software patch on some older hardware.
1.WPA (Wi-Fi Protected Access)
Given the weakness of WEP, and pending a standard suitable for network security wireless 802.11 (802.11i standard being developed), the working group IEEE802 .11 i developed a temporary solution: WPA. WPA has the double advantage of be implemented on existing material (updating firmware) and be compatible with the future security standard 802.11i. WPA is composed of two elements:
· TKIP (Temporal Key Integrity Protocol) protocol allowing encryption and integrity checking of data. This protocol always uses RC4 (hence its compatibility with WEP) as an encryption algorithm with a key of 128 bits, the cons IV (initialization vector) grows to 48 bits. In addition there is a key per station (and not for the entire network with WEP), the key is automatically generated and changed periodically.
The data integrity check performed by a hash code of 8 bytes called MIC (Message Integrity Code) or Michael. This code is also the MAC addresses, which do not alter or forge frames. In addition it uses a sequence number on packets, allowing a good control of sequencing.
· 802.1x:
Protocol for authentication.
This protocol, dating from 2001, is the evolution of different protocols (PPP, RADIUS, EAP) developed for authentication. This protocol aims to standardize a mechanism for relay authentication at Level 2 either a wired or wireless, and control access to resources if physical access is not controllable (this is the case in a radio environment). We will see its application in the middle of WLANs.
elements: The Protocol
operates from three elements: The customer-(station) or system being authenticated.
-controller (access point) or system authenticator.
-The authentication server (server located on the LAN).
is also called 802.1x Port-Based Network Access Control is to say, it introduces a concept of port controlled by authentication. Station can access resources on a LAN if it has been previously authenticated.
· Operation:
Specifically station will connect to the access point by a PAE (Port Access Entity), the EAP is divided into two ports, a controlled port (connection open or closed) giving access to the resource in case successful authentication, and an uncontrolled port (connection still open) for authentication when all other traffic is rejected.
The controlled port can be opened or closed depending on the control that was defined using a variable (AuthControlledPortControl). This variable can take three states:
-ForceUnauthorized: access to the controlled port is prohibited (connection still open).
-ForceAuthorized: port access control is allowed (always closed connection).
-Auto (default): access depends on the authentication result.
· RADIUS Authentication:
is used to convey EAP authentication during a session, EAPOL (Extensive Authentication Protocol Over LAN) between the station and the access point and EAP between the AP and the server ( using mainly a RADIUS server: Remote Authentication Dial In User Server). This protocol can encapsulate all authentication protocols.
Generally the station and the server share a secret (key, certificate), and as soon as the server receives a request from the access point for a station, it sends a challenge to the station. This challenge can only be resolved by the shared secret and enable authentication. Different type of protocols are possible:
· Types of authentications:
-password authentication: EAP-MD5, it is less used; LEAP (Light EAP) Cisco proprietary protocol.
- smart card authentication: EAP-SIM (Subsciber Identity Module) used for public access points (hot spots), use the smart card of GSM SIM, enables the implementation of billing EAP-AKA (Authentication and Key Agreement), use the authentication system SIM card of UMTS, it is compatible with GSM. - Certificate authentication: EAP-TLS (Transport Layer Security), based on mechanisms SSL (Secure Socket Layer) is widely used, it uses a Public Key Infrastructure PKI, it generates and distributes dynamic WEP keys (per user , per session and per packet). Requires a certificate for each client.
To overcome some shortcomings of EAP (failure to protect the identity of the user problem ... when fast reconnect), PEAP (Protected EAP) was developed. This protocol uses MS-CHAP v2 for authentication.
Note: WPA works on Windows 2000 and XP (Service Pack 1), with 802.11a 802.11b and 802.11g.
F. INTERNAL SOLUTIONS FUTURE: 1.802.11i (RSN: Robust Security Network):
As I explained earlier, the WPA is temporary and the final 802.11i standard should be ratified in 2004. This standard is to overcome the lack of WPA and provide solutions different points: a secure SSID, a quick disconnect and secure authentication and association dice secure, implementation of AES instead of RC4. Establishing mutual authentication station and access point.
AES-CCMP (Advanced Encryption Standard-Counter Mode With CBC MAC Protocol): protocol uses AES and TKIP replaces instead of RC4. AES encryption algorithm is a very powerful but symmetric key requires a large computing power and can be used by the current maps.
G. EXTERNAL SOLUTIONS
1.VPN (Virtual Private Network)
After seeing the security level data, we'll see the tools available to secure a network and in particular through the concept of virtual private network. The initial role of a VPN is to allow a remote user of his company to securely connect to the LAN thereof through networks that are not secure. Today VPNs are widely used in corporate LANs to provide secure communications and quality service. It meets the three basic needs: data encryption, host authentication, integrity check.
PPTP:
is a layer 2 protocol developed by Microsoft, allowing connections PPP (Point to Point Protocol) to be secure (encryption, authentication) while being conveyed in an IP network through a virtual tunnel. It uses the authentication protocol in Microsoft PPTP is the protocol of challenge / response (MS-CHAP Microsoft Challenge Handshake Authentication Protocol) protocol encryption is encryption (MPPE Microsoft Point-to-Point Encryption). This uses an encryption algorithm RC4 in 40 or 128 bits. The current version is MS-CHAPv2. Microsoft has improved PPTP to correct the major flaws of security.
L2TP: Layer 2 Protocol
that encapsulates PPP frames to send IP networks, but also type WAN (X.25, Frame Relay, ATM) L2TP is designed to carry PPP sessions through a network and physically complete the PPP sessions in a concentration point determined in the network. With L2TP, it identifies the two essential parts of the tunnel as follows:
LAC (L2TP Access Concentrator): to adapt the equipment, which access network (PSTN type, ISDN, ADSL, etc.). the IP network. The role of the access concentrator is LAKE limited to providing physical support for use by L2TP to forward traffic to one or more L2TP network server (LNS). It provides channels for all fractionation protocol based on PPP. The access concentrator LAKE acts as server access: it is the source of the tunnel and is responsible for identifying the VPN.
LNS (L2TP Network Server): This is the device on the network terminating PPP sessions and aggregators all sessions. LNS servers are issuers of outgoing calls and receiving incoming calls. They are responsible for authenticating the tunnel.
Creation a PPP with L2TP tunnel is divided into two phases:
-establishing a control connection between the LAC and LNS for L2TP tunnel open, allowing identification of the LAC and LNS.
-establishment of an L2TP session following receipt of an incoming call or outgoing LAC. Multiple sessions can use the same tunnel and multiple tunnels can be created between a pair LAC, LNS.
The L2TP session is held by frames "Hello" maintenance (keepalive). IPsec: IPsec enables secure exchange at the network layer, providing privacy (Encryption), authentication (source and destination), the data integrity. It operates on two mechanisms:
-AH (Authentication Header) protocol that provides authentication of the source and integrity of data, adds a data block (called ICV: Integrity Check Value obtained by a hash algorithm) after the IP header.
-ESP (Encapsulating Security Payload): this protocol in addition to authentication and integrity, confidentiality through encryption. It encrypts the original data which are then encapsulated between a header and enqueue. IPsec operates in two modes: -tunnel mode: used for tunnels between networking equipment, enables the protection of all fields of IP datagrams.
-transport mode: not that protects data datagrammme IP and not the headers. It is used for connections between terminal equipment.
0 comments:
Post a Comment