Chapter 11 - 02 - Understand Wireless Network Encryption Mechanisms - 01_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

Module Flow

Discuss Different Types
Wireless Network
Understand Wireless
of Wireless Network
Encryption Mechanisms
Authentication Methods

Discuss and Implement
Understand Wireless
Wireless Network
Network Fundamentals
Security Measures

Understand Wireless Network Encryption Mechanisms
The objective of this section is to explain the various encryption mechanisms used in wireless
networks, such as WEP encryption, wireless fidelity (Wi-Fi) protected access (WPA) Encryption,
Wi-Fi protected access 2 (WPA2) encryption, Wi-Fi protected access 3 (WPA3) encryption. This
section also describes the limitations of these encryption mechanisms.

Module 11 Page 1427 Certified Cybersecurity Technician Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

Types of Wireless Encryption
IEEE amendment that specifies security mechanisms
An |IEEE
for 802.11 wireless networks

An encryption algorithm for IEEE 802.11 wireless networks

Supports multiple authentication methods, such as token
cards, Kerberos, and certificates

A proprietary version of EAP developed by Cisco

An advanced wireless encryption protocol using TKIP and
MIC to provide stronger encryption and authentication

A security protocol used in WPA as a replacement for WEP

- v
v Copyright ©© by EC L All
All Rights Reserved.
Reserved. Reproduction
Reproduction Is Strictly
Strictly Prohibited. J

Types of Wireless Encryption (Cont’d)
An upgrade to WPA using AES and CCMP for wireless data encryption

A symmetric-key encryption, used in WPA2 as a replacement for TKIP

An encryption protocol used in WPA2 for stronger encryption and
authentication

Integrates EAP standards with WPA2 encryption

A centralized authentication and authorization management
system
system

A protocol that encapsulates the EAP within an encrypted and
authenticated transport layer security (TLS) tunnel

A third-generation Wi-Fi security protocol that uses GCMP-256 for
encryption and HMAC-SHA-384 for authentication

Copyright © by EC
Copyright © by E ILL AllAll Rights
Rights Reserved. Reproduction
Reserved. Reproduction ss Strictly
Strictly Prohibited.
Prohibited.

Types of Wireless Encryption
There are several types of wireless encryption algorithms that can secure a wireless network.
Each wireless encryption algorithm has advantages and disadvantages.
= 802.11i: It is an IEEE amendment that specifies security mechanisms for 802.11 wireless
networks.

Module 11 Page 1428 Certified Cybersecurity Technician Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

= WEP: WEP is an encryption algorithm for IEEE 802.11 wireless networks. It is an old
wireless security standard and can be cracked easily.

= EAP: The Extensible Authentication Protocol (EAP) supports multiple authentication
methods, such as token cards, Kerberos, and certificates.

= LEAP: Lightweight EAP (LEAP) is a proprietary version of EAP developed by Cisco.
= WHPA: It is an advanced wireless encryption protocol using TKIP and Message Integrity
Check (MIC) to provide strong encryption and authentication. It uses a 48-bit
initialization vector (1V), 32-bit cyclic redundancy check (CRC), and TKIP encryption for
wireless security.
= TKIP: It is a security protocol used in WPA as a replacement for WEP.
= WPA2: It is an upgrade to WPA using AES and the Counter Mode Cipher Block Chaining
Message Authentication Code Protocol (CCMP) for wireless data encryption.
= AES: It is a symmetric-key encryption used in WPA2 as a replacement for TKIP.
= CCMP: It is an encryption protocol used in WPA2 for strong encryption and
authentication.
= WPA2 Enterprise: It integrates EAP standards with WPA2 encryption.

= RADIUS: It is a centralized authentication and authorization management system.
= PEAP: It is a protocol that encapsulates the EAP within an encrypted and authenticated
Transport Layer Security (TLS) tunnel.
= WHPA3: It is a third-generation Wi-Fi security protocol that provides new features for
personal and enterprise usage. It uses Galois/Counter Mode-256 (GCMP-256) for
encryption and the 384-bit hash message authentication code with the Secure Hash
Algorithm (HMAC-SHA-384) for authentication.

