Do you use a wireless computer network at home or at the employment office for the exchange of important information or with specific privacy?
Do you ever think that your wireless network may be infiltrated, and that some passers-by in the street next to it could be carried out or pick up the information transmitted through them.
Beware that you are using a wireless computer network without knowing the level of protection necessary and make sure that your outfit has the protection required to reduce penetration.
A wired network a closed system and physical barrier natural (physical perimeter) is a defensive barrier first address the breach, but the networks, the wireless, and provided users with the freedom of movement based on radio waves RF channel transmitted in the air, overturned this barrier of defense available in the networks wired. It was therefore necessary to find alternative security to him.
Will shed some light through this article on some of the phenomena of penetration of computer networks and wireless Suiat protection provided by different protocols of these networks.
Phenomena breakthroughs for wireless networks
Did not take the subject of security of wireless local area networks, called Wi-Fi b straight enough time researchers at the design, has emerged as the risks and consequences spread far wider. Because of a lack of awareness of the problems of security of information systems in most network users, it is not over Imknastgl many people the fact that there are thousands of local wireless networks in use without the level of protection required, and were active in the entry. Appeared in recent hobby called Wardriving, which means driving a car, research on both sides of the road networks, Wi-Fi wireless unprotected, and penetration by using the laptop (laptop) computer PMP Palm Handheld computer. Expanded this hobby and now has hundreds of thousands of pioneers, and many hundreds of web pages devoted to the explanation of this hobby and to provide guidance for practitioners, and even innovation Ootaadil Wi-Fi devices in order to improve range and capacity to capture the remote networks and a weak signal.
Figure (1) A car belonging to one of VAN practitioners hobby Wardriving antenna contains high capture (high-gain antenna) can pick up local wireless networks from a distance of up to a few miles from the center of the web
Hackers have benefited from the services of GPS satellites in the search for places of this type of network, and set the coordinates of the areas you see the networks, Wi-Fi is not protected on the map electronically.
Figure (2) a person engaged in a hobby Wardriving with the help of satellites for navigation GPS,
Concept of security in computer networks
Researchers insist that information security is taken into account the security requirements of a system through the stages of analysis and design, as is later added to the system after the completion of the design is fraught with risks, and may lead to many of the gaps that may not be revealed at a later stage.
This is what is happening, unfortunately, very often (especially in systems and communications protocols), so, after the expire designers work, it raises one question: But what happens when the bad guys to ...?, then called security experts and ask them design a security system.
One of the most fundamental principles of security concepts is: Mark Dvaatk in several layers, if the failed one of the classes, you'll have another layer save your life. Is not necessary that these layers are physical, but may be a logical layers, Ouatradip to mitigate the attack and prevent some of the attackers access.
The main objectives of security systems in communications applications to provide three services:
1 - Authentication or authentication (Authentication): which is concerned with verifying the validity of the participation in the network
2 - Confidentiality / Privacy (Confidentiality / Privacy) and are intended to set the rules and regulations through which confidential information and protect it from theft or accessed by unauthorized to do so.
3 - Integration (Integrity): includes procedures and systems that provide not allowed to change or manipulate the content of information, both during the exchange over the network or stored.
Some security systems focus on providing solutions to the problems of the previous three, while the others have to solve one Owatntin of these problems and leave the rest of the tasks to other systems. X
== == WEP security protocol
Researchers at the Institute realized the fragility of IEEE wireless networks against security risks, so by this body design Protocol for the Protection launched by the name of privacy equivalent of wired networks (Wired Equivalent Privacy), who is known to as WEP.
The main objectives of the WEP protocol to provide the properties of the three basic security services, namely: Authentication, privacy and integrity of information.
WEP protocol was adopted in the structure of the encryption algorithm called RC4 to encrypt data and to achieve privacy. RC4 algorithm can be likened to a black mailbox ETA take one of the data input, and produces a corresponding ETA way different from the input bytes, and called this type of encryption encryption flux (stream cipher). So Ibdoualemkrj like a series of random characters is difficult to know the original text. The process of decoding sequence is up to the opposite of previous operations, so this algorithm is called symmetric encryption algorithm (symmetric algorithm). Figure (3) outline the work of this algorithm
(Figure 3) shows Altdfiqip RC4 encryption algorithm
Adopted a protocol WEP application RC4 algorithm to Chwirkl expelled from the information unit, which treats each parcel that a new influx of data, and this, in the event of loss of the expulsion remain able to decrypt the remainder of the message, also called for parallel self (self synchronization).
Using a common algorithm RC4 key length equal to 40 bits or 104 bits.
There are two methods for the use of keys in WEP:
1. Use all the equipment and station access a single set of keys is called the default keys. When you start use are loaded default key in the hardware, and programming the key selected in the station access, and highlights the problem when it decides to some users change the default key, and because if there is a change key first in the station access will disconnects all participants, but if you send a message to the participants that change the default key to another key, there is no guarantee that all participants has been received a message of change, simply because they may not be Baaaly network connection time.
