Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
SSID
(Service
Set
Identifier)
List of
SSIDs
War driving
Theft of services
Security in Wireless
WEP: Wired Equivalent Privacy (802.11b)
WEP was an early attempt to secure wireless
networks, and better security is now available because
it is an easily broken security algorithm
WEP is
open: just supply correct SSID to connect
Uses a shared key
Without WEP, no confidentiality, integrity, or
authentication of user data
The cipher used in WEP is RC4, key length ranges
from 40 up to 128 bits
WEP Operation
IV
checksum
RC4
key
IV
encrypted packet
The IV is often a counter that starts at zero
Hence, rebooting causes IV reuse
Also, there are only 16 million possible IVs, so
after intercepting enough packets, there are sure to
be repeats
Reuse of the same IV produces identical key
streams
Security in Wireless
WEP: Security Issues
Security in Wireless
Improvement (to WEP) #1: 802.1x
Security in Wireless
Improvement #2: WPA (Wi-Fi Protected Access)
Advantages
stronger, centralized user authentication
automatically negotiated per-user keys with frequent key
updates
stronger encryption algorithm choices
Security in Wireless
Features of TKIP (Temporal Key Integrity Protocol)
Extension of IV to 48 bits
Security in Wireless
Improvement #3: 802.11i (WPA2)
Security in Wireless
Recommendations for WLAN Security
Hide SSID
2.
3.
4.
5.
6.
7.
8.
9.