CWNA Guide to Wireless LANs, Second Edition9-1

Chapter 9

Implementing Wireless LAN Security

At a Glance

Instructor’s Manual Table of Contents
  • Overview
  • Objectives
  • Teaching Tips
  • Quick Quizzes
  • Class Discussion Topics
  • Additional Projects
  • Additional Resources
  • Key Terms

Lecture Notes

Overview

By implementing new wireless security technologies, WLANs can, according to many wireless experts, be made as secure as their wired counterparts in homes and enterprises. In this chapter, students will explore how to implement wireless security. They will start by briefly looking at wireless security solutions and then learn about three different models that can be implemented for making a WLAN secure.

Chapter Objectives

  • List wireless security solutions
  • Tell the components of the transitional security model
  • Describe the personal security model
  • List the components that make up the enterprise security model

Teaching Tips

Wireless Security Solutions

  1. Explain that the WEP specifications were ratified simultaneously with IEEE 802.11a and 802.11b. Stress that the vulnerabilities were quickly realized. Mention that, as a result of these vulnerabilities, many organizations implemented quick-fixes that did not address the issues of encryption and authentication.
  1. Discuss the IEEE and Wi-Fi Alliance's respective solutions to the vulnerabilities of WEP. Introduce IEEE 802.11i and WPA. Stress that these are the basis of today's wireless security mechanisms.

WEP2

  1. Introduce the enhancements to WEP that were introduced with WEP2. Explain how the larger key and the use of Kerberos authentication improve the security of WEP2 over WEP.

Teaching

Tip / The IEEE calls its “major” committees working groups (WG), such as 802.11 (wireless), 802.3 (Ethernet), etc. Within the working groups are subgroups known as task groups (TG), such as 802.11n.
  1. Provide an overview of the mechanism that Kerberos uses for authentication.
  1. Stress that WEP2 was no more secure that WEP, and explain the reasons why.

Teaching

Tip / WEP collisions are defined and covered in detail in Chapter 8.

Dynamic WEP

  1. Explain that Dynamic WEP solves the weak IV problem by rotating the keys frequently, making it much more difficult to crack the encrypted packet. Mention that it uses different keys for unicast and broadcast traffic.
  1. Explain that the unicast WEP key, which is unique to each user’s session, is dynamically generated and changed frequently.
  1. Explain that the broadcast WEP key must be the same for all users on a particular subnet and AP, and mention why.
  1. Illustrate dynamic WEP with Figure 9-1.
  1. Explain that dynamic WEP is a no-cost, easy to implement security measure. Stress that it does not protect against man-in-the-middle attacks and is susceptible to DoS attacks.

Teaching

Tip / When implementing dynamic WEP on a device using Windows XP and Cisco access points, the device will not associate to the AP when dynamic WEP is enabled unless the AP is set to Full Encryption. Setting the AP to Optional Encryption or No Encryption will cause the AP to send out 802.11 beacons with its privacy bit set to 0 (that is, no WEP) and the device will not associate.

IEEE 802.11i

  1. Briefly discuss the history of the IEEE 802.11i standard. Stress that it provides a solid wireless security model, as opposed to its predecessors.

Teaching

Tip / 802.11e is also known as the IEEE TGi task group.The wireless QoS TGe applies to Quality of Service, and is finalizing the standard to be known as IEEE 802.11e.
  1. Explain that 802.11i addresses both encryption and authentication.
  1. Describe how 802.11i addresses encryption, defining the term block cipher. Stress that 802.11i replaced the RC4 stream cipher algorithm with a block cipher algorithm. Mention that blocks can be randomized.
  1. Provide an overview of the AES block cipher, explaining the three steps involved. Stress the multiple rounds of encryption that occur during the second round. Using Table 9-1 to illustrate, discuss the time that it would take to break AES with differing key lengths.