2. Each device uses a special key do not know, however, this device and station access, and know these keys the keys to the corresponding Key mapping key. The basic idea here is to give each user key value of its own.
But the problem appears when you send a force station broadcast message to all broadcast. It has been possible to find a solution to this Protocol using a key shared by default, this is being loaded when the two keys for each user.
But the process has become more difficult for the station force, as it now contains a list of hundreds of keys. As he reached the expulsion of an encrypted have to look in the list of the user's private key to decrypt the package, in addition to this list needs to a large size in memory. Each station into force it must contain a copy of this list, so the administration has been more difficult, especially in large systems.
Part of God all the best for those who participated in this topic useful and with a very gallant greetings evil_eye
[Edit] weaknesses in the WEP protocol to provide protection
WEP protocol when it began to spread and expansion of use, there have been many articles and papers to prove the weakness of techniques used, in terms of providing protection for wireless networks. And discovered several serious security gaps in WEP. We can classify the problems it faces WEP protocol to:
• Non-coverage of preventive measures
* Problems and gaps in the design of the Protocol
Researchers were able to identify three key points in the design of WEP, and these weaknesses are deposited in the following functions:
1. The authentication process: weak and can be easily overcome absolute
2. Encryption: the use is not suitable for encryption keys and method of exchange, where it can easily infect.
3. Integration: weak and should be reconsidered in the technologies used, as the approved design has failed to prevent an attacker from modifying messages.
For example, we will present the design problems in the authentication process in the protocol WEP.
There are basic requirements for the process of authentication in wireless networks, namely:
1 - must be the keys used for authentication keys are independent of other processes (encoding).
2 - should be the authentication process a two-sided
3 - there is a way to preserve the identity of the person trusted to verify the validity of the authentication process in all actions and subsequent transmission
4 - prevention of plagiarism and is not possible to use the identity of the person trusted by the hacker.
But the WEP protocol fails to achieve these requirements and for the following reasons:
* Key used in the authentication process Honevs WEP key used in the encryption process, for this did not achieve the first item of documentation requirements.
* The documentation process in the WEP-sided, ie, running from one side, through which verify your access to the network, known as the Access Point the validity of the willing in communications Mobile device. And then the user can not verify the reliability of the station access any reliable wireless network, allowing the other party an emerging access devices, and get through the Mqatih protection and login information.
Must be conducted continuously throughout the documentation process for communication, it is not enough to do this process at the beginning of contact only, and this is not an investigator in the protocol WEP.
We can deduce from the above that WEP protocol fails in practice in achieving the security requirements for wireless networks, in addition to that it ignored some basic security requirements. This is why the WEP protocol is not secure in practice, knowing that most wireless networks are currently using, and here lies the danger of using wireless networks.
The following table summarizes our findings in the study.
Do you actually achieved WEP
Do you claim to achieve WEP
Security requirements
No
Yes (one side)
1. Documentation
No
No
2. Access control
No
No
3. Prevent the re-transmission
No
Yes
4. Prevent modification messages
No
Yes
5. Privacy of messages
No
No
6. Protection of key
Table (1) the results of design problems in the WEP protocol
Praise Allah is the best on the subject is very important and useful
Greetings evil_eye
[Edit] the fall of the WEP protocol finally
Although a large number of gaps and design errors in a protocol WEP, it remained retain some water and face that the Protocol provides a simple protection of a good user at home Ooualemketb small, since most of the attacks that target this protocol requires the attacker a great experience and patience to achieve its objectives.
But the greatest catastrophe that overthrew the WEP protocol is a study of the theory of the key scheduling algorithm (Key scheduling algorithm) or RC4 KSA special algorithm the researchers asked Adi Shamir and Istik Mantin and Scott Fluhrer at the end of 2001 [Fluhrer et al, 2001]. Researchers from this study (which have been invited to as FMS) there are weaknesses in the algorithm to schedule key for algorithm RC4 and have shown its impact on the analytical study of the encryption (cryptanalysis) It was discovered that this vulnerability allows an attacker in certain circumstances, the conclusion some of the bytes of the secret key ( secret key) used to generate the key stream, through analysis of the first byte of the key flux.
If the protocol WEP uses the RC4 algorithm in all its operations, the researchers noted FMS to the possibility of applying this attack in theory WEP and finding the secret key shared (shared key) for 802.11 networks protected by WEP by an attack potential requires only knowledge of the first byte of troubleshooting RC4 algorithm . About a week after publishing an article FMS, enable other researchers [Stubblefield et at, 2001] from the application of attack FMS in practice and were able to conclude the secret key with length 128-bit to one of 802.11 networks protected by WEP, thereby turning the nightmare into reality, and fell the last bastions of WEP . Is able to attackers from knowing the secret key common to 802.11 networks protected by WEP (through the attack potential does not require any special equipment), a breakthrough in full, as it gives them freedom of access to the network after you do the process of authentication (authentication) users shared key, and allows them to break the encrypt all parcels on this network, in addition to the possibility of sending parcels to the legitimacy of this network.
