An Ninh Trong WLAN

I HC THI NGUYN KHOA CNG NGH THNG TIN
V ANH TUN
GII PHP NNG CAO AN NINH THNG TIN TRONG MNG LAN KHNG DY CHUN IEEE 802.11i
LUN VN THC S KHOA HC MY TNH
Thi Nguyn - 2009

S ha bi Trung tm Hc liu i hc Thi Nguyn http://www.lrc-tnu.edu.vn
I HC THI NGUYN KHOA CNG NGH THNG TIN
V ANH TUN
GII PHP NNG CAO AN NINH THNG TIN TRONG MNG LAN KHNG DY CHUN IEEE 802.11i
Nghnh: Khoa hc my tnh M s: 60.48.01
LUN VN THC S
Ngi hng dn khoa hc: PGS.TS NGUYN VN TAM
Thi Nguyn - 2009
S ha bi Trung tm Hc liu i hc Thi Nguyn
http://www.lrc-tnu.edu.vn
iv
DANH MC CC T, K HIU VIT TT

AAA AES AP BSS CA CCK CDMA CMSA/CD CRC CSMA/CA CTS DES DFS DHCP DOS DRDOS EAP EAPOL EAPOW ESS FHSS GPS ICMP ICV IEEE IPSec ISDN ISP IV Authentication Authorization Audit Advanced Encryption Standard Access point Basic Service Set Certificate Authority Complimentary Code Keying Code Division Multiple Access Carrier Sense Multiple Access with Collision Detection Cyclic redundancy check Carrier Sense Multiple Access with Collision Avoidance Clear To Send Data Encryption Standard Dynamic Frequency Selection Dynamic Host Configuration Protocol Denial of service Distributed Reflection DOS Extensible Authentication Protocol EAP Over LAN EAP Over Wireless Extended Service Set Frequency Hopping Spread Spectrum Global Positioning System Internet Control Message Protocol Intergrity Check Value Institute of Electrical and Electronics Engineers Internet Protocol Security Integrated Services Digital Network Internet Service Provider Initialization Vector
http://www.lrc -tnu.edu.vn
v LAN LLC MAC MAN MIC OFDM OSI PAN PDA PEAP PKI QoS RADIUS RFC RTS SSID SSL SWAP TCP TKIP TLS TPC UDP UNII VLAN WAN WEP WLAN WPA Local Area Network Logical Link Control Media Access Control Metropolitan Area Network Message Integrity Check Orthogonal Frequency Division Open Systems Interconnection Person Area Network Personal Digital Assistant Protected EAP Protocol Public Key Infrastructure Quality of Service Remote Access Dial-In User Service Request For Comment Request To Send Service Set ID Secure Sockets Layer Standard Wireless Access Protocol Transmission Control Protocol Temporal Key Integrity Protocol Transport Layer Security Transmission Power Control User Datagram Protocol Unlicensed National Information Infrastructure Virtual LAN Wide Area Network Wired Equivalent Protocol Wireless LAN Wi-fi Protected Access
MC LC
Trang ph ba Li cam oan .......................................................................................................... Mc lc .................................................................................................................. i Danh mc cc k hiu, cc ch vit tt ................................................................... iv Danh mc cc hnh (hnh v, nh chp, th...) .................................................... vi M U ................................................................................................................ 1 1. Nn tng v mc ch ......................................................................................... 1 2. Cu trc ca lun vn .......................................................................................... 2
CHNG 1: TNG QUAN V MNG LAN KHNG DY CHUN IEEE 802.11 ........................................................................... 3
1.1 Gii thiu .......................................................................................................... 3 1.1.1 u im ca mng my tnh khng dy ..................................................... 3 1.1.2 Hot ng ca mng my tnh khng dy .................................................. 4 1.1.3 Cc m hnh ca mng my tnh khng dy c bn.................................... 5 1.2 Kin trc mng LAN chun IEEE 802.11 ......................................................... 6 1.2.1 Tng vt l mng LAN khng dy ............................................................. 6 1.2.2 Tng iu khin truy nhp CSMA/CA ....................................................... 9 1.3 Cc chun ca 802.11 ....................................................................................... 10 1.3.1 Nhm lp vt l PHY ................................................................................ 11 1.3.2 Nhm lp lin kt d liu MAC ................................................................. 12 1.4. Cc kin trc c bn ca chun 802.11 ............................................................ 13 1.4.1 Trm thu pht - STA .................................................................................. 13 1.4.2 im truy cp - AP .................................................................................... 14 1.4.3 Trm phc v c bn - BSS ....................................................................... 14 1.4.4 BSS c lp - IBSS .................................................................................... 15 1.4.5 H thng phn tn - DS.............................................................................. 15 1.4.6 H thng phc v m rng - ESS ............................................................... 15 1.4.7 M hnh thc t.......................................................................................... 16
CHNG 2: AN NINH MNG LAN KHNG DY ................................ 17

2.1 Cc kiu tn cng i vi mng khng dy ....................................................... 17 2.1.1 Tn cng b ng - Passive attacks ............................................................. 17 2.1.2 Tn cng ch ng - Active attacks ........................................................... 19
ii 2.1.2.1 Mo danh, truy cp tri php............................................................... 20 2.1.2.2 Tn cng t chi dch v - DOS.......................................................... 21 2.1.2.3 Tn cng cng ot iu khin v sa i thng tin - Hijacking and Modification ...................................................................................... 23 2.1.2.4 D mt khu bng t in - Dictionary Attack .................................... 25 2.1.3 Tn cng kiu chn p - Jamming attacks .................................................. 26 2.1.4 Tn cng theo kiu thu ht - Man in the middle attacks ............................. 26 2.2 An ninh mng my tnh khng dy.................................................................... 27 2.2.1 Gii php an ninh WEP.............................................................................. 28 2.2.2.1 Phng thc chng thc ..................................................................... 28 2.2.2.2 Phng thc m ha ........................................................................... 29 2.2.2.3 Cc u, nhc im ca WEP ............................................................ 32 2.2.2 Gii php an ninh WPA, WPA2 ................................................................. 34 2.2.1.1 WPA - Wi-fi Protected Access............................................................ 34 2.2.2.2 WPA2 - Wi-fi Protected Access 2 ....................................................... 35
CHNG 3: AN NINH MNG LAN KHNG DY CHUN 802.11i.... 36

3.1 Tng quan v chun IEEE 802.11i .................................................................... 36 3.1.1 TKIP ............................................................................................................................. 36 3.1.1.1 Khc bit gia TKIP v WEP ............................................................. 36 3.1.1.2 Vc t khi to ................................................................................... 39 3.1.1.3 Qu trnh trn kha ............................................................................. 39 3.1.1.4 M kim tra ton vn Michael ............................................................ 40 3.1.2 CCMP........................................................................................................................... 41 3.1.2.1 Ch m kt hp CBC-MAC ......................................................... 41 3.1.2.2 Qu tnh hot ng ca CCMP ........................................................... 43 3.1.3 802.1x ........................................................................................................................... 37 3.1.3.1 Nguyn l RADIUS Server................................................................. 45 3.1.3.2 Giao thc chng thc m rng EAP ................................................... 47 3.2 Thut ton m ho s dng trong chun IEEE 802.11i ...................................... 57 3.2.1 Gii thiu...................................................................................................................... 57 3.2.2 M t thut ton ........................................................................................................... 57 3.2.3 Ti u ha .................................................................................................................... 61 3.2.4 Kh nng an ton ......................................................................................................... 61 3.2.5 Kt lun ........................................................................................................................ 61
iii 3.3 Trin khai an ninh mng LAN khng dy trn nn chun 802.11i ..................... 63 3.3.1 M t bi ton .............................................................................................................. 63 3.3.2 Thit k s mng .................................................................................................... 63 3.3.3. Cu hnh bo mt ........................................................................................................ 63 3.3.4 Th nghim an ninh. ................................................................................................... 66 KT LUN ........................................................................................................... 67 TI LIU THAM KHO....................................................................................... 68
http://www.lrc-tnu.edu.vn
-1-
M U
1. Nn tng v mc ch
Khi thit k cc yu cu k thut cho mng khng dy, chun 802.11 ca IEEE c tnh n vn bo mt d liu ng truyn qua phng thc m ha. Trong , phng thc WEP c a s cc nh sn xut thit b khng dy h tr nh l mt phng thc mc nh bo mt khng dy. Tuy nhin, nhng pht hin gn y v im yu ca chun 802.11 WEP cho thy WEP khng phi l mt c ch bo mt ton din cho mng WLAN. Gii php khc c Wi-Fi Alliance a ra gi l Wi-Fi Protected Access (WPA). Mt trong nhng ci tin quan trng nht ca WPA l s dng hm thay i kho TKIP (Temporal Key Integrity Protocol). WPA cng s dng thut ton RC4 nh WEP, nhng m ho y 128 bit. V mt c im khc l WP A thay i kho cho mi gi tin nn hacker khng bao gi thu thp d liu mu tm ra mt khu. Tuy nhin, WPA cng khng h tr cc thit b cm tay v my qut m vch. iu ny cng c ngha rng k thut TKIP ca WPA ch l gii php tm thi, cha cung cp mt phng thc bo mt cao nht. Mt gii php v lu di l s dng 802.11i tng ng vi WPA2. WPA2 l th h th hai ca WPA, n c th tng thch ngc vi cc sn phm h tr WPA. Kiu m ho bo mt WPA2 s dng thut ton m ho mnh m c gi l Chun m ho nng cao AES (Advanced Encryption Standard). AES s dng thut ton m ho i xng theo khi Rijndael, s dng khi m ho 128 bit, v 192 bit hoc 256 bit. S chuyn i sang 802.11i v m ho AES c xem nh l bo mt tt hn nhiu so vi WEP 128 bit hoc 168 bit DES (Digital Encryption Standard). Mc ch ca ti l tm hiu chung v an ninh chun IEEE 802.11, Gii php s dng chun mt m AES bo m tnh mt v tnh ton vn khung tin trong WLAN.
-2-
2. Cu trc ca lun vn
Ngoi phn m u v kt lun, ni dung ca lun vn ny c b cc nh sau: Chng 1: Trnh by tng quan v mng LAN khng dy chun 802.11i. Chng 2: Trnh by v an ninh mng LAN khng dy, cc kiu tn cng v an ninh i vi mng LAN khng dy. Chng 3: An ninh mng LAN khng dy chun 802.11i, trnh by thut ton m ha s dng trong chun IEEE 802.11i v trin khai. Cui cng l ti liu tham kho.
-3-
CHNG I: TNG QUAN V MNG LAN KHNG DY CHUN IEEE 802.11

1.1 Gii thiu
Thut ng mng my tnh khng dy ni n cng ngh cho php hai hay nhiu my tnh giao tip vi nhau dng nhng giao thc mng chun nhng khng cn dy cp mng. N l mt h thng mng d liu linh hot c thc hin nh mt s m rng hoc mt s la chn mi cho mng my tnh hu tuyn ( hay cn gi l mng c dy). Cc mng my tnh khng dy s dng cc sng in t khng gian (sng v tuyn hoc sng nh sng) thu, pht d liu qua khng kh, gim thiu nhu cu v kt ni bng dy. V vy, cc mng my tnh khng dy kt h p lin kt d liu vi tnh di ng ca ngi s dng. Cng ngh ny bt ngun t mt s chun cng nghip nh l IEEE 802.11 to ra mt s cc gii php khng dy c tnh kh thi trong kinh doanh, cng ngh ch to, cc trng i hc khi m mng hu tuyn l khng th thc hin c. Ngy nay, cc mng my tnh khng dy cng tr nn quen thuc hn, c cng nhn nh mt s la chn kt ni a nng cho mt phm vi ln cc khch hng kinh doanh.
1.1.1 u im ca mng my tnh khng dy

Mng my tnh khng dy ang nhanh chng tr thnh mt mng ct li trong cc mng my tnh v ang pht trin vt tri. Vi cng ngh ny, nhng ngi s dng c th truy cp thng tin dng chung m khng phi tm kim ch ni dy mng, chng ta c th m rng phm vi mng m khng cn lp t hoc di chuyn dy. Cc mng my tnh khng dy c u im v hiu sut, s thun li, c th nh sau:
-4-
- Tnh di ng : nhng ngi s dng mng my tnh khng dy c th truy nhp ngun thng tin bt k ni no. Tnh di ng ny s tng nng sut v tnh kp thi tha mn nhu cu v thng tin m cc mng hu tuyn khng th c c. - Tnh n gin: lp t, thit lp, kt ni mt mng my tnh khng dy l d dng, n gin v c th trnh c vic ko cp qua cc bc tng v trn nh. - Tnh linh hot : c th trin khai nhng ni m mng hu tuyn khng th trin khai c. - Tit kim chi ph lu di : Trong khi u t cn thit ban u i vi phn cng ca mt mng my tnh khng dy c th cao hn chi ph phn cng ca mt mng hu tuyn nhng ton b ph tn lp t v cc chi ph v thi gian tn ti c th thp hn ng k. Chi ph di hn c li nht trong cc mi trng ng cn phi di chuyn v thay i thng xuyn. - Kh nng v hng : cc mng my tnh khng dy c th c cu hnh theo cc topo khc nhau p ng cc nhu cu ng dng v lp t c th. Cc cu hnh d dng thay i t cc mng ngang hng thch hp cho mt s lng nh ngi s dng n cc mng c c s h tng y dnh cho hng nghn ngi s dng m c kh nng di chuyn trn mt vng rng.
1.1.2 Hot ng ca mng my tnh khng dy

