Monday, October 26, 2009

Lecture 8 -05102009-

Today, we have covered lecture 8 which is about wireless security.

 

Wireless LAN is increasingly popular.  The IEEE 802.11 group of standards specifies the technologies for wireless LANs. 802.11 standards use the Ethernet protocol and CSMA/CA (carrier sense multiple access with collision avoidance) for path sharing and include an encryption method, the Wired Equivalent Privacy algorithm. The 802.11 include four subsets of Ethernet-based protocol standards which is 802.11, 802.11a, 802.11b and 802.11g. 802.11 operated in the 2.4 GHz range and was the original specification of the 802.11 IEEEstandard. This specification delivered 1 to 2 Mbps using a technology known as phase-shift keying (PSK) modulation. This specification is no longer used and has largely been replaced by other forms of the 802.11 standard. 802.11a operates in the 5 - 6 GHz range with data rates commonly in the 6 Mbps, 12 Mbps, or 24 Mbps range. Because 802.11a uses the orthogonal frequency division multiplexing (OFDM) standard, data transfer rates can be as high as 54 Mbps. OFDM breaks up fast serial information signals into several slower sub-signals that are transferred at the same time via different frequencies, providing more resistance to radio frequency interference. The 802.11a specification is also known as Wi-Fi5, and though regionally deployed, it is not a global standard like 802.11b. The 802.11b standard (also known as Wi-Fi) operates in the 2.4 GHz range with up to 11 Mbps data rates and is backward compatible with the 802.11 standard. 802.11b uses a technology known as complementary code keying (CCK) modulation, which allows for higher data rates with less chance of multi-path propagation interference (duplicate signals bouncing off walls). 802.11g is the most recent IEEE 802.11 draft standard and operates in the 2.4 GHz range with data rates as high as 54 Mbps over a limited distance. It is also backward compatible with 802.11b and will work with both 11 and 22 Mbps U.S. Robotics wireless networking products. 802.11g offers the best features of both 802.11a and 802.11b.

 

 

Open System Authentication (OSA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. With OSA, a computer equipped with a wireless modem can access any WEP network and receive files that are not encrypted.For OSA to work; the service set identifier (SSID) of the computer should match the SSID of the wireless access point. The SSID is a sequence of characters that uniquely names a wireless local area network (WLAN). The process occurs in three steps. First, the computer sends a request for authentication to the access point. Then the access point generates an authentication code, usually at random, intended for use only during that session. Finally, the computer accepts the authentication code and becomes part of the network as long as the session continues and the computer remains within range of the original access point. The process of WEP Open System Authentication is illustrated below.

http://documentation.netgear.com/reference/sve/wireless/images/WEPauthenticationOpen.jpg

1.      The station sends an authentication request to the access point.

2.      The access point authenticates the station.

3.      The station associates with the access point and joins the network.

 

The three basic security services defined by IEEE for the WLAN in WEP are authentication for access control, confidentiality or privacy of information and data integrity. Authentication provides a security service to verify the identity of communicating client station while confidentiality is to provide privacy. Integrity is to ensure that messages are not modified in transit between the wireless clients.

 

Consequently, web attacks are discussed. Basically, there are 2 types of web attack which is active attack and passive attack. In passive attack, the attacker will collects all traffic and collect two messages. It is encrypted with same key and same IV. The attacker will make statistical attacks to reveal the plaintext. On the other hand, active attack is done if attacker knows plaintext and ciphertext pair. The keystream is known and attacker can create correctly encrypted messages.

 

Then, we move on to the 802.11 safeguards. There are 7 seven safeguard that is discussed include security policy and architecture design, treat as untrusted LAN, discover unauthorised use, access point audits, station protection, access point location, access point location, antenna design.

 

WPA is the abbreviation for Wi-Fi Protected Access. It works with 802.11a, 802.11b and 802.11g. It is is a certification program created by the Wi-Fi Alliance to indicate compliance with the security protocol created by the Wi-Fi Alliance to secure wireless computer networks. This protocol was created in response to several serious weaknesses researchers had found in the previous system, WEP (Wired Equivalent Privacy).

 

No comments:

Post a Comment