Teaching

Tip / AES was approved by the National Institute of Standards and Technology (NIST) in late 2000 as a replacement for another cryptography algorithm known as Data Encryption Standard (DES). NIST published its requirements for a new symmetric algorithm and requested proposals. The requirements stated that the new algorithm had to be fast and function on older computers with 8-bit processors as well as current 32-bit and future 64-bit processors. After a lengthy process that required the cooperation of the U.S. government, industry, and higher education, five finalists were chosen. The winner was an algorithm known as Rijndael. AES is now the official encryption standard for the U.S. government.
  1. Explain that IEEE 802.11i authentication and key management is accomplished by the IEEE 802.1x standard. Describe the concept of port security, and explain how it is used in an authentication method.
  1. Using the steps listed on page 296 of the text as a guide, discuss the 802.1x authentication procedure. Illustrate with Figure 9-2.
  1. Explain that IEEE 802.11i includes key-caching, and describe what it is used for. Also discuss the concept of pre-authentication.

Teaching

Tip / Other new task groups that are being considered are looking at possible future standards for usingWi-Fi in moving vehicles (likely to become TGp or 802.11p), Wi-Fi performance prediction for testing (likely to become TGt or 802.11t), and interoperation with external networks (no letter yet).

Wi-Fi Protected Access (WPA)

  1. Provide a brief description of the history of WPA. Explain that it is a subset of 802.11i that addresses both encryption and authentication.
  1. Describe TKIP, and explain the concept of a per-packet key. Stress how WPA prevents the occurrence of collisions.

Teaching

Tip / When using TKIP there are 280 trillion possible keys that can be generated for a given data packet.
  1. Explain that TKIP sets up an automated key hierarchy and management system.
  1. Discuss the role of the Message Integrity Check in WPA. Explain that it replaces the CRC used in WEP. Describe how the CRC can be exploited by attackers, and explain how the MIC corrects for this. Illustrate with Figure 9-3.

Teaching

Tip / WPA operates at the Media Access Control (MAC) layer.
  1. Explain that WPA authentication can proceed using 802.1x or PSK technology. Describe how PSK works, explaining that the passphrase used in PSK serves as a key for mathematically generated key values.

Teaching

Tip / A PSK of sufficient length and strength, one that uses a long mix of letters, numbers and non-alphanumeric characters, is highly recommended.
  1. Briefly describe how WPA can be implemented.

Wi-Fi Protected Access 2 (WPA2)

  1. Provide an overview of WPA2, indicating that it is based on the final ratified version of IEEE 802.1x. Mention that it uses the AES for data encryption and supports IEEE 802.1x authentication or PSK technology.
  1. Explain that WPA2 allows both AES and TKIP clients to operate in the same WLAN, whereas IEEEv802.11i only recognizes AES.

Teaching

Tip / Just as the term “Wi-Fi” is commonly used when referring to wireless LAN technology (IEEE 802.11a/b/g), “WPA2” is now being used by consumers and media instead of the more technical IEEE 802.11i. Because of the Wi-Fi Alliance’s weight in the marketplace it is anticipated that WPA2 will become the more “user-friendly” term.

Summary of Wireless Security Solutions

  1. Using Figure 9-4 to illustrate, discuss the security timeline for wireless LANs.
  1. Briefly discuss the modes used by the Wi-Fi Alliance to categorize WPA and WPA2. Illustrate with Figures 9-5 and Table 9-2.
  1. Provide a final overview of all of the wireless security solutions, illustrating with Table 9-3.

Transitional Security Model

  1. Explain that an optimal solution is not always available in all situations. Stress that the answer might be to implement the highest level of security based upon the current equipment in use.
  1. Provide an overview of the transitional security model, stressing that it should only be used temporarily. Explain that the transitional phase of a wireless security model should last only under migration to a stronger security model is possible.

Teaching

Tip / It is important that the vulnerabilities of the transitional security model be clearly understood by all users. This helps to make them more sensitive to what could happen and will also provide additional support in quickly moving to a more secure model.

Teaching

Tip / The transitional security model should be considered as the absolute minimum level of security for a home or an apartment that uses a WLAN.

Authentication

  1. Explain that under the transitional security model,three important steps should be taken for authentication including shared key authentication, turning off SSID beaconing, and implementing MAC address filtering.