Cc mng my tnh khng dy s dng cc sng in t khng gian (v tuyn hoc nh sng) truyn thng tin t mt im ti im khc. Cc sng v tuyn thng c xem nh cc sng mang v tuyn do chng ch thc hin chc nng cung cp nng lng cho mt my thu xa. D liu ang c pht c iu ch trn sng mang v tuyn (thng c gi l iu ch sng mang nh thng tin ang c pht) sao cho c th c khi phc chnh xc ti my thu. Nhiu sng mang v tuyn c th tn ti trong cng khng gian, ti cng thi im m khng can nhiu ln nhau nu cc sng v tuyn c pht trn cc tn s v tuyn khc nhau. nhn li d liu, my thu v tuyn s thu trn tn s v tuyn ca my pht tng ng.
-5-
Trong mt cu hnh mng my tnh khng dy tiu chun, mt thit b thu/pht (b thu/pht) c gi l mt im truy cp, ni vi mng hu tuyn t mt v tr c nh s dng cp tiu chun. Chc nng ti thiu ca im truy cp l thu, lm m, v pht d liu gia mng my tnh khng dy v c s h tng mng hu tuyn. Mt im truy cp n c th h tr mt nhm nh ngi s dng v c th thc hin chc nng trong mt phm vi t mt trm n vi trm feet. im truy cp (hoc anten c gn vo im truy cp) thng c t cao nhng v c bn c th c t bt k ch no min l t c vng ph sng mong mun. Nhng ngi s dng truy cp vo mng my tnh khng dy thng qua cc b thch ng my tnh khng dy nh cc Card mng khng dy trong cc vi my tnh, cc my Palm, PDA. Cc b thch ng my tnh khng dy cung cp mt giao din gia h thng iu hnh mng (NOS Network Operation System) ca my khch v cc sng khng gian qua mt anten. Bn cht ca kt ni khng dy l trong sut i vi h iu hnh mng.
1.1.3 Cc m hnh ca mng my tnh khng dy c bn

a. Kiu Ad hoc Mi my tnh trong mng giao tip trc tip vi nhau thng qua cc thit b card mng khng dy m khng dng n cc thit b nh tuyn hay thu pht khng dy.
Wireless Station
Wireless Station
Wireless Station
Wireless Station
Hnh 1.1: M hnh mng Ad - hoc ( hay mng ngang hng ) b. Kiu Infrastructure
-6-
Cc my tnh trong h thng mng s dng mt hoc nhiu cc thit b nh tuyn hay thit b thu pht thc hin cc hot ng trao i d liu vi nhau v cc hot ng khc.
1.2 Kin trc mng LAN chun IEEE 802.11

1.2.1 Tng vt l mng LAN khng dy
Hu ht cc mng LAN khng dy s dng cng ngh tri ph. iu ch tri ph tri nng lng ca tn hiu trn mt rng bng tn truyn dn ln hn nhiu so vi rng bng tn cn thit ti thiu. iu ny tri vi mong mun bo ton rng bng tn nhng qu trnh tri ph lm cho tn hiu t b nhiu in t hn nhiu so vi cc k thut iu ch v tuyn thng thng. Truyn dn khc v nhiu in t thng l bng hp s ch gy can nhiu vi mt phn nh ca tn hiu tri ph, n s gy ra t nhiu v t li hn nhiu khi cc my thu gii iu ch tn hiu. iu ch tri ph khng hiu qu v rng bng tn khi c s dng bi mt ngi s dng. Tuy nhin, do nhiu ngi s dng c th dng chung cng rng bng tn ph m khng can nhiu vi nhau, cc h thng tri ph tr nn c hiu qu v rng bng tn trong mi trng nhiu ngi s dng. iu ch tri ph s dng hai phng php tri tn hiu trn mt bng tn rng hn: tri ph chui trc tip v tri ph nhy tn. a. Tri ph nhy tn FHSS Frequency Hopping Spread Spectrum Trong tri ph nhy tn, tn hiu d liu ca ngi s dng c iu ch vi mt tn hiu sng mang. Cc tn s sng mang ca nhng ngi s dng ring bit c lm cho khc nhau theo kiu gi ngu nhin trong mt knh bng rng. D liu s c tch thnh cc cm d liu kch thc ging nhau c pht trn cc tn s sng mang khc nhau. rng bng tn tc thi ca cc cm truyn dn nh hn nhiu so vi ton b rng bng tn tri ph. M gi ngu nhin thay i cc tn s sng mang ca ngi s dng, ngu nhin ha chim dng ca mt knh
-7-
knh c th ti bt k thi im no. Trong my thu nhy tn, mt m gi ngu nhin c pht ni b c s dng ng b tn s tc thi ca cc my thu vi cc my pht. Ti bt k thi im no, mt tn hiu nhy tn chim mt knh n tng i hp. Nu tc thay i ca tn s sng mang ln hn nhiu so vi tc k t th h thng c coi nh l mt h thng nhy tn nhanh. Nu knh thay i ti mt tc nh hn hoc bng tc k t th h thng c g i l nhy tn chm.
Hnh 1.2: M hnh nhy tn CABED Mt h thng nhy tn cung cp mt mc bo mt, c bit l khi s dng mt s lng ln knh, do mt my thu v tnh khng bit chui gi ngu nhin ca cc khe tn s phi d li nhanh chng tm tn hiu m h mun nghe trm. Ngoi ra, tn hiu nhy tn hn ch c fading, do c th s dng s m ha iu khin li v s xen k bo v tn hiu nhy tn khi s suy gim r rt i khi c th xy ra trong qu trnh nhy tn. Vic m ha iu khin li v xen k cng c th c kt hp trnh mt knh xa b khi hai hay nhiu ngi s dng pht trn cng knh ti cng thi im.
-8-
b. Tri ph trc tip DSSS Direct Sequence Spread Spectrum Tri ph chui trc tip kt hp mt tn hiu d liu ti trm gi vi mt chui bit tc d liu cao hn nhiu, m nhiu ngi xem nh mt chipping code (cn gi l mt gain x l). Mt gain x l cao lm tng kh nng chng nhiu ca tn hiu. Gain x l tuyn tnh ti thiu m FCC Federal Communications Commission cho php l 10, v hu ht cc sn phm khai thc di 20. Nhm lm vic ca Vin nghin cu in-in t IEEE - Institute of Electrical and Electronics Engineers t gain x l ti thiu cn thit ca 802.11 l 11.
Hnh 1.3: Hot ng ca tri ph chui trc tip Hnh trn cho thy mt v d v hot ng ca tri ph chui trc tip. Mt chipping code c biu th bi cc bit d liu logic 0 v 1. Khi lung d liu c pht, m tng ng c gi. V d, truyn dn mt bit d liu bng 0 s dn n chui 00010011100 ang c gi. Nhiu sn phm tri ph chui trc tip trn th trng s dng nhiu hn mt knh trn cng mt khu vc, tuy nhin s knh kh dng b hn ch. Vi chui trc tip, nhu sn phm hot ng trn cc knh ring bit bng cch chia bng tn s thnh cc knh tn s khng gi nhau. iu ny cho php mt s mng ring bit hot ng m khng can nhiu ln nhau. Tuy nhin, rng bng tn phi iu tit cc tc d liu cao, ch c th c mt s knh.
-9-
c. K thut OFDM Orthogonal Frequency Division Multiplexing OFDM l mt cng ngh ra i t nhiu nm trc y, t nhng nm 1960, 1970 khi ngi ta nghin cu v hin tng nhiu xy ra gia cc knh, nhng n ch thc s tr nn ph bin trong nhng nm gn y nh s pht trin ca cng ngh x l tn hiu s. OFDM c a vo p dng cho cng ngh truyn thng khng dy bng thng rng nhm khc phc mt s nhc im v tng kh nng v bng thng cho cng ngh mng khng dy, n c p dng cho chun IEEE 802.11a v chun ETSI HiperLAN/2, n cng c p dng cho cng ngh pht thanh, truyn hnh cc nc Chu u.
Hnh 1.4: Phng thc iu ch OFDM OFDM l mt phng thc iu ch a sng mang c chia thnh nhiu lung d liu vi nhiu sng mang khc nhau (hay cn gi l nhng knh hp) truyn cng nhau trn mt knh chnh, mi lung ch chim mt t l d liu rt nh. Sau khi bn thu nhn d liu, n s tng hp cc nhiu lung ghp li bn tin ban u. Nguyn l hot ng ca phng thc ny cng ging nh ca cng ngh CDMA .
1.2.2 Tng iu khin truy nhp CSMA/CA

a. C ch CSMA-CA Nguyn tc c bn khi truy cp ca chun 802.11 l s dng c ch CSM ACA vit tt ca Carrier Sense Multiple Access Collision Avoidance a truy cp s dng sng mang phng trnh xung t. Nguyn tc ny gn ging nh nguyn tc CSMA-CD (Carrier Sense Multiple Access Collision Detect) ca chun 802.3 (cho Ethernet). im khc y l CSMA-CA n s ch truyn d liu khi bn kia
- 10 -
sn sng nhn v khng truyn, nhn d liu no khc trong lc , y cn gi l nguyn tc LBT listening before talking nghe trc khi ni. Trc khi gi tin c truyn i, thit b khng dy s kim tra xem c cc thit b no khc ang truyn tin khng, nu ang truyn, n s i n khi no cc thit b kia truyn xong th n mi truyn. kim tra vic cc thit b kia truyn xong cha, trong khi i n s hi thm d u n sau cc khong thi gian nht nh. b. C ch RTS/CTS gim thiu nguy xung t do cc thit b cng truyn trong cng thi im, ngi ta s dng c ch RTS/CTS Request To Send/ Clear To Send. V d nu AP mun truyn d liu n STA, n s gi 1 khung RTS n STA, STA nhn c tin v gi li khung CTS, thng bo sn sng nhn d liu t AP, ng thi khng thc hin truyn d liu vi cc thit b khc cho n khi AP truyn xong cho STA. Lc cc thit b khc nhn c thng bo cng s tm ngng vic truyn thng tin n STA. C ch RTS/CTS m bo tnh sn sng gia 2 im truyn d liu v ngn chn nguy c xung t khi truyn d liu. c. C ch ACK ACK Acknowledging l c ch thng bo li kt qu truyn d liu. Khi bn nhn nhn c d liu, n s gi thng bo ACK n bn gi bo l nhn c bn tin ri. Trong tnh hung khi bn gi khng nhn c ACK n s coi l bn nhn cha nhn c bn tin v n s gi li bn tin . C ch ny nhm gim bt nguy c b mt d liu trong khi truyn gia 2 im.
1.3 Cc chun ca 802.11

