Outline
  • Wireless Networks and Security
  • Attacking and defending WEP
  • Attacking and defending WPA/WPA2
  • Common defense techniques
  • Summary
          Wireless Networks and Security
      1) What are Wireless Networks?
      •  A wireless network is the way that a computer is connected 
         to a router without a physical link.
      2) Why do we need?
      •  Facilitates mobility – You can use lengthy wires instead, but 
         someone might trip over them.
      3) Why security?
      •  Attacker may hack a victim’s personal computer and steal 
         private data or may perform some illegal activities or crimes 
         using the victim’s machine and ID. Also there's a possibility to 
         read  wirelessly transferred data (by using sniffers)
         Wireless Networks and Security
     Three security approaches:
         1.  WEP (Wired Equivalent Privacy)
         2.  WPA (Wi-Fi Protected Access)
         3.  WPA2 (Wi-Fi Protected Access, Version 2)
     WPA also has two generations named Enterprise and Personal.
          WEP (Wired Equivalent Privacy)
      •  Encryption:
          – 40 / 64 bits
          – 104 / 128 bits  
          24 bits are used for IV (Initialization vector)
      •  Passphrase: 
          – Key 1-4 
          – Each WEP key can consist of the letters "A" through "F" and the 
             numbers "0" through "9". It should be 10 hex or 5 ASCII characters in 
             length for 40/64-bit encryption and 26 hex or 13 ASCII characters in 
             length for 104/128-bit encryption.
                     WPA/WPA2 Personal
      •  Encryption:
          – TKIP 
          – AES
      •  Pre-Shared Key:
          – A key of 8-63 characters
      •  Key Renewal:
          – You can choose a Key Renewal period, which instructs the device how 
             often it should change encryption keys. The default is 3600 seconds