Shared Key Authentication

  1. Explain that implementing shared key authentication is the first and perhaps the most important step. Mention that WEP keys are used to implement this authentication.
  1. Briefly describe how shared key authentication is performed in the transitional security model.
  1. Explain that networks that support multiple devices should use all four keys. Mention that the same key should not be designated as the default key on each device.

SSID Beaconing

  1. Explain that a security step in authentication under the transitional security model is to turn offSSID beaconing by configuring the access points to not include the SSID, and discuss why. Remind the students that beaconing the SSID is the default mode for all APs, and can only be turned off on some APs.

Teaching

Tip / Turning off SSID beaconing prevents devices from freely roaming from one access point to another, because the device must know the SSID of each AP in order to be authenticated.
  1. Explain that it is good practice to user a cryptic SSID on the network, and give examples of such SSIDs.

MAC Address Filtering

  1. Reiterate the concept of MAC address filtering, and explain that this is the final authentication step in the transitional security model.
  1. Explain that access to the wireless network can be restricted by entering the MAC address of approved devices into the access point. Illustrate with Figure 9-6.

Teaching

Tip / A limitation of MAC address filtering is that it requires pre-approved authentication so that the MAC address must first be entered into the MAC address filter on the access point before the device can be authenticated. This makes it difficult to provide temporary access for guest devices.

WEP Encryption

  1. Mention that, despite the vulnerabilities, WEP should be turned on in the absence of other options for encryption. Stress that the longest key available should be used.
  1. Discusswhy using a passphrase is discouraged.
  1. Using Table 9-4 as a guide, summarize the transitional security model.

Quick Quiz 1

  1. IEEE 802.11i and ______have become the foundations of today’s wireless security model.

Answer: Wi-Fi Protected Access (WPA)

  1. WEP2 used the ______authentication system.

Answer: Kerberos

  1. True or False: Dynamic WEP is a no-cost option for wireless security.

Answer: True

  1. The block cipher used in 802.11i is the ______.

Answer: Advanced Encryption Standard (AES)

  1. WPA replaces WEP with an encryption technology called ______.

Answer: Temporal Key Integrity Protocol (TKIP)

  1. WPA authentication can be accomplished by using either IEEE 802.1x or ______technology.

Answer: pre-shared key (PSK)

  1. True or False: The transitional security model should only be implemented as a temporary solution.

Answer: True

  1. True or False: All APs allow beaconing of the SSID to be turned off.

Answer: False

Personal Security Model

  1. Explain that the personal security model is designed for single users or small office home office (SOHO) settings of generally 10 or fewer wireless devices, and provides more security than the transitional security model.

Teaching

Tip / The personal security model is intended for settings in which an authentication server is unavailable. If an authentication server is available the enterprise security model should be used instead.
  1. Mention that the personal security model is divided into two sections: WPA and WPA2. Discuss the types of equipment that these two sections are geared towards.

Teaching

Tip / It is important to implement the highest level of security within the model: if the equipment can support WPA2, then that should be used instead of WPA.

WPA Personal Security

  1. Provide a brief overview of WPA personal security. Mention that the authentication used is PSK and the encryption is TKIP.

PSK Authentication

  1. Explain that PSK authentication uses a passphrase (the PSK) that is manually entered to generate the encryption key. Reiterate that the PSK is used as a seed for encryption.
  1. Briefly mention the disadvantage of PSK authentication.

TKIP Encryption

  1. Reiterate that TKIP encryption is a strong substitute for WEP encryption. Stress that it is designed to fit into the existing WEP procedure with a minimal amount of change.
  1. Using Figure 9-7 to illustrate, and using the steps listed on page 305 of the text as a guide, discuss the mechanics of how TKIP and MIC perform encryption.
  1. Using the list on page 306 of the text as a guide, describe the three major components that TKIP uses to address vulnerabilities.

Teaching

Tip / Although a device to protect against forgeries is technically called a message authentication code (MAC), the IEEE 802 standard had already used the acronym MAC to refer to “media access control.” The TGi committee used message integrity code (MIC), sometimes referred to as Michael.
  1. Explain that TKIP is required in WPA. Mention that the TKIP encryption algorithm is stronger than the one used by WEP but works by using the same hardware-based calculation mechanisms WEP uses.