IEEE (Institute of Electrical and Electronic Engineers) l t chc i tin phong trong lnh vc chun ha mng LAN vi n IEEE 802 ni ting bt u trin khai t nm 1980 v kt qu l hng lot chun thuc h IEEE 802.x ra i, to nn
- 11 -
mt s hi t quan trng cho vic thit k v ci t cc mng LAN trong thi gian qua. 802.11 l mt trong cc chun ca h IEEE 802.x bao gm h cc giao thc truyn tin qua mng khng dy. Chun 802.11 ch yu cho vic phn pht cc MSDU (n v d liu dch v ca MAC ) gia cc kt ni LLC (iu khin lin kt logic ). Chun 802.11 c chia lm hai nhm: nhm lp vt l PHY v nhm lp lin kt d liu MAC.
1.3.1. Nhm lp vt l PHY

a. Chun 802.11b 802.11b l chun p ng cho phn ln cc ng dng ca mng. Vi mt gii php rt hon thin, 802.11b c nhiu c im thun li so vi cc chun khng dy khc. Chun 802.11b s dng kiu tri ph trc tip DSSS, hot ng di tn 2,4 GHz, tc truyn d liu ti a l 11 Mbps trn mt knh, tc thc t l khong t 4-5 Mbps. Khong cch c th ln n 500 mt trong mi trng m rng. Khi dng chun ny ti a c 32 ngi dng / im truy cp. y l chun c chp nhn rng ri trn th gii v c trn khai rt mnh hin nay do cng ngh ny s dng di tn khng phi ng k cp php phc v cho cng nghip, dch v, y t. Nhc im ca 802.11b l hat ng di tn 2,4 GHz trng vi di tn ca nhiu thit b trong gia nh nh l vi sng , in thoi m con ... nn c th b nhiu. b. Chun 802.11a Chun 802.11a l phin bn nng cp ca 802.11b, hot ng di tn 5 GHz , dng cng ngh tri ph OFDM. Tc ti a t 25 Mbps n 54 Mbps trn mt knh, tc thc t xp x 27 Mbps, dng chun ny ti a c 64 ngi dng / im truy cp. y cng l chun c chp nhn rng ri trn th gii.
- 12 -
c. Chun 802.11g Cc thit b thuc chun ny hot ng cng tn s vi chun 802.11b l 2,4 Ghz. Tuy nhin chng h tr tc truyn d liu nhanh gp 5 ln so vi chun 802.11b vi cng mt phm vi ph sng, tc l tc truyn d liu ti a ln n 54 Mbps, cn tc thc t l khong 7-16 Mbps. Chun 802.11g s dng phng php iu ch OFDM, CCK Complementary Code Keying v PBCC Packet Binary Convolutional Coding. Cc thit b thuc chun 802.11b v 802.11g hon ton tng thch vi nhau. Tuy nhin cn lu rng khi bn trn ln cc thit b ca hai chun vi nhau th cc thit b s hot ng theo chun no c tc thp hn. y l mt chun ha hn trong tng lai nhng hin nay vn cha c chp thun rng ri trn th gii.
1.3.2 Nhm lp lin kt d liu MAC

a. Chun 802.11d Chun 802.11d b xung mt s tnh nng i vi lp MAC nhm ph bin WLAN trn ton th gii. Mt s nc trn th gii c quy nh rt cht ch v tn s v mc nng lng pht sng v vy 802.11d ra i nhm p ng nhu cu . Tuy nhin, chun 802.11d vn ang trong qu trnh pht trin v cha c chp nhn rng ri nh l chun ca th gii. b. Chun 802.11e y l chun c p dng cho c 802.11 a,b,g. Mc tiu ca chun ny nhm cung cp cc chc nng v cht lng dch v - QoS cho WLAN. V mt k thut, 802.11e cng b xung mt s tnh nng cho lp con MAC. Nh tnh nng ny, WLAN 802.11 trong mt tng li khng xa c th cung cp y cc dch v nh voice, video, cc dch v i hi QoS rt cao. Chun 802.11e hin nay vn ang trong qua trnh pht trin v cha chnh thc p dng trn ton th gii. c. Chun 802.11f
- 13 -
y l mt b ti liu khuyn ngh ca cc nh sn xut cc Access Point ca cc nh sn xut khc nhau c th lm vic vi nhau. iu ny l rt quan trng khi quy m mng li t n mc ng k. Khi mi p ng c vic kt ni mng khng dy lin c quan, lin x nghip c nhiu kh nng khng dng cng mt chng loi thit b. d. Chun 802.11h Tiu chun ny b xung mt s tnh nng cho lp con MAC nhm p ng cc quy nh chu u di tn 5GHz. Chu u quy nh rng cc sn phm dng di tn 5 GHz phi c tnh nng kim sot mc nng lng truyn dn TPC Transmission Power Control v kh nng t ng la chn tn s DFS - Dynamic Frequency Selection. La chn tn s Access Point gip lm gim n mc ti thiu can nhiu n cc h thng radar c bit khc. e. Chun 802.11i y l chun b xung cho 802.11 a, b, g nhm ci thin v mt an ninh cho mng khng dy. An ninh cho mng khng dy l mt giao thc c tn l WEP, 802.11i cung cp nhng phng thc m ha v nhng th tc xc nhn, chng thc mi c tn l 802.1x. Chun ny vn ang trong giai on pht trin.
1.4 Cc kin trc c bn ca chun 802.11

1.4.1 Trm thu pht - STA
STA Station, cc trm thu/pht sng. Thc cht ra l cc thit b khng dy kt ni vo mng nh my vi tnh, my Palm, my PDA, in thoi di ng, vv... vi vai tr nh phn t trong m hnh mng ngang hng Pear to Pear hoc Client trong m hnh Client/Server. Trong phm vi n ny ch cp n thit b khng dy l my vi tnh (thng l my xch tay cng c th l my bn c card m ng kt ni khng dy). C trng hp trong n ny gi thit b khng dy l STA, c lc l Client, cng c lc gi trc tip l my tnh xch tay. Thc ra l nh nhau nhng cch gi tn khc nhau cho ph hp vi tnh hung cp.
S ha bi Trung tm Hc liu i hc Thi Nguyn http://www.lrc -tnu.edu.vn
- 14 -
1.4.2 im truy cp AP
im truy cp Acces Point l thit b khng dy, l im tp trung giao tip vi cc STA, ng vai tr c trong vic truyn v nhn d liu mng. AP cn c chc nng kt ni mng khng dy thng qua chun cp Ethernet, l cu ni gia mng khng dy vi mng c dy. AP c phm vi t 30m n 300m ph thuc vo cng ngh v cu hnh.
1.4.3 Trm phc v c bn BSS

Kin trc c bn nht trong WLAN 802.11 l BSS Base Service Set. y l n v ca mt mng con khng dy c bn. Trong BSS c cha cc STA, nu khng c AP th s l mng cc phn t STA ngang hng (cn c gi l mng Adhoc), cn nu c AP th s l mng phn cp (cn gi l mng Infrastructure). Cc STA trong cng mt BSS th c th trao i thng tin vi nhau. Ngi ta thng dng hnh Oval biu th phm vi ca mt BSS. Nu mt STA no nm ngoi mt hnh Oval th coi nh STA khng giao tip c vi cc STA, AP nm trong hnh Oval . Vic kt hp gia STA v BSS c tnh cht ng v STA c th di chuyn t BSS ny sang BSS khc. Mt BSS c xc nh bi m nh danh h thng ( SSID System Set Identifier ), hoc n cng c th hiu l tn ca mng khng dy .
Hnh 1.5: M hnh mt BSS
- 15 -
1.4.4 BSS c lp IBSS

Trong m hnh IBSS Independent BSS, l cc BSS c lp, tc l khng c kt ni vi mng c dy bn ngoi. Trong IBSS, cc STA c vai tr ngang nhau. IBSS thng c p dng cho m hnh Adhoc bi v n c th c xy dng nhanh chng m khng phi cn nhiu k hoch.
1.4.5 H thng phn tn DS

Ngi ta gi DS Distribution System l mt tp hp ca cc BSS. M cc BSS ny c th trao i thng tin vi nhau. Mt DS c nhim v kt hp vi cc BSS mt cch thng sut v m bo gii quyt vn a ch cho ton mng
1.4.6 H thng phc v m rng - ESS

ESS Extended Service Set l mt khi nim rng hn. M hnh ESS l s kt hp gia DS v BSS cho ta mt mng vi kch c ty v c y cc tnh nng phc tp. c trng quan trng nht trong mt ESS l cc STA c th giao tip vi nhau v di chuyn t mt vng ph sng ca BSS ny sang vng ph sng ca BSS m vn trong sut vi nhau mc LLC Logical Link Control.
Hnh 1.6: M hnh ESS
- 16 -
1.4.7 M hnh thc t

Trn thc t th c rt nhiu m hnh mng khng dy t mt vi my tnh kt ni Adhoc n m hnh WLAN, WWAN, mng phc hp. Sau y l 2 loi m hnh kt ni mng khng dy ph bin, t 2 m hnh ny c th kt hp to ra nhiu m hnh phc tp, a dng khc. a. Mng khng dy kt ni vi mng c dy
Wireless Station Wireless Network Access Point Wireline Network
WAN
Wireless Station
Hnh 1.7: M hnh mng khng dy kt ni vi mng c dy AP s lm nhim v tp trung cc kt ni khng dy, ng thi n kt ni vo mng WAN (hoc LAN) thng qua giao din Ethernet RJ45, phm vi hp c th coi AP lm nhim v nh mt router nh tuyn gia 2 mng ny b. Hai mng c dy kt ni vi nhau bng kt ni khng dy
WAN
Bridge Wireline Network Building
Wireless Network
WAN
Building Bridge Wireline Network
Hnh 1.8: M hnh 2 mng c dy kt ni vi nhau bng kt ni khng dy Kt ni khng dy gia 2 u ca mng 2 mng WAN s dng thit b Bridge lm cu ni, c th kt hp s dng cho thu pht nh truyn sng viba. Khi khong cch gia 2 u kt ni c th t vi trm mt n vi chc km ty vo loi thit b cu ni khng dy.
- 17 -
CHNG 2: AN NINH MNG LAN KHNG DY

2.1 Cc kiu tn cng i vi mng khng dy
2.1.1 Tn cng b ng Passive attacks
Tn cng b ng l kiu tn cng khng tc ng trc tip vo thit b no trn mng, khng lm cho cc thit b trn mng bit c hot ng ca n, v th kiu tn cng ny nguy him ch n rt kh pht hin. V d nh vic ly trm thng tin trong khng gian truyn sng ca cc thit b s rt kh b pht hin d thit b ly trm nm trong vng ph sng ca mng ch cha ni n vic n c t khong cch xa v s dng anten c nh hng ti ni pht sng, khi cho php k tn cng gi c khong cch thun li m khng b pht hin. Cc phng thc thng dng trong tn cng b ng: nghe trm (Sniffing, Eavesdropping), phn tch lung thng tin (Traffic analyst).
Passive Attacks
Eavesdropping
Traffic Analysis
a. Nguyn l thc hin Bt gi tin Sniffing l khi nim c th ca khi nim tng qut Nghe trm Eavesdropping s dng trong mng my tnh. C l l phng php n gin nht, tuy nhin n vn c hiu qu i vi vic tn cng WLAN. Bt gi tin c th hiu nh l mt phng thc ly trm thng tin khi t mt thit b thu nm trong hoc nm gn vng ph sng. Tn cng kiu bt gi tin s kh b pht hin ra s c mt ca thit b bt gi d thit b nm trong hoc nm gn vng ph sng nu thit b khng thc s kt ni ti AP thu cc gi tin. Vic bt gi tin mng c dy thng c thc hin da trn cc thit b phn cng mng, v d nh vic s dng phn mm bt gi tin trn phn iu khin
- 18 -
thng tin ra vo ca mt card mng trn my tnh, c ngha l cng phi bit loi thit b phn cng s dng, phi tm cch ci t phn mm bt gi ln , vv.. tc l khng n gin. i vi mng khng dy, nguyn l trn vn ng nhng khng nht thit phi s dng v c nhiu cch ly thng tin n gin, d dng hn nhiu. Nhng chng trnh bt gi tin c kh nng ly cc thng tin quan trng, mt khu, .. t cc qu trnh trao i thng tin trn my bn vi cc site HTTP, email, cc instant messenger, cc phin FTP, cc phin telnet nu nhng thng tin trao i di dng vn bn khng m ha (clear text). C nhng chng trnh c th ly c mt khu trn mng khng dy ca qu trnh trao i gia Client v Server khi ang thc hin qu trnh nhp mt khu ng nhp. Cng t vic bt gi tin, c th nm c thng tin, phn tch c lu lng ca mng (Traffic analysis) , ph nng lng trong khng gian ca cc vng. T m k tn cng c th bit ch no sng truyn tt, ch no km, ch no tp trung nhiu my. Bt gi tin ngoi vic trc tip gip cho qu trnh ph hoi, n cn gin tip l tin cho cc phng thc ph hoi khc. Bt gi tin l c s ca cc phng thc tn cng nh an trm thng tin, thu thp thng tin phn b mng (wardriving), d m, b m (Key crack), vv ..
Hnh 2.1: Phn mm bt gi tin Ethereal
- 19 -
Wardriving: l mt thut ng ch thu thp thng tin v tnh hnh phn b cc thit b, vng ph sng, cu hnh ca mng khng dy. Vi tng ban u dng mt thit b d sng, bt gi tin, k tn cng ngi trn xe t v i khp cc ni thu thp thng tin, chnh v th m c tn l wardriving. Ngy nay nhng k tn cng cn c th s dng cc thit b hin i nh b thu pht v tinh GPS xy dng thnh mt bn thng tin trn mt phm vi ln.
Hnh 2.2: Phn mm thu thp thng tin h thng mng khng dy NetStumbler b. Bin php i ph V bt gi tin l phng thc tn cng kiu b ng nn rt kh pht hin v do c im truyn sng trong khng gian nn khng th phng nga vic nghe trm ca k tn cng. Gii php ra y l nng cao kh nng m ha thng tin sao cho k tn cng khng th gii m c, khi thng tin ly c s thnh v gi tr i vi k tn cng.
2.1.2 Tn cng ch ng Active attacks