Module 11 Page 1429 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

Wired Equivalent Privacy (WEP) Encryption
WEP is a security protocol defined by the 802.11b standard; it was designed to provide a wireless LAN with a level
of i comparable to that of a wired LAN

WEP it initiali ) to form stream cipher RC4 for confidentiality and the CRC-32 checksum
for integrity of wireless transmissions

It has significant vulnerabilities and design flaws and

v
WEP Key Store prisnsressdireeseiieeieiennieenen,.
(K1, K2, K3, K4) [ I : CRC-32
: Data Icv : Checksum
T —— A :
i H

’P How WEP Works : XOR Agorithm €3 :
et B T — N :
[ WEP Key I v ] '>r Keystream [ v IPAD KID Ciphertext J.,....... : 3 aenene AL. ;
$ i WEP-encrypted Packet (Frame body of
MAC Frame)

Wired Equivalent Privacy (WEP) Encryption
WEP was an early attempt to protect wireless networks from security breaches, but as
technology improved, it became evident that information encrypted with WEP is vulnerable to
attack. We discuss WEP in detail here.
What is WEP Encryption?

WEP is a component of the IEEE 802.11 WLAN standards. Its primary purpose is to ensure data
confidentiality on wireless networks at a level equivalent to that of wired LANs, which can use
physical security to stop unauthorized access to a network.
In @ WLAN, a user or an attacker can access the network without physically connecting to the
LAN. Therefore, WEP utilizes an encryption mechanism at the data link layer for minimizing
unauthorized access to the WLAN. This is accomplished by encrypting data with the symmetric
Rivest Cipher 4 (RC4) encryption algorithm, which is a cryptographic mechanism used to defend
against threats.

Role of WEP in Wireless Communication

= WEP protects against eavesdropping on wireless communications.

= |t attempts to prevent unauthorized access to a wireless network.

= |t depends on a secret key shared by a mobile station and an AP. This key encrypts
packets before transmission. Performing an integrity check ensures that packets are not
altered during transmission. 802.11 WEP encrypts only the data between network
clients.

Module 11 Page 1430 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

Main Advantages of WEP
= Confidentiality: It prevents link-layer eavesdropping.
= Access Control: It determines who may access data.
= Data Integrity: It protects the change of data by a third party.
= Efficiency
Key Points

WEP was developed without any academic or public review. In particular, it was not reviewed
by cryptologists during development. Therefore, it has significant vulnerabilities and design
flaws.
WEP is a stream cipher that uses RC4 to produce a stream of bytes that are XORed with
plaintext. The length of the WEP and secret key are as follows:

= 64-bit WEP uses a 40-bit key
= 128-bit WEP uses a 104-bit key

= 256-bit WEP uses 232-bit key

Flaws of WEP
The following basic flaws undermine WEP’s ability to protect against a serious attack.

* No defined method for encryption key distribution:
o Pre-shared keys (PSKs) are set once at installation and are rarely (if ever) changed.
o Itis easy to recover the number of plaintext messages encrypted with the same key.
= RC4 was designed to be used in a more randomized environment than that utilized by
WEP:

o Asthe PSK is rarely changed, the same key is used repeatedly.

o An attacker monitors the traffic and finds different ways to work with the plaintext
message.
o With knowledge of the ciphertext and plaintext, an attacker can compute the key.

= Attackers analyze the traffic from passive data captures and crack WEP keys with the
help of tools such as AirSnort and WEPCrack.
= Key scheduling algorithms are also vulnerable to attack.
How WEP Works

= (CRC-32 checksum is used to calculate a 32-bit integrity check value (ICV) for the data,
which, in turn, is added to the data frame.

= A 24-bit arbitrary number known as the initialization vector (IV) is added to the WEP
key; the WEP key and IV are together called the WEP seed.

Module 11 Page 1431 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Wireless Network Security

= The WEP seed is used as the input to the RC4 algorithm to generate a keystream, which
is bit-wise XORed with a combination of the data and ICV to produce the encrypted
data.

= The IV field (IV + PAD + KID) is added to the ciphertext to generate a MAC frame.
p. RN Y
WEP Key Store RSLIIIITINS. TT YT YT TT TP TP rras.

(K1, K2, K3, K4) : CRC-32
\_ ) : Data icv. Checksum
S >IEE 2 e $ -

§ : WEP Seed XOR Algorithm ?...................................................................... L L TTTPPPPPPPRPT PO

[ WEP Key I v ] IILELILLED > { Keystream [ I PAD I KID I Ciphertext ]

: WEP-encrvpted Packet (Frame body of
N e e En s e NI esesasssNNrseees s aNs NsssssssseNNRIIRRERRRRRIREES < MAC Frame)

Figure 11.7: Operational flow of WEP

Module 11 Page 1432 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.