This algorithm need from 4 to 6 million package to retrieve the key length of 104 bits only.
[Edit] development of wireless network security systems
After the appearance of security vulnerabilities in protocol WEP, required companies a quick solution to meet the requirements of customers, and does not cause substantial changes in network infrastructure, for this group worked from the IEEE to develop security solutions that take into account the capabilities of equipment available, and this led to construction of the so-called TKIP ( Temporal Key Integrity Protocol).
Companies can not wait for adoption of the protocol 802.11i, and this group WI-FI alliance to adopt a set of characteristics and issued a protocol called Wireless Protected Access Bertokol WPA (Wireless Protected Access), as amended, which was considered part of the highly protected networks (RSN) Robust Security Network
WPA == == Protocol
WPA protocol built on a set of properties that 802.11i gaps in the WEP protocol, including:
- Implementation of the protocol 802.1x EAP (Extensible Authentication Protocol) in order to ensure two-way authentication.
- Support the application protocol encryption TKIP Temporal Key Integrity Protocol on networks that use RC4.
- Support the integration of messages (not to tamper with messages in transition) using MMIC or (Michael Message Integrity Check)
[Edit] controversy about WPA
Focus the debate in the level of protection provided by the WPA protocol through the following points:
* RC4 is used in the maintenance of confidentiality in the WPA, this means that the vulnerabilities still exist, in addition to that the WPA has not eliminated the threat from the key detection algorithm, but increased the complexity of this process.
WPA is the cause of low performance because of the complex calculations and protocols for protection.
* Allow the handshake method used in WPA can be used to guess the password and access to the shared network
• If used in the network Protocols WPA and WEP - and this is unlikely - low level of protection in the network to the level of protection in WEP.
For the reasons stated above, not many companies adopt WPA protocol pending the resolution of an integrated and comprehensive guarantee security.
802.11i == == Protocol
Formally adopted as a criterion in the June 24, 2004, and is seen as an alternative to WEP and the final solution to security problems that the latter was suffering.
WPA is a standard part of it, but the algorithm uses the global 802.11i encryption standard AES, and calling him WI-FI alliance name WPA2
[Edit] Properties 802.11i Protocol
Defines a new type of network called the network protected well, or (RSN, Robust Security Network), and this type resemble the networks based on the WEP, but high levels of protection and fast.
To join the network of type RSN must have a wireless network card (WNIC) a number of features and capabilities (encryption algorithms, authentication methods) are not available in the equipment compatible with WEP.
To support the equipment that use WEP Protocol defines a kind of networks called the argument b (TSN Transactional Security Network) allows both systems work together (WEP, RSN)
Security in the RSN (WPA and 802.11i)
We will talk about security in the RSN and WPA (WPA is part of the RSN).
WEP has achieved its objectives as we have seen previously by a package one package, and any modification in the authentication method Owalchwir it requires any change in full for this package, any change to the Protocol fully!!
Of course, this switch is not quite logical, given that WEP had achieved widespread, this has 802.11i in their definition and design for the RSN avoid this error, as the divided Security into three layers, thus boosting the scalability (scalability) and management of the network and these layers are:
- Layer Wireless LAN Wireless LAN Layer: is responsible for encryption / decryption, display capabilities (advertising capabilities) and the acceptance of applications wishing to access to the network.
- Layer access control Access Control layer: manages the authentication and key generation permittivity, and has a role in generating temporary keys.
- Layer authentication Authentication layer.
An exchange of letters in the 802.1x authentication
The exchange of authentication messages by the protocol EAP Extensible Authentication Protocol, designed to receive messages from the transport layer. The IEEE 802.1x definition of a new type of this Protocol, or EAP Over LAN EAPOL NewYork-Presbyterian/Columbia Documentation convey messages between the student and documented and server authentication.
Can be compared to WPA and 802.11i protocols in terms of authentication and encryption algorithms, and the following table shows the comparison.
Compared in terms of
802.11i
WPA
Documentation in the upper layers
(Upper layer authentication)
Not recommend using any form, leaving complete freedom to choose one of the following:
EAP - LEAP, EAP - MDS
EAP - PEAP
EAP - TLS, EAP - TTLS
EAP - SIM
Advised using a form
EAP - TLS
Authentication server
Insist on the use of RADIUS Server
Tolerate PSK Pre-Shared Key Oubmkhaddm RADIUS
Encryption algorithm
Uses AES and TKIP
TKIP uses
[Edit] Summary:
Continues to research information security in wireless networks in the development stages, so we must attention to the protocols used in the equipment that make up our network computer, wireless, move away as possible from the protocol WAP due to the weaknesses demonstrated in practice and breakthroughs that have held it, and must have the Technical Officer in the full knowledge of wireless networks in the methods of proper configuration of the network and commitment to modern standards and see what's new in this area to avoid the risk of intrusion.
No comments:
Post a Comment