Tn cng ch ng l tn cng trc tip vo mt hoc nhiu thit b trn mng v d nh vo AP, STA. Nhng k tn cng c th s dng phng php tn cng ch ng thc hin cc chc nng trn mng. Cuc tn cng ch ng c th c dng tm cch truy nhp ti mt server thm d, ly nhng d liu
- 20 -
quan trng, thm ch thc hin thay i cu hnh c s h tng mng. Kiu tn cng ny d pht hin nhng kh nng ph hoi ca n rt nhanh v nhiu, khi pht hin ra chng ta cha kp c phng php i ph th n thc hin xong qu trnh ph hoi. So vi kiu tn cng b ng th tn cng ch ng c nhiu phng thc a dng hn, v d nh: Tn cng t chi dch v (DOS), Sa i thng tin (Message Modification), ng gi, mo danh, che du (Masquerade), Lp li thng tin (Replay), Bomb, spam mail, v v...
Message Modification Denied of service
Active Attacks
Masquerade
Replay
2.1.2.1 Mo danh, truy cp tri php a. Nguyn l thc hin Vic mo danh, truy cp tri php l hnh ng tn cng ca k tn cng i vi bt k mt loi hnh mng my tnh no, v i vi mng khng dy cng nh vy. Mt trong nhng cch ph bin l mt my tnh tn cng bn ngoi gi mo l my bn trong mng, xin kt ni vo mng ri truy cp tri php ngun ti nguyn trn mng. Vic gi mo ny c thc hin bng cch gi mo a ch MAC, a ch IP ca thit b mng trn my tn cng thnh cc gi tr ca my ang s dng trong mng, lm cho h thng hiu nhm v cho php thc hin kt ni . V d vic thay i gi tr MAC ca card mng khng dy trn my tnh s dng h iu hnh Windows hay UNIX u ht sc d dng, ch cn qua mt s thao tc c bn ca ngi s dng. Cc thng tin v a ch MAC, a ch IP cn gi mo c th ly t vic bt trm gi tin trn mng.
- 21 -
b. Bin php i ph Vic gi gn bo mt my tnh mnh ang s dng, khng cho ai vo dng tri php l mt nguyn l rt n gin nhng li khng tha ngn chn vic mo danh ny. Vic mo danh c th xy ra cn do qu trnh chng thc gia cc bn cn cha cht ch, v vy cn phi nng cao kh nng ny gia cc bn. 2.1.2.2 Tn cng t chi dch v - DOS a. Nguyn l thc hin Vi mng my tnh khng dy v mng c dy th khng c khc bit c bn v cc kiu tn cng DOS ( Denied of Service ) cc tng ng dng v vn chuyn nhng gia cc tng mng, lin kt d liu v vt l li c s khc bit ln. Chnh iu ny lm tng nguy him ca kiu tn cng DOS trong mng my tnh khng dy. Trc khi thc hin tn cng DOS, k tn cng c th s dng chng trnh phn tch lu lng mng bit c ch no ang tp trung nhiu lu lng, s lng x l nhiu, v k tn cng s tp trung tn cng DOS vo nhng v tr nhanh t c hiu qu hn. - Tn cng DOS tng vt l Tn cng DOS tng vt l mng c dy mun thc hin c th yu cu k tn cng phi gn cc my tnh trong mng. iu ny li khng ng trong mng khng dy. Vi mng ny, bt k mi trng no cng d b tn cng v k tn cng c th xm nhp vo tng vt l t mt khong cch rt xa, c th l t bn ngoi thay v phi ng bn trong ta nh. Trong mng my tnh c dy khi b tn cng th thng li cc du hiu d nhn bit nh l cp b hng, dch chuyn cp, hnh nh c ghi li t camera, th vi mng khng dy li khng li bt k mt du hiu no. 802.11 PHY a ra mt phm vi gii hn cc tn s trong giao tip. Mt k tn cng c th to ra mt thit b lm bo ha di tn 802.11 vi nhiu. Nh vy, nu thit b to ra nhiu tn s v tuyn th s lm gim tn hiu / t l nhiu ti mc khng phn bit c dn n cc STA nm trong di tn nhiu s b ngng hot ng. Cc thit b s khng th phn bit c tn hiu mng
- 22 -
mt cch chnh xc t tt c cc nhiu xy ra ngu nhin ang c to ra v do s khng th giao tip c. Tn cng theo kiu ny khng phi l s e do nghim trng, n kh c th thc hin ph bin do vn gi c ca thit b, n qu t trong khi k tn cng ch tm thi v hiu ha c mn g. - Tn cng DOS tng lin kt d liu Do tng lin kt d liu k tn cng cng c th truy cp bt k u nn li mt ln na to ra nhiu c hi cho kiu tn cng DOS. Thm ch khi WEP c bt, k tn cng c th thc hin mt s cuc tn cng DOS bng cch truy cp ti thng tin lp lin kt. Khi khng c WEP, k tn cng truy cp ton b ti cc lin kt gia cc STA v AP chm dt truy cp ti mng. Nu mt AP s dng khng ng anten nh hng k tn cng c nhiu kh nng t chi truy cp t cc client lin kt ti AP. Anten nh hng i khi cn c dng ph sng nhiu khu vc hn vi mt AP bng cch dng cc anten. Nu anten nh hng khng ph sng vi khong cch cc vng l nh nhau, k tn cng c th t chi dch v ti cc trm lin kt bng cch li dng s sp t khng ng ny, iu c th c minh ha hnh di y:
Hnh 2.3: M t qu trnh tn cng DOS tng lin kt d liu Gi thit anten nh hng A v B c gn vo AP v chng c sp t ph sng c hai bn bc tng mt cch c lp. Client A bn tri bc tng, v vy AP s chn anten A cho vic gi v nhn cc khung. Client B bn tri bc tng, v vy chn vic gi v nhn cc khung vi anten B. Client B c th loi
- 23 -
client A ra khi mng bng cch thay i a ch MAC ca Client B ging ht vi Client A. Khi Client B phi chc chn rng tn hiu pht ra t anten B mnh hn tn hiu m Client A nhn c t anten A bng vic dng mt b khuch i hoc cc k thut khuch i khc nhau. Nh vy AP s gi v nhn cc khung ng vi a ch MAC anten B. Cc khung ca Client A s b t chi chng no m Client B tip tc gi lu lng ti AP. - Tn cng DOS tng mng Nu mt mng cho php bt k mt client no kt ni, n d b tn cng DOS tng mng. Mng my tnh khng dy chun 802.11 l mi trng chia s ti nguyn. Mt ngi bt hp php c th xm nhp vo mng, t chi truy cp ti cc thit b c lin kt vi AP. V d nh k tn cng c th xm nhp vo mng 802.11b v gi i hng lot cc gi tin ICMP qua cng gateway. Trong khi cng gateway c th vn thng sut lu lng mng, th di tn chung ca 802.11b li d dng b bo ha. Cc Client khc lin kt vi AP ny s gi cc gi tin rt kh khn. b. Bin php i ph Bin php mang tnh cc oan hiu qu nht l chn v lc b i tt c cc bn tin m DOS hay s dng, nh vy c th s chn b lun c nhng bn tin hu ch. gii quyt tt hn, cn c nhng thut ton thng minh nhn dng tn cng attack detection, da vo nhng c im nh gi bn tin lin tc, bn tin ging ht nhau, bn tin khng c ngha, vv.. Thut ton ny s phn bit bn tin c ch vi cc cuc tn cng, c bin php lc b. 2.1.2.3 Tn cng cng ot iu khin v sa i thng tin Hijacking and Modification a. Nguyn l thc hin C rt nhiu k thut tn cng cng ot iu khin. Khc vi cc kiu tn cng khc, h thng mng rt kh phn bit u l k tn cng cng ot iu khin, u l mt ngi s dng hp php.
- 24 -
Khi mt gi tin TCP/IP i qua Switch, Router hay AP, cc thit b ny s xem phn a ch ch n ca gi tin, nu a ch ny nm trong mng m thit b qun l th gi tin s chuyn trc tip n a ch ch, cn nu a ch khng nm trong mng m thit b qun l th gi tin s c a ra cng ngoi (default gateway) tip tc chuyn n thit b khc. Nu k tn cng c th sa i gi tr default gateway ca thit b mng tr vo my tnh ca hn, nh vy c ngha l cc kt ni ra bn ngoi u i vo my ca hn. mt mc tinh vi hn, k tn cng ch la chn mt s bn tin cn thit nh tuyn n n, sau khi ly c ni dung bn tin, k tn cng c th sa i li ni dung theo mc ch ring sau li tip tc chuyn tip (forward) bn tin n ng a ch ch. Nh vy bn tin b chn, ly, sa i trong qu trnh truyn m pha gi ln pha nhn khng pht hin ra. y cng ging nguyn l ca kiu tn cng thu ht (man in the back), tn cng s dng AP gi mo (rogue AP).
Hnh 2.4: M t qu trnh tn cng mng bng AP gi mo AP gi mo - Rogue AP: l mt kiu tn cng bng cch s dng 1 AP t trong vng gn vi vng ph sng ca mng WLAN. Cc Client khi di chuyn n gn Rogue AP, theo nguyn l chuyn giao vng ph sng gia m cc AP qun l, my Client s t ng lin kt vi AP gi mo v cung cp cc thng tin ca mng WLAN cho AP. Vic s dng AP gi mo, hot ng cng tn s vi cc AP khc c th gy ra nhiu sng ging nh trong phng thc tn cng chn p, n cng gy tc hi ging tn cng t chi dch v - DOS v khi b nhiu sng, vic trao i cc gi tin s b khng thnh cng nhiu v phi truyn i truyn li nhiu ln, dn n vic tc nghn, cn kit ti nguyn mng
- 25 -
b. Bin php i ph Tn cng kiu Hijack thng c tc nhanh, phm vi rng v vy cn phi c cc bin php ngn chn kp thi. Hijack thng thc hin khi k tn cng t nhp kh su trong h thng, v th cn ngn chn t nhng du hiu ban u. Vi kiu tn cng AP Rogue, bin php ngn chn gi mo l phi c s chng thc 2 chiu gia Client v AP thay cho vic chng thc 1 chiu t Client n AP. 2.1.2.4 D mt khu bng t in Dictionary Attack a. Nguyn l thc hin Vic d mt khu da trn nguyn l qut tt c cc trng hp c th sinh ra t t hp ca cc k t. Nguyn l ny c th c thc thi c th bng nhng phng php khc nhau nh qut t trn xung di, t di ln trn, t s n ch, vv... Vic qut th ny tn nhiu thi gian ngay c trn nhng th h my tnh tin tin bi v s trng hp t hp ra l cc k nhiu. Thc t l khi t mt m ngi dng thng dng cc t ng c ngha ghp li vi nhau vv.. Trn c s mt nguyn l c a ra l s qut mt khu theo cc trng hp theo cc t ng trn mt b t in c sn, nu khng tm ra lc y mi qut t hp cc trng hp. B t in ny gm nhng t ng c s dng trong cuc sng, vv.. v lun c cp nht b xung tng kh nng thng minh ca b ph m. b. Bin php i ph i ph vi kiu d mt khu ny, cn xy dng mt quy trnh t mt khu phc tp hn, a dng hn gy kh khn cho vic qut t hp cc trng hp. V d quy trnh t mt khu thc hin nh sau: - Mt khu di ti thiu 10 k t - C c ch thng v ch hoa - C c ch, s, v c th l cc k t c bit nh !,@,#,$ - Trnh trng vi tn ng k, tn ti khon, ngy sinh, vv.. - Khng nn s dng cc t ng ngn n gin c trong t in
- 26 -
2.1.3 Tn cng kiu chn p - Jamming attacks

Ngoi vic s dng phng php tn cng b ng, ch ng ly thng tin truy cp ti mng ca bn, phng php tn cng theo kiu chn p. Jamming l mt k thut s dng n gin lm mng ca bn ngng hot ng. Phng thc jamming ph bin nht l s dng my pht c tn s pht ging tn s m mng s dng p o lm mng b nhiu, b ngng lm vic. Tn hiu RF c th di chuyn hoc c nh.
Hnh 2.5: M t qu trnh tn cng theo kiu chn p Cng c trng hp s Jamming xy ra do khng ch thng xy ra vi mi thit b m dng chung di tn 2,4Ghz. Tn cng bng Jamming khng phi l s e da nghim trng, n kh c th c thc hin ph bin do vn gi c ca thit b, n qu t trong khi k tn cng ch tm thi v hiu ha c mng.
2.1.4 Tn cng theo kiu thu ht - Man in the middle attacks