Teaching

Tip / If a wireless device was transmitting 10,000 packets per second with original WEP IV, collisions would occur in 90 minutes; using TKIP collisions would not occur for over 900 years.

WPA2 Personal Security

  1. Provide a brief overview of WPA2 personal security. Stress that it substitutes AES encryption instead of TKIP.

PSK Authentication

  1. Explain that PSK is intended for personal and SOHO users who do not have an enterprise authentication server. Mention that PSK provides a strong degree of authentication protection.
  1. Describe the concepts of rekeyingand the rekey interval.
  1. Explain that PSK employs a consistent method for creating keys. Describe the purpose of the shared secret, and mention the best practices for creating it.

AES-CCMP Encryption

  1. Explain that encryption under the WPA2 personal security model is accomplished by using the block cipher AES.
  1. Describe AES-CCMP. Explain that this is the encryption protocol in the 802.11i standard.Stress that CCM is the algorithm providing data privacy, while the CBC-MAC component of CCMP provides data integrity and authentication.

Teaching

Tip / Changing even one bit in an AES-CCMP message produces a totally different result.
  1. Explain that the AES algorithm processes blocks of 128 bits, but the length of the cipher keys can vary according to the desired security level. Mention the possible cipher key lengths. Also mention the options for the number of rounds performed in step 2 of the AES mechanism.

Teaching

Tip / Increasing the key length and number of rounds has an impact upon the speed of AES.
  1. Explain that, because of the processing power needed by AES, it is recommended that it be performed in hardware rather than software.

Teaching

Tip / A minimum of the equivalent of a 2.5-GHz Pentium processor is needed to perform AES.
  1. Using Table 9-5 as a guide, provide a brief review of the various components of the personal security model.

Enterprise Security Model

  1. Explain that the enterprise security model is the most secure level of security that can be achieved today for wireless LANs. Mention that it is designed for medium-to-large organizations. Also mention that it is intended for setting where an authentication server is available.
  1. Explain that the enterprise security model is divided into sections for WPA and WPA2. Mention that it also can be used in conjunction with additional security tools to further protect the network.

WPA Enterprise Security

  1. Provide a brief overview of WPA enterprise security. Explain that the authentication used is IEEE 802.1x and the encryption is TKIP.

IEEE 802.1x Authentication

  1. Discuss the concept of port-based authentication, and explain how this mechanism is utilized in 802.1x.
  1. Describe the three elements that a network supporting the 802.1x standard should possess. Illustrate with Figure 9-8. Explain that an authenticator can be an access point on a wireless network or a switch on a wired network. Stress that this model minimizes the risk of attack on the authentication server.
  1. Explain that a supplicant is software installed on the client to implement the IEEE 802.1x protocol framework. Mention the ways that this software may be distributed.

Teaching

Tip / All Wi-Fi certified devices are confirmed to work with Microsoft, Funk Software, or a vendor-supplied WPA or WPA2-enabled supplicant. However, a device does not have to possess the supplicant software to be certified.
  1. Explain that the authentication server stores names and credentials of authorized users. Mention that a RADIUS server is typically used, and describe how a RADIUS server operates. Also mention the advantages of using a RADIUS server.

Teaching

Tip / Instead of setting individual permissions for each user or group, permissions can be assigned to a position or “role” and then users are linked to that role, inheriting all of the permissions for the role.

Teaching

Tip / Besides a RADIUS server, wireless user credentials may also be stored in an external database, such as Structured Query Language (SQL), Lightweight Directory Access Protocol (LDAP), or Microsoft Active Directory, that can be accessed by the authentication server. The configuration is not determined by standards and can be specific to each implementation.
  1. Explain that the 802.1x protocol is based on the Extensible Authentication Protocol. Using the list on pages 310 and 311 of the text as a guide, discuss the variations of EAP that can be used with 802.1x. Explain that each variation maps to different types of user logons, credentials, and databases used in authentication.

Teaching