Professional Documents
Culture Documents
WPA
What is WPA?
Wi-Fi Protected Access (WPA) is a response by the WLAN industry to offer an immediate, a stronger security solution than WEP. WPA is intended to be: A software/firmware upgrade to existing access points and NICs. Inexpensive in terms of time and cost to implement. Compatible with vendors. Suitable for enterprise, small sites, home networks. Runs in enterprise mode or pre-shared key (PSK) mode
History of WPA
WPA was created by the Wi-Fi Alliance, an industry trade group, which owns the trademark to the Wi-Fi name and certifies devices that carry that name. WPA is designed for use with an IEEE 802.1X authentication server, which distributes different keys to each user.
History of WPA
The Wi-Fi Alliance created WPA to enable introduction of standard-based secure wireless network products prior to the IEEE 802.11i group finishing its work. The Wi-Fi Alliance at the time already anticipated the WPA2 certification based on the final draft of the IEEE 802.11i standard.
History of WPA
Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.
When combined with the much larger IV, this defeats the well-known key recovery attacks on WEP.
History of WPA
In addition to authentication and encryption, WPA also provides vastly improved payload integrity. The cyclic redundancy check (CRC) used in WEP is inherently insecure; it is possible to alter the payload and update the message CRC without knowing the WEP key.
History of WPA
A more secure message authentication code (usually known as a MAC, but here termed a MIC for "Message Integrity Code") is used in WPA, an algorithm named "Michael". The MIC used in WPA includes a frame counter, which prevents replay attacks being executed.
History of WPA
By increasing the size of the keys and IVs, reducing the number of packets sent with related keys, and adding a secure message verification system, WPA makes breaking into a Wireless LAN far more difficult.
History of WPA
The Michael algorithm was the strongest that WPA designers could come up with that would still work with most older network cards.
History of WPA
Due to inevitable weaknesses of Michael, WPA includes a special countermeasure mechanism that detects an attempt to break TKIP and temporarily blocks communications with the attacker.
History of WPA
However, it can also be used in a less secure "pre-shared key" (PSK) mode, where every user is given the same pass-phrase.
History of WPA
Wi-Fi Protected Access (WPA) had previously been introduced by the Wi-Fi Alliance as an intermediate solution to WEP insecurities.
WPA implemented a subset of 802.11i.
WPA Modes
Pre-Shared Key Mode
Does not require authentication server. Shared Secret is used for authentication to access point.
Enterprise Mode
Requires an authentication server Uses RADIUS protocols for authentication and key distribution. Centralizes management of user credentials.
WPA
802.1x Features:
BSS Key hierarchy Key management Cipher & Authentication Negotiation
TKIP
WPA Summary
Fixes all known WEP privacy vulnerabilities.
Enterprise:
Select EAP types and 802.1X supplicants to be supported on stations, APs, and authentication servers. Select and deploy RADIUS-based authentication servers
How WPA Addresses the WEP Vulnerabilities WPA wraps RC4 cipher engine in four new algorithms 1. Extended 48-bit IV and IV Sequencing Rules
248 is a large number! More than 500 trillion Sequencing rules specify how IVs are selected and verified
Symmetric-key block cipher using 128-bit keys. Generates CCM Protocol (CCMP): CCMP = CTR + CBC + MAC
CTR = Counter Mode Encryption CBC/MAC = Cipher Block Chaining/Message Authentication Code
Cipher
Key Size Key Life
Packet Key
Data Integrity Header Integrity Replay Attack Management Key
concatened
CRC-32 none none none
Mixing Function
Michael Michael IV sequence EAP-based
Not Nedeed
CCMP CCMP IV sequence EAP-based
General Recommendations
Conduct a risk assessment for all information that will travel over the WLAN and restrict sensitive information. Policies and infrastructure for authenticating remote access users can be applied to WLAN users. Perform regular audits of the WLAN using network management and RF detection tools.
General Recommendations
Minimize signal leakage through directional antennas and placement of access points. Make sure all equipment being purchased can be upgraded to support WPA and WPA 2/AES. If using Pre-Shared Key Mode consider that the shared secret may become compromised.
An investment in new hardware (access points, NICs) may be needed. Does your risk analysis indicate the extra protection ? Is there a compelling business reason to do so?
However
WPA has not met the challenge of intensive traffic. WPA has some vulnerabilities:
WPA Vulnerabilties
Uso de senhas pequenas ou de fcil advinhao. Est sujeito a ataques de fora bruta (quando o atacante testa senhas em sequncia) ou ataques de dicionrio (quando o atacante testa palavras comuns - dicionrio).
WPA Vulnerabilties
Senhas de menos de 20 caracteres so mais susceptveis ataque de fora bruta. comum o fabricante deixar senhas de 8-10 caracters, imaginando que o administrador ir alter-las.
WPA Vulnerabilties
Existem ferramentas disponveis que promovem ataques de fora bruta e/ou dicionrio para ataques ao WPA.
KisMAC para MacOS X (fora bruta para senhas/dicionrio). WPA Crack para Linux (fora bruta para senhas/dicionrio). Ethereal para Cowpatty para Linux (dicionrio) ou combinadas com John the Ripper.
WPA Vulnerabilities
No h dificuldades em modificar programas de acesso ao WPA.
Como por exemplo, em WPA_supplicant) para permitir a descoberta de chave prcompartilhada (PSK) ou do TKIP que muda a chave de tempos em tempos de forma configurvel.
WPA Vulnerabilities
O arquivo config.c pode ser modificado na funo wpa_config_psk, para ao invs de ler a chave no arquivo de configurao, passa a ler palavras recebidas como parmetros, permitindo o uso de dicionrio e mais algum programa para quebra de senha, como John The Ripper.
WPA Vulnerabilities
Problemas no armazenamento das chaves, tanto nos clientes como nos concentradores, que podem comprometer a segurana.
How WPA Addresses the WEP Vulnerabilities WPA wraps RC4 cipher engine in four new algorithms 1. Extended 48-bit IV and IV Sequencing Rules
248 is a large number! More than 500 trillion Sequencing rules specify how IVs are selected and verified
Referncias
KisMAC http://binaervarianz.de/programmieren/kismac Cowpatty http://www.remote-exploit.org/?page=codes WPA_attack http://www.tinypeap.com/page8.html
WPA_Supplicant http://hostap.epitest.fi/wpa_supplicant
Unless there is a significant flaw found in WPA or RC4 is broken, there may be no reason to move to WPA2 in the future.