Tn cng theo kiu thu ht - Man in the middle attacks c ngha l dng mt kh nng mnh hn chen vo gia hot ng ca cc thit b v thu ht, ginh ly s trao i thng tin ca thit b v mnh. Thit b chn gia phi c v tr, kh nng thu pht tri hn cc thit b sn c ca mng. Mt c im ni bt ca kiu
- 27 -
tn cng ny l ngi s dng khng th pht hin ra c cuc tn cng, v lng thng tin m thu nht c bng kiu tn cng ny l gii hn.
Hnh 2.6: M t qu trnh tn cng theo kiu thu ht Phng thc thng s dng theo kiu tn cng ny l Mo danh AP (AP rogue), c ngha l chn thm mt AP gi mo vo gia cc kt ni trong mng.
2.2 An ninh mng my tnh khng dy

Ngoi vic k tha nhng yu cu v an ninh cn c t mng hu tuyn, mng my tnh khng dy cn c nhng phng php bo m an ninh ring. Chun IEEE 802.11 quy nh 3 mc tiu an ninh cn c cho mng 802.11 bao gm: Tnh xc thc (Authentication): Nhm m bo ch nhng thit b c php ( xc thc) mi c th truy cp vo im truy cp s dng dch v. Tnh b mt (Condifidentislity): L s bo v d liu truyn i khi nhn g cuc tn cng b ng Tnh ton vn (Integrity): m bo d liu khng b sa i trong qu trnh truyn qua mng Vi ba mc tiu ny, chun 802.11 s dng 3 phng php l xc thc, m ha v kim tra tnh ton vn nhm m bo tnh an ton cho mi trng mng. Phn ny s trnh by cc phng php m ha c p dng m bo an ninh cho mng khng dy.
- 28 -
2.2.1 Gii php an ninh WEP

WEP (Wired Equivalent Privacy Tnh b mt tng ng mng hu tuyn) l c ch bo mt u tin khi chun 802.11 ra i. WEP c th dch l chun bo mt d liu cho mng khng dy mc tng ng vi mng c dy, l phng thc chng thc ngi dng v m ha ni dung d liu truyn trn mng LAN khng dy (WLAN). Chun IEEE 802.11 quy nh vic s dng WEP nh mt thut ton kt hp gia b sinh m gi ngu nhin PRNG (Pseudo Random Number Generator) v b m ha lung theo kiu RC4. Phng thc m ha RC4 thc hin vic m ha v gii m kh nhanh, tit kim ti nguyn, v cng n gin trong vic s dng n cc phn mm khc. 2.2.1.1 Phng thc chng thc Phng thc chng thc ca WEP cng phi qua cc bc trao i gia Client v AP, nhng n c thm m ha v phc tp hn
Wireless station Access Point
Authen
tication
reques t
e halleng
Generate random number to challenge station
Encrypt challenge using RC4 algorithm
Respo
nse
Confirm
s succes
Decrypt response to recover challenge. Verify that challenges equate
Hnh 2.7: M t qu trnh chng thc gia Client v AP Cc bc c th nh sau: Bc 1: Client gi n AP yu cu xin chng thc Bc 2: AP s to ra mt chui mi kt ni (challenge text) ngu nhin gi n Client
- 29 -
Bc 3: Client nhn c chui ny ny s m ha chui bng thut ton RC4 theo m kha m Client c cp, sau Client gi li cho AP chui m ha Bc 4: AP sau khi nhn c chui m ha ca Client, n s gii m li bng thut ton RC4 theo m kha cp cho Client, nu kt qu ging vi chui ban u m n gi cho Client th c ngha l Client c m kha ng v AP s chp nhn qu trnh chng thc ca Client v cho php thc hin kt ni 2.2.1.2 Phng thc m ha WEP l mt thut ton m ha i xng c ngha l qu trnh m ha v gii m u dng mt l Kha dng chung - Share key, kha ny AP s dng v Client c cp. Chng ta lm quen vi mt s khi nim sau: Kha dng chung Share key: y l m kha m AP v Client cng bit v s dng cho vic m ha v gii m d liu. Kha ny c 2 loi khc nhau v di l 40 bit v 104 bit. Mt AP c th s dng ti 4 Kha dng chung khc nhau, tc l n c lm vic vi 4 nhm cc Client kt ni ti n.
Hnh 2.8: Ci t m kha dng chung cho WEP Vector khi to IV-Initialization Vector: y l mt chui di 24 bit, c to ra mt cch ngu nhin v vi gi tin mi truyn i, chui IV li thay i mt ln. C ngha l cc gi tin truyn i lin nhau s c cc gi tr IV thay i khc nhau. V th ngi ta cn gi n l b sinh m gi ngu nhin PRNG Pseudo
- 30 -
Random Number Generator. M ny s c truyn cho bn nhn tin (cng vi bn tin m ha), bn nhn s dng gi tr IV nhn c cho vic gii m. RC4: ch RC4 xut pht t ch Rons Code ly t tn ngi ngh ra l Ron Rivest, thnh vin ca t chc bo mt RSA. y l loi m dng chui cc k t c to ra lin tc (cn gi l lung d liu). di ca RC4 chnh bng tng di ca Kha dng chung v m IV. M RC4 c 2 loi khc nhau v di t m l loi 64 bit (ng vi Kha dng chung 40 bit) v 128 bit (ng vi Kha d ng chung di 104 bit). a. M ha khi truyn i
IV Cipher Text
IV RC4 Key +
CRC
ICV
Payload
Payload
Hnh 2.9: M t qu trnh m ho khi truyn i Kha dng chung v vector khi to IV-Initialization Vector (mt lung d liu lin tc) l hai ngun d liu u vo ca b to m dng thut ton RC4 to ra chui kha (key stream) gi ngu nhin mt cch lin tc. Mt khc, phn ni dung bn tin c b xung thm phn kim tra CRC to thnh mt gi tin mi, CRC y c s dng nhm kim tra tnh ton vn ca d liu (IC V Intergrity Check Value), chiu di ca phn CRC l 32 bit ng vi 8 bytes. Gi tin mi vn c ni dung dng cha m ha (plant text), s c kt hp vi chui cc kha key stream theo thut ton XOR to ra mt bn tin c m ha cipher text. Bn tin ny v chui IV c ng gi thnh gi tin pht i.
- 31 -
Key
Key stream
Cipher
XOR
Cipher text
Cipher text
Cipher text
Plain text Plain text Plain text Plain text
Hnh 2.10: M t qu trnh ng gi bn tin D liu c a vo kt hp vi chui m c chia thnh cc khi (block), cc khi ny c ln tng ng vi ln ca chui m, v d nu ta dng chui m 64 bit th khi s l 8 byte, nu chui m 128 bit th khi s l 16 byte. Nu cc gi tin c kch c l so vi 8 byte (hoc 16 byte) th s c chn thm cc k t n vo thnh s nguyn ln cc khi B to chui kha l mt yu t ch cht trong qu trnh x l m ha v n chuyn mt kha b mt t dng ngn sang chui kha di. iu ny gip n gin rt nhiu vic phn phi li cc kha, cc my kt ni ch cn trao i vi nhau kha b mt. IV m rng thi gian sng c ch cu kha b mt v cung cp kh nng t ng b. Kha b mt c th khng thay i trong khi truyn nhng IV li thay i theo chu k. Mi mt IV mi s to ra mt seed mi v mt sequence mi, tc l c s tng ng 1-1 gia IV v key sequence. IV khng cung cp mt thng tin g m k bt hp php c th li dng. b. Gii m ha khi nhn v
- 32 -
Key RC4 Cipher Text IV
ICV
Payload
CRC
Payload
Hnh 2.11: M t qu trnh gii m khi nhn v Qu trnh gii m cng thc hin tng t nh theo cc khu tng t ca qu trnh m ha nhng theo chiu ngc li. Bn nhn dng Kha dng chung v gi tr IV (tch c t bn tin) lm 2 u vo ca b sinh chui m RC4. Chui kha do RC4 to ra s kt hp XOR vi Cipher Text to ra Clear Text u ra, gi t in sau khi b phn CRC s cn li phn Payload, chnh l thng tin ban u gi i. Qu trnh gii m cng chia bn tin thnh cc khi nh qu trnh m ha. 2.2.1.3 Cc u, nhc im ca WEP Khi chn gii php an ninh cho mng khng dy, chun 802.11 a r a cc yu cu sau m WEP p ng c: - C th a ra rng ri, trin khai n gin - M ha mnh - Kh nng t ng b - Ti u tnh ton, hiu qu ti nguyn b vi x l - C cc la chn b xung thm Lc u ngi ta tin tng kh nng kim sot truy cp v tch hp d liu ca n v WEP c trin khai trn nhiu h thng, tn gi ca n ni ln nhng k vng ban u m ngi ta t cho n, nhng sau ngi ta nhn ra rng WEP khng kh nng bo mt mt cch ton din.
- 33 -
- Ch c chng thc mt chiu: Client chng thc vi AP m khng c chng thc tnh hp php ca AP vi Client - WEP cn thiu c ch cung cp v qun l m kha. Khi s dng kha tnh, nhiu ngi dng kha dng chung trong mt thi gian di. Bng my tnh x l tc cao hin nay k tn cng cng c th bt nhng bn tin m ha ny gii m ra m kha m ha mt cch n gin. Nu gi s mt my tnh trong mng b mt hoc b nh cp s dn n nguy c l kha dng chung m cc my khc cng ang dng. Hn na, vic dng chung kha, th nguy c lu lng thng tin b tn cng nghe trm s cao hn. - Vector khi to IV, nh phn tch trn, l mt trng 24 bit kt hp vi phn RC4 to ra chui kha key stream, c gi i dng nguyn bn, khng c m ha. IV c thay i thng xuyn, IV c 24 bit th ch c th c ti a 224 = 16 triu gi tr IV trong 1 chu k, nhng khi mng c lu lng ln th s lng 16 triu gi tr ny s quay vng nhanh, khong thi gian thay i ngn, ngoi ra IV thng khi to t gi tr 0, m mun IV khi to li ch cn thc hin c vic reboot li thit b. Hn na chun 802.11 khng cn xc nh gi tr IV vn gi nguyn hay thay i, v nhng Card mng khng dy ca cng 1 hng sn xut c th xy ra hin tng to ra cc IV ging nhau, qu trnh thay i ging nhau. K tn cng c th da vo m tm ra IV, ri tm ra IV ca tt c cc gi tin i qua m nghe trm c, t tm ra chui kha v s gii m c d liu m ha. - Chun 802.11 s dng m CRC kim tra tnh ton vn ca d liu, nh nu trn, WEP khng m ha ring gi tr CRC ny m ch m ha cng phn Payload, k tn cng c th bt gi tin, sa cc gi tr CRC v ni dung ca cc gi tin , gi li cho AP xem AP c chp nhn khng, bng cch d ny k tn cng c th tm ra c ni dung ca phn bn tin i cng m CRC. Nhn ra s yu km ca WEP chun m ha c tnh bo mt cao hn ra i thay th cho WEP.
- 34 -
2.2.2 Gii php an ninh WPA, WPA2

Mt gii php v lu di l s dng 802.11i tng ng vi WPA2, c chng nhn bi Wi-Fi Alliance. Chun ny s dng thut ton m ho mnh m v c gi l Chun m ho nng cao AES (Advanced Encryption Standard). AES s dng thut ton m ho i xng theo khi Rijndael, s dng khi m ho 128 bit, v 192 bit hoc 256 bit. 2.2.2.1 WPA - Wi-fi Protected Access Trong khi AES c xem nh l bo mt tt hn rt nhiu so vi WEP 128 bit hoc 168 bit DES (Digital Encryption Standard). m bo v mt hiu nng, qu trnh m ho cn c thc hin trong cc thit b phn cng nh tch hp vo chip. Tuy nhin, rt t card mng WLAN hoc cc im truy cp c h tr m ho bng phn cng ti thi im hin ti. Hn na, hu ht cc thit b cm tay Wi -Fi v my qut m vch u khng tng thch vi chun 802.11i. Nhn thy c nhng kh khn khi nng cp ln 802.11i, Wi -Fi Alliance a ra gii php khc gi l Wi-Fi Protected Access (WPA). Mt trong nhng ci tin quan trng nht ca WPA l s dng hm thay i kho TKIP (Temporal Key Integrity Protocol). WPA cng s dng thut ton RC4 nh WEP, nhng m ho y 128 bit. V mt c im khc l WPA thay i kho cho mi gi tin. Cc cng c thu thp cc gi tin ph kho m ho u khng th thc hin c vi WPA. Bi WPA thay i kho lin tc nn hacker khng bao gi thu thp d liu mu tm ra mt khu. Khng nhng th, WPA cn bao gm kim tra tnh ton vn ca thng tin (Message Integrity Check). V vy, d liu khng th b thay i trong khi ang trn ng truyn. Mt trong nhng im hp dn nht ca WPA l khng yu cu nng cp phn cng. Cc nng cp min ph v phn mm cho hu ht cc card mng v im truy cp s dng WPA rt d dng v c sn. Tuy nhin, WPA cng khng h tr cc thit b cm tay v my qut m vch. Theo Wi-Fi Alliance, c khong 200 thit b c cp chng nhn tng thch WPA.
- 35 -
WPA c sn 2 la chn: WPA Personal v WPA Enterprise. C 2 la chn ny u s dng giao thc TKIP, v s khc bit ch l kho khi to m ho lc u. WPA Personal thch hp cho gia nh v mng vn phng nh, kho khi to s c s dng ti cc im truy cp v thit b my trm. Trong khi , WPA cho doanh nghip cn mt my ch xc thc v 802.1x cung cp cc kho khi to cho mi phin lm vic. Trong khi Wi-Fi Alliance a ra WPA, v c coi l loi tr mi l hng d b tn cng ca WEP, nhng ngi s dng vn khng thc s tin tng vo WPA. C mt l hng trong WPA v li ny ch xy ra vi WPA Personal. Khi m s dng hm thay i kho TKIP c s dng to ra cc kho m ho b pht hin, nu hacker c th on c kho khi to hoc mt phn ca mt khu, h c th xc nh c ton b mt khu, do c th gii m c d liu. Tuy nhin, l hng ny cng s b loi b bng cch s dng nhng kho khi to khng d on. iu ny cng c ngha rng k thut TKIP ca WPA ch l gii php tm thi, cha cung cp mt phng thc bo mt cao nht. WPA ch thch hp vi nhng cng ty m khng khng truyn d liu "mt" v nhng thng mi, hay cc thng tin nhy cm... WPA cng thch hp vi nhng hot ng hng ngy v mang tnh th nghim cng ngh. 2.2.2.2 WPA2 Wi-fi Protected Access 2 WPA2 l mt chun ra i sau v c National Institute of Standards and Technology (NIST) khuyn co s dng, WPA2 s dng thut ton m ha Advance Encryption Standar (AES). WPA2 cng c cp bo mt rt cao tng t nh chun WPA nhng trn thc t WPA2 cung cp h thng m ha mnh hn so vi WPA. WPA2 s dng rt nhiu thut ton m ha d liu nh RC4, AES v mt vi thut ton khc. Nhng h thng s dng WPA2 u tng thch vi WPA.
- 36 -
CHNG 3: AN NINH MNG LAN KHNG DY CHUN 802.11i

3.1 Tng quan v chun IEEE 802.11i
Nhm IEEE 802.11i tch cc nghin cu a ra gii php thay th cho WEP. Gii php tng t h ca IEEE 802.11i da trn cc thnh phn: TKIP, CCMP, IEEE 802.1x .
Hnh 3.1: Thnh phn ca 802.11i
3.1.1 TKIP
TKIP (Temporal Key Identity Protocol: Giao thc ton vn kha phin): l giao thc m ha tng lin kt trong chun 802.11i c thit k nng cp kh nng an ninh cho WEP nhng vn hot ng c trn cc thit b phn cng h tr WEP. Thc cht TKIP l gii php nng cp phn mm cho thit b s dng WEP, TKIP vn gi nguyn kin trc cng nh cc thao tc trong WEP. 3.1.1.1 Khc bit gia TKIP v WEP Cy phn cp kha v qun l kha t ng. Khc vi WEP s dng ch 1 kha chnh duy nht, TKIP s dng nhiu kha chnh. Khi cn m ha cc khung tin, cc kha s c sinh ra t cc kha chnh ny. Cc kha ny c sinh v qun l bi kin trc Mng an ton n nh (RSN Robust Security Netwwork). Kha cho tng frame Mc d TKIP vn gi c ch m ha RC4 ca WEP, n sinh ra cc kha RC4 duy nht cho mi khung tin t kha chnh. Qu trnh ny c gi l trn kha (key mixing).
- 37 -
V vic dng gi tr kha dng chung trong mt khong thi gian c th b k tn cng d ra trc khi kp i nn ngi ta a ra mt phng php l thay i m kha ny theo tng gi tin. Nguyn l thc hin n gin bng cch thay v a gi tr M kha ti u vo ca b RC4, ngi ta s kt hp m kha ny vi IV bng hm bm Hash, ri a kt qu ny (gi l M kha t hp) ti u vo ca b RC4. V m RC4 thay i lin tc (tng tun t) theo mi gi tin nn M kha t hp cng thay i lin tc d m kha cha i.
IV Cipher Text
IV RC4 Key HASH +
CRC
ICV
Payload
Payload
Hnh 3.2: M t qu trnh m ha khi truyn i sau khi b xung m bo hn na, Cisco a ra quy c l gi tr IV vn tng tun t nhng AP dng gi tr IV l cn Client dng gi tr IV chn nh vy gi tr IV ca AP v Client s khng bao gi trng nhau v M kha t hp ca AP v Client cng s khng bao gi trng nhau. Th t khung tin Mi khung tin trong TKIP c nh s th t nhm gim thiu loi hnh tn cng replay. S dng MIC thay th CRC TKIP thay th thut ton bm tuyn tnh CRC bng mt thut ton bm n nh hn gi l Michael. Thut ton ny sinh ra m ton vn thng ip gi l MIC (Message Intergrity Code). Thm vo , a ch ngun ca khung tin cng c bo v bi m ton vn nhm pht hin cc khung tin b gi mo a ch ngun.
- 38 -
- MIC b xung thm s th t cc trng trong khung d liu (AP s loi b nhng khung no sai s th t ), trnh trng hp k tn cng chn cc gi tin gi mo s dng li gi tr IV c. - MIC b xung thm 1 trng tn l MIC vo trong khung d liu kim tra s ton vn d liu nhng vi thut ton kim tra phc tp, cht ch hn ICV.
Hnh 3.3: Cu trc khung d liu trc v sau khi b xung Trng MIC di 4 byte c tng hp t cc thng s theo hm HASH
Hnh 3.4: Cu trc bn trong ca trng MIC Hm bm Hash y l mt loi hm m ha d liu tha mn cc yu cu sau: - Tm lc mi bn tin c di bt k thnh mt chui nh phn c di xc nh - T chui nh phn ny khng th tm li bn tin nguyn thy ban u (hm tm lc l hm mt chiu) - Bt k mt thay i d rt nh bn tin nguyn thy cng dn n s thay i ca chui tm lc
- 39 -
- Cc hm tm lc ny phi tha mn tnh cht khng va chm c ngha l vi hai bn tin bt k khc nhau, cng dng mt hm tm lc rt kh c th cho ra hai chui tm lc c ni dung ging nhau. iu ny rt c ch trong vic chng gi mo ni dung bc in. Phn ng khi m MIC sai c thit k hot ng trn cc thit b phn cng c, do TKIP cng c nhng hn ch ca n. Ging nh m CRC, m MIC cng c th b sa i khi b tn cng ch ng. Do TKIP s dng c ch gi l phn ng (countermeasure) hn ch ri ro khi mng b tn cng mt cch ch ng. 3.1.1.2 Vc t khi to gim thiu nguy c tn cng vo vc t khi to, TKIP tng di vc t khi to t 24 bit ln 48 bit. Vi vic m rng ny, khng gian vc t khi to tng t 16 triu ln 280 nghn t vc t v do loi b kh nng khng gian vc t b s dng ht trong thi gian sng ca mt kha. chng li hnh thc tn cng replay, vi mi trm khng dy, TKIP lu gi tr th t khung tin gn nht nhn c t trm . Mi khi nhn c mt khung tin, s th t ca khung tin c so snh vi gi tr lu. Nu gi tr ny ln hn hoc bng gi tr lu th khung tin c chp nhn, ngc li khung tin b t chi. 3.1.1.3 Qu trnh trn kha m bo mi khung tin c truyn i c m ha bi mt kha RC4 duy nht, TKIP thc hin qu trnh trng kha. Qu trnh ny s dng vc t khi to ca TKIP, a ch ngun v kha phin theo thi gian. a ch nguoonfcaur khung tin c a vo qu trnh trn kha nhm mc ch m bo rng nu c hai khung tin c cng mt vc t khi to ca TKIP th vn c m ha bi hai RC4 khc nhau. TKIP chia qu trnh trn kha lm hai pha: Pha th nht ly a ch ngun, 128 bit kha phin theo thi gian, v 32 bit u ca vc t khi to ca TKIP sinh ra mt gi tr 80 bit. Kt qu l gi tr sinh ra t pha ny l mt hng s khi 32 bit u ca vc t khi to ca TKIP l mt hng s. Do vy sau 216 =65536 khung tin pha th nht mi cn phi thc hin li.
- 40 -
Pha th hai ca qu trnh trn kha thc hin vic tnh ton cho mi khung tin gi i. Pha ny ly gi tr sinh ra t pha mt, kha phin theo thi gian v 16 bit cui ca vc t khi to ca TKIP lm gi tr u vo. Sau qu trnh tnh ton, kha RC4 c sinh ra c di 128 bit. Ton b kha RC4 ny c chuyn xung cho WEP thc hin vic m ha v gi khung tin. 3.1.1.4 M kim tra ton vn Michael thay th cho m kim tra ton vn CRC vn d b tn cng, TKIP s dng thut ton Michael to m ton vn cho thng ip. c pht trin bi Neils Ferguson vi mc ch xy dng mt thut ton to m kim tra ton vn phc v cho TKIP, thut ton Michael ch s dng cc php ton bit tro i, dch chuyn v loi tr nn vic p dng khng gy nh hng ti nng lc x l thp ca cc phn cng trc . Thut ton Michael thc hin vic tnh ton tng trn trc khi khung tin c chuyn cho tng MAC. Thut ton s dng kha c di 64 bit, thc hin tnh ton trn cc khi 32 bit ca ton b ni dung thng ip. Trc khi thc hin, thut ton s ni mt byte c gi tr 0x5a v t 4 n 7 byte c gi tr 0 vo ui thng ip m bo ni dung c tnh ton l bi s ca 4. Sau khi tnh ton, m MIC c di 8 byte, c ni vo ui gi tin MSDU trc khi truyn d liu i. D liu ny khi truyn i c th b chia nh, tuy nhin ti pha nhn, m MIC ch c tnh ton khi khung tin c tp hp li. Tuy nhin nhn thy m kim tra MIC l cha chng chi li kh nng b tn cng, chun 802.11i cn a thm vo mt bc gi l Michael Countermeasure (tm dch l Phn ng khi m MIC sai). Quy trnh ny thc hin nh sau: Mi khi pht hin ra m MIC sai, gi tr ny c nh du v ghi li. Tuy nhin trc khi c kim tra ton vn, khung tin phi i qua hai qu trnh: kim tra ton vn ca WEP v kim tra chng tn cng replay ca TKIP. Do , bt k mt li MIC no cng c coi l nghim trng v cn c s can thip ca qun tr vin h thng. Nu trong 60 giy, h thng bt gp m MIC sai ln th 2,
- 41 -
countermeasure s thc hin vic ngt kt ni trong vng 60 giy tip theo. Vic ngt kt ni s khin cho k tn cng khng th thc hin mt cch nhanh chng. Mc d 802.11 quy nh thi gian phn ng khi m MIC sai l 60 giy, mt s nh sn xut vn cho php cu hnh li khong thi gian ny. Cc trm s xa kha chnh trong b nh v yu cu kha mi t pha b phn xc thc. B phn xc thc s thc hin vic sinh li v phn phi kha cho cc bn. Thut ton Michael cung cp mc an ninh 20 bit. Theo , sau khong 219 ln, k tn cng c th gi mo c gi tr MIC. Vi gi tr ny trn mt mng 802.11b c kh nng truyn 212 gi tin trong mt giy, k tn cng ch mt khong 2 pht thu c gi tr MIC gi mo hp l. Tuy nhin, c ch phn ng khi MIC sai ch cho php ti a 2 gi tin gi mo trong 1 pht, v do thi gian k tn cng c th to c mt gi tin gi mo c MIC hp l l 218 pht (tng ng 6 thng). Do c ch phn ng khi MIC sai c gi l an ton vi kiu tn cng gi mo thng ip.
3.1.2 CCMP
Nhn ra s khng an ton ca chun WEP, nhm chun ha la chn thut ton m ha mi cho chun mi thay th WEP. Thut ton m ha AES (Advance Encryption Standard) c la chn p dng nhm bo v d liu. Thut ton AES l thut ton m ha khi c th hot ng trn nhiu kha v khi c ln khc nhau. trnh s nhp nhng, chun 802.11i quy nh kch thc kha l 128 bit v ln khi l 128 bit. Giao thc an ninh hot ng tng lin kt d liu s dng AES c gi l CCMP (Giao thc ch m kt hp CBC-MAC). CCMP l ch hot ng kt hp trong cng mt kha va c s dng m ha v m bo ton vn cho d liu. 3.1.2.1 Ch m kt hp CBC-MAC Trong thut ton m ha AES, thut ng ch hot ng (mode of operation)
- 42 -
c s dng ch phng thc chia khi, m ha v tp hp li thnh thng ip gc. Ch m (mode counter) hay cn gi l ch CTR hot ng theo phng thc: s dng mt gi tr bnh thng (gi l s m), thc hin m ha gi tr ny ri XOR vi khi d liu to ra d liu m ha
Hnh 3.5: CCMP CTR Format Vi cch hot ng nh vy, th pha m ha hay gii m ch cn thc thi thut ton m ha khi AES vi s m c ng b 2 pha bi vic XOR hai ln cng mt gi tr ca mt ton hng s cho ta gi tr d liu ban u ca ton hng cn li. thm vo , nu d liu cn m ha c rng khng l bi s ca kch thc khi, th vic m ha ch n gin l XOR gi tr m ha gi tr m vi d liu, v do kch thc ca khi d liu m ha s bng vi kch thc d liu trc khi m ha. M ha AES theo ch m c s dng hn 20 nm v t c nim tin v s an ton ca n. Tuy vy phng php ch phc v cho mc ch m ha d liu, do cn mt phng php m bo tnh ton vn ca d liu. Phng thc m bo tnh ton vn ca d liu trong CCMP gi l phng thc chui khi m ha (CBC). CBC c s dng to ra m ton vn (MIC) cho thng ip gi i. Trong cng ng bo mt, MIC c gi l m xc thc thng ip (MAC-Message Authentication Code) nn CBC cn c gi l CBC-MAC.
- 43 -
Hnh 3.6: CCMP CBC-MAC IV format Cch hot ng ca CBC-MAC tng i n gin: Ly khi u tin trong thng ip v m ha (s dng AES). XOR kt qu thu c vi khi th 2 v tip tc m ha kt qu thu c. XOR kt qu thu c vi khi tip theo ri m ha n. C tip tc nh vy cho n ht. Cch hot ng ca CBC-MAC tng i n gin nhng khng th song song ha nh ch m. Vi nhng thng ip m ln khng l bi s ca kch thc khi, CCMP a thm cc bit 0 vo cui thng ip CBC-MAC c th hot ng c. Ngoi ra, CBC-MAC cn cho php m bo tnh ton vn cho nhng d liu khng c m ha chng hn nh a ch MAC ca khung tin. 3.1.2.2 Qu tnh hot ng ca CCMP Ti pha gi, khi thng ip cn gi i c chuyn xung CCMP, qu trnh din ra: Mi thng ip c gn mt s th t gi c ln 48 bit. S th t gi cng ging nh vc t khi to ca TKIP, l duy nht v khng c s dng li cho tng kha phin. Trng d liu xc thc b xung c to ra cha gi tr nhng thng tin trong khung tin 802.11 cn c kim tra tnh ton vn nhng khng c m ha bao gm phien bn giao thc, loi khung tin, cc bit h thng, s hiu mnh, cc bit th t, a ch MAC
- 44 -
Tip , gi tr CCMP nonce c to ra. Gi tr ny c hnh thnh t s th t gi cng vi a ch ngun m bo vic m ha ch thc hin trn d liu duy nht. y chnh l s m s dng trong ch m m ha d liu. Cc gi tr ny cng vi phn d liu ca thng ip c chuyn vo b CCM, trong phn thn thng ip c m ha AES s dng kha phin v CCMP nonce, cn trng AAD v d liu c to m kim tra ton vn 8 byte MIC nh CBC-MAC s dng kha phin. Ti pha nhn, khi nhn c khung tin, qu trnh gii m v kim tra m din ra: Khung tin nhn c bi tng MAC s c kim tra gi tr FSC trc khi chuyn xung cho CCMP x l. Trng AAD c to ra t khung tin nhn c. Gi tr CCMP nonce c tnh ton. Pha Nhn gii m d liu s dng kha phin v CCMP nonce. Gi tr MIC c tnh ton trn trng AAD v d liu gii m ri so snh vi gi tr MIC trong khung tin nhn c. Nu hai gi tr ny khc nhau, qu trnh x l dng. Gi tr s th t gi c kim tra chng li hnh thc tn cng replay. Khung tin nguyn thy c hnh thnh.
3.1 3 802.1x
802.1x c thit k cho php c s chng thc tnh hp php ca AP vi Client. Mc ch ca n l a ra khng nh ngi dng s ch kt ni vi mng ng. mng hu tuyn, vic kt ni ti ng mng c th n gin nh theo ng dy dn. Truy nhp theo ng dy dn gip cho ngi dng nhn bit c mng ng. Nhng trong mng khng dy, ng truyn vt l l khng tn ti, v vy phi c mt s c cu khc c thit k cho mng chng thc mng vi ngi dng. Chun chng thc 802.1x ra i nhm thu thp cc thng tin chng thc t ngi dng v chp nhn hay t chi truy cp c da trn nhng thng tin .
- 45 -
3.1.3.1 Nguyn l RADIUS Server
Vic chng thc ca 802.1x c thc hin trn mt server ring, server ny s qun l cc thng tin xc thc ngi s dng nh tn ng nhp (username), mt khu (password), m s th, du vn tay, vv.. Khi ngi dng gi yu cu chng thc, server ny s tra cu d liu xem ngi dng ny c hp l khng, c cp quyn truy cp n mc no, vv.. Nguyn l ny c gi l RADIUS (Remote Authentication Dialin User Service) Server My ch cung cp dch v chng thc ngi dng t xa thng qua phng thc quay s. Phng thc quay s xut hin t ban u vi mc ch l thc hin qua ng in thoi, ngy nay khng ch thc hin qua quay s m cn c th thc hin trn nhng ng truyn khc nhng ngi ta vn gi tn RADIUS nh xa.
Hnh 3.7: M hnh chng thc s dng RADIUS Server Cc qu trnh lin kt v xc thc c tin hnh nh m t trong hnh trn, v thc hin theo cc bc sau:
- 46 -
Client Laptop 1
Access Point
RADIUS Server
6 7
1. My tnh Client gi yu cu kt ni n AP 2. AP thu thp cc yu cu ca Client v gi n RADIUS server 3. RADIUS server gi n Client yu cu nhp user/password 4. Client gi user/password n RADIUS Server 5. RADIUS server kim tra user/password c ng khng, nu ng th RADIUS server s gi cho Client m kha chung 6. ng thi RADIUS server cng gi cho AP m kha ny v ng thi thng bo vi AP v quyn v phm vi c php truy cp ca Client ny 7. Client v AP thc hin trao i thng tin vi nhau theo m kha c cp
- 47 -
nng cao tnh bo mt, RADIUS Server s to ra cc kha dng chung khc nhau cho cc my khc nhau trong cc phin lm vic (session) khc nhau, thm ch l cn c c ch thay i m kha thng xuyn theo nh k. Khi nim kha dng chung lc ny khng phi ch vic dng chung ca cc my tnh Client m ch vic dng chung gia Client v AP. 3.1.3.2 Giao thc chng thc m rng EAP m bo an ton trong qu trnh trao i bn tin chng thc gia Client v AP khng b gii m trm, sa i, ngi ta a ra EAP (Extensible Authentication Protocol) giao thc chng thc m rng trn nn tng ca 802.1x. Giao thc chng thc m rng EAP l giao thc h tr, m bo an ninh trong khi trao i cc bn tin chng thc gia cc bn bng cc phng thc m ha thng tin chng thc. EAP c th h tr, kt hp vi nhiu phng thc chng thc ca cc hng khc nhau, cc loi hnh chng thc khc nhau v d ngoi user/password nh chng thc bng c im sinh hc, bng th chip, th t, bng kha cng khai, vv...Kin trc EAP c bn c ch ra hnh di y, n c thit k vn hnh trn bt c lp ng dn no v dng bt c cc phng php chng thc no.
Hnh 3.8: Kin trc EAP c bn a. Bn tin EAP
Mt bn tin EAP c th hin hnh trn. Cc trng ca bn tin EAP :
- 48 -
- Code: trng u tin trong bn tin, l mt byte di v xc nh loi bn tin ca EAP. N thng c dng th hin trng d liu ca bn tin. - Identifier: l mt byte di. N bao gm mt s nguyn khng du c dng xc nh cc bn tin yu cu v tr li. Khi truyn li bn tin th vn l cc s identifier , nhng vic truyn mi th dng cc s identifier mi. - Length: c gi tr l 2 byte di. N chnh l chiu di ca ton b bn tin bao gm cc trng Code, Identifier, Length, v Data. - Data: l trng cui cng c di thay i. Ph thuc vo loi bn tin, trng d liu c th l cc byte khng. Cch th hin ca trng d liu c da trn gi tr ca trng Code. b. Cc bn tin yu cu v tr li EAP (EAP Requests and Responses) Trao i trong chng thc m rng EAP bao gm cc bn tin yu cu v tr li. Ni tip nhn chng thc (Authenticator) gi yu cu ti h thng tm kim truy cp, v da trn cc bn tin tr li , truy cp c th c chp nhn hoc t chi. Bn tin yu cu v tr li c minh ha hnh di y:
Hnh 3.8: Cu trc khung ca bn tin yu cu v tr li - Code: c gi tr l 1 nu l bn tin yu cu v c gi tr l 2 nu l bn tin tr li. Trng Data cha d liu c dng trong cc bn tin yu cu v tr li. Mi trng Data mang mt loi d liu khc nhau, phn ra loi m xc nh v s lin kt d liu nh sau: - Type: l mt trng byte ch ra loi cc bn tin yu cu hay tr li. Ch c mt byte c dng trong mi gi tin. Khi mt bn tin yu cu khng c chp nhn, n c th gi mt NAK ngh thay i loi, c trn 4 loi ch ra cc phng php chng thc. - Type Data: l trng c th thay i lm r hn nguyn l ca tng loi. Loi code 1: Identity
- 49 -
Ni tip nhn chng thc thng dng loi Identity nh l yu cu thit lp. Sau , vic xc nh ngi dng l bc u tin trong trong chng thc. Trng Type Data c th bao gm chui nhc ngi dng, chiu di ca chui c tnh t trng Length trong chnh gi EAP. Loi code 2: Notification ( Thng bo ) Ni tip nhn chng thc c th dng loi thng bo gi mt bn tin ti ngi dng. Sau h thng ca ngi dng hin th bn tin . Bn tin thng bo c dng cung cp bn tin ti ngi dng t h thng chng thc, nh l password v vic ht quyn s dng. Cc bn tin p ng phi c gi tr li cc yu cu thng bo. Tuy nhin, chng thng l cc phn hi n gin, v trng Type Data c chiu di l 0. Loi code 3: NAK Cc NAK c dng a ra mt phng thc chng thc mi. Ni tip nhn chng thc a ra chui mi kt ni, c m ha bi mt loi m. Cc loi chng thc c nh s th t trn 4. Nu h thng ngi dng khng ph hp vi loai chng thc ca chui ny, n c th a ra mt NAK. Cc bn tin NAK ca trng ca trng Type Data bao gm mt byte n tng ng vi loi chng thc. Loi code 4: Chui MD 5 (MD 5 Challenge) MD 5 Challenge thng c s dng trong EAP tng t ca giao thc CHAP, c a ra trong RFC 1994. y l yu cu bo mt c bn m EAP s dng gm c Tn ng nhp v mt khu. MD 5 bo v gi tin bng cch to ra nhng du hiu c trng ring ( nh ch k in t ) lu trong gi tin . MD -5 l mt giao thc cn n gin, chy nhanh, d b xung. N khng s dng chng thc PKI, mc m ha ca n cn cha cao, c kh nng b tn cng kiu thu ht. Loi code 5: One time password (OPT ) H thng one time password dng bi EAP c nh ngha trong RFC 1938. Bn tin yu cu c a ti ngi dng bao gm chui mi kt ni OPT. Trong mt bn tin p ng OPT (loi 5), trng Type Data gm c cc t t
- 50 -
in OPT trong RFC 1938. Ging nh tt c cc loi chng thc, cc bn tin tr li c th l cc NAK (loi 3). Loi code 6: c im th Token (Generic Token Card ) Cc th Token nh l SecurID ca RSA v Safeword ca Secure Computing l ph bin vi nhiu ni bi v chng a ra s bo mt ngu nhin cc one time password m khng c mt phc tp no ca mt OPT. Cc bn tin yu cu cha ng thng tin c im th Token cn thit cho chng thc. Trng Type Data ca yu cu phi c chiu di ln hn 0 byte. Trong cc bn tin p ng, trng Type Data c dng mang thng tin c sao chp t th Token bi ngi dng. Trong c bn tin yu cu v tr li, trng chiu di ca gi EAP c tnh l chiu di bn tin yu cu ca Type Data. Loi code 13: TLS RFC a ra vic dng Transport Layer Security (TLS) trong chng thc. TLS l phin bn nng cp c trin khai mt cch rng ri Secure Socket Layer (SSL) v chng thc TLS k tha mt s c im t SSL. TLS l mt phng thc m ha mnh, n chng thc song phng c ngha l khng ch Server chng thc Client m Client cng chng thc li Server, chng li vic nghe trm, bt gi tin. Nhc im ca n l yu cu chng thc PKI c 2 pha lm cho qu trnh chng thc phc tp, n ph hp vi h thng no c sn chng thc PKI. Cc loi m khc ng ch nht l 2 khi nim chng thc Kerberos v chng thc cell phone (th SIM da trn cc mng th h th 2 v AKA da trn cc mng th h th 3).
c. Cc khung trong EAP

Khi cc trao i EAP kt thc, ngi dng hoc chng thc thnh cng hoc khng thnh cng. Khi ni tip nhn chng thc xc nh vic trao i l hon tt n a ra khung thnh cng (Code 3) v khng thnh cng (Code 4) kt thc trao i EAP. N cho php gi nhiu bn tin yu cu trc khi chng thc khng thnh cng cho php ngi dng nhn c thng tin chng thc ng.
- 51 -
Hnh 3.9: Cu trc cc khung EAP thnh cng v khng thnh cng d. Chng thc cng Chng thc ti cc thit b mng lp ng dn l khng mi. Chng thc cng mng c bit n t trc. Hu ht s ra i ca n c s pht trin c s h tng kh rng ph hp chng thc ngi dng, nh l nguyn l RADIUS servers, v LDAP directories. Khi nim Port: ch vic ng m cng tng ng vi vic chp nhn hay t chi kt ni ca Authenticator. Ngoi ra cn c thm 1 port cho cc tuyn i qua m khng lin quan n qu trnh chng thc.
Hnh 3.10: Cu trc cng e. Kin trc v thut ng trong chng thc EAP Trong qu trnh chng thc s dng EAP, c 3 bn chnh tham gia l : - My Client/My xin chng thc - Client/Supplicant: l cc phn t c nhu cu cn chng thc thit lp kt ni - Tip nhn chng thc Authenticator: l cc phn t trung gian tip nhn nhu cu chng thc v trao i bn tin qua li gia Client v Server chng thc. Phng thc trao i gia Authenticator v Client gi l EAPOL (EAP Over LAN) hoc EAPOW (EAP Over Wireless).
- 52 -
- Server chng thc - Authentication Server: phn t x l cc yu cu chng thc gi n, cp php hay t chi. N khng ch x l yu cu chng thc ca Client m cn c th gi n Client yu cu chng thc bn thn n. Server chng thc c th theo m hnh RADIUS Server hay Active Directory Server.
- 53 -
f. Dng khung v cch nh a ch ca EAPOL Dng khung Dng c bn ca mt khung EAPOL c a ra hnh di y:
Hnh 3.11: Cu trc c bn ca khung EAPOL Bao gm cc trng sau: - MAC header: gm c a ch ch v a ch ngun MAC - Ethernet Type: gm c 2 byte nh a ch m l 88 8e. - Version: cho bit s th t ca phin bn. - Packet Type: EAPOL l mt s m rng ca EAP. Bng sau ch ra mt s loi bn tin v miu t v chng: Loi bn tin 00000000 EAP - Packet Bao gm mt khung EAP. Phn ln cc khung u l EAP Packet. 00000001 EAPOL - Start Thay cho vic i mt chui mi kt ni t Authenticator, Supplicant c th a mt khung EAPOL Start. Trong bn tin tr li, Authenticator gi mt khung EAP Request / Identity. 00000010 EAPOL Logoff Khi mt h thng hon tt vic s dng mng, n c th a ra mt khung EAPOL Logoff a cng v trng thi tt. 00000011 EAPOL Key EAPOL c th c dng trao i thng tin kha m ha. Tn Miu t
- 54 -
- Packet Body Length: chiu di l 2 byte. N c thit lp l 0 khi khng c packet body no tn ti. - Packet Body: trng ny c chiu di thay i c, c trong tt c cc dng khung EAPOL tr bn tin EAPOL Start v EAPOL Logoff. nh a ch Trong mi trng chia s mng LAN nh l Ethernet, Supplicants gi cc bn tin EAPOL ti nhm a ch 01:C2:00:00:03. Trong mng 802.11, cc cng l khng tn ti, v EAPOL c th tip tc c ch sau khi qu trnh lin kt cho php c hai bn l Supplicant ( STA khng dy di ng ) v authenticator ( AP ) trao i a ch MAC. Trong mi trng nh l 802.11, EAPOL yu cu dng a ch STA. g. Mt v d v trao i thng tin trong chng thc EAP
Cc bc trao i theo th t nh sau:
- 55 -
1. Supplicant gi bn tin EAPOL Start ti Authenticator. 2. Authenticator ( chuyn mch mng ) gi li mt khung EAP Request / Identity ti Supplicant. 3. Supplicant tr li bng mt khung EAP Reponse / Identity. Sau Authenticator gi n RADIUS server mt bn tin Radius Access Request. 4. RADIUS server tr li bng mt bn tin Radius Access Challenge. Sau Authenticator gi n Supplicant mt bn tin EAP Request cho s chng thc hp l cha bt k thng tin lin quan. 5. Supplicant tp hp cc thng tin tr li t ngi dng v gi mt EAP Reponse ti Authenticator. Ti y thng tin x l thnh bn tin Radius Access Request v c gi ti RADIUS. 6. RADIUS server gi mt bn tin Radius Access Accept cho php truy cp. V vy, Authenticator gi mt khung EAP Success ti Supplicant. Khi cng c m v ngi dng c th bt u truy cp vo mng. 7. Khi Supplicant hon tt vic truy cp mng, n gi mt bn tin EAPOL Logoff ng cng. Tm li v nguyn l 3 bn th cng ging nh nguyn l 3 bn chng thc cp phn gii thiu RADIUS server, ch c iu khc l cc hot ng trao i bn tin qua li u thng qua EAP m bo an ninh.
- 56 -
Hnh 3.12: M hnh chng thc s dng RADIUS Server Cc qu trnh lin kt v xc thc c tin hnh nh m t trong hnh trn, v thc hin theo cc bc sau:
Client Laptop 1
Access Point
RADIUS Server
6 7
1. My tnh Client gi yu cu kt ni n AP
- 57 -
2. AP thu thp cc yu cu ca Client v gi n RADIUS server 3. RADIUS server gi n Client yu cu nhp user/password 4. Client gi user/password n RADIUS Server 5. RADIUS server kim tra user/password c ng khng, nu ng th RADIUS server s gi cho Client m kha chung 6. ng thi RADIUS server cng gi cho AP m kha ny v ng thi thng bo vi AP v quyn v phm vi c php truy cp ca Client ny 7. Client v AP thc hin trao i thng tin vi nhau theo m kha c cp nng cao tnh bo mt, RADIUS Server s to ra cc kha dng chung khc nhau cho cc my khc nhau trong cc phin lm vic (session) khc nhau, thm ch l cn c c ch thay i m kha thng xuyn theo nh k. Khi nim kha dng chung lc ny khng phi ch vic dng chung ca cc my tnh Client m ch vic dng chung gia Client v AP.
3.2 Thut ton m ho s dng trong chun IEEE 802.11i

3.2.1 Gii thiu AES (Advanced Encryption Standard - chun m ha nng cao) l mt thut ton m ha khi c chnh ph Hoa k p dng lm tiu chun m ha. Ging nh tiu chun tin nhim DES, AES c k vng p dng trn phm vi th gii v c nghin cu rt k lng. AES c chp thun lm tiu chun l in bang bi Vin tiu chun v cng ngh quc gia Hoa k (NIST) sau mt qu trnh tiu chun ha ko di 5 nm.
Thut ton c thit k bi hai nh mt m hc ngi B: Joan Daemen v Vincent Rijmen (ly tn chung l "Rijndael" khi tham gia cuc thi thit k AES).
3.2.2 M t thut ton Mc d 2 tn AES v Rijndael vn thng c gi thay th cho nhau nhng trn thc t th 2 thut ton khng hon ton ging nhau. AES ch lm vic vi khi d liu 128 bt v kha c di 128, 192 hoc 256 bt trong khi Rijndael c th
- 58 -
lm vic vi d liu v kha c di bt k l bi s ca 32 bt nm trong khong t 128 ti 256 bt. Cc kha con s dng trong cc chu trnh c to ra bi qu trnh to kha con Rijndael. Hu ht cc php ton trong thut ton AES u thc hin trong mt trng hu hn. AES lm vic vi tng khi d liu 44 byte (ting Anh: state, khi trong Rijndael c th c thm ct). Qu trnh m ha bao gm 4 bc: 1. AddRoundKey - mi byte ca khi c kt hp vi kha con, cc kha con ny c to ra t qu trnh to kha con Rijndael. 2. SubBytes - y l php th (phi tuyn) trong mi byte s c th bng mt byte khc theo bng tra (Rijndael S-box). 3. ShiftRows - i ch, cc hng trong khi c dch vng. 4. MixColumns - qu trnh trn lm vic theo cc ct trong khi theo mt php bin i tuyn tnh. Ti chu trnh cui th bc MixColumns c thay th bng bc AddRoundKey a. AddRoundKey Ti bc ny, kha con c kt hp vi cc khi. Kha con trong mi chu trnh c to ra t kha chnh vi qu trnh to kha con Rijndael; mi kha con c di ging nh cc khi. Qu trnh kt hp c thc hin bng cch XOR tng bt ca kha con vi khi d liu.
- 59 -
Hnh 3.13: To kha s dng php ton XOR. b. SubBytes Cc byte c th thng qua bng tra S-box. y chnh l qu trnh phi tuyn ca thut ton. Hp S-box ny c to ra t mt php nghch o trong trng hu hn GF (28) c tnh cht phi tuyn. chng li cc tn cng da trn cc c tnh i s, hp S-box ny c to nn bng cch kt hp php nghch o vi mt php bin i affine kh nghch. Hp S-box ny cng c chn trnh cc im bt ng (fixed point).
Qu trnh thay th Byte. c. ShiftRows
- 60 -
Cc hng c dch vng mt s v tr nht nh. i vi AES, hng u c gi nguyn. Mi byte ca hng th 2 c dch tri mt v tr. Tng t, cc hng th 3 v 4 c dch 2 v 3 v tr. Do vy, mi ct khi u ra ca bc ny s bao gm cc byte 4 ct khi u vo. i vi Rijndael vi di khi khc nhau th s v tr dch chuyn cng khc nhau.
Hnh 3.14: Bc dch hng. d. MixColumns Bn byte trong tng ct c kt hp li theo mt php bin i tuyn tnh kh nghch. Mi khi 4 byte u vo s cho mt khi 4 byte u ra vi tnh cht l mi byte u vo u nh hng ti c 4 byte u ra. Cng vi bc ShiftRows, MixColumns to ra tnh cht khuych tn cho thut ton. Mi ct c xem nh mt a thc trong trng hu hn v c nhn vi a thc c(x) = 3x3 + x2 + x + 2 (modulo x4 + 1). V th, bc ny c th c xem l php nhn ma trn trong trng hu hn.
Hnh 3.15: Qu trnh bin i tuyn tnh trn ct.
- 61 -
3.2.3 Ti u ha i vi cc h thng 32 bt hoc ln hn, ta c th tng tc thc hin thut ton bng cch st nhp cc bc SubBytes, ShiftRows, MixColumns v chuyn chng thnh dng bng. C c thy 4 bng vi 256 mc, mi mc l 1 t 32 bt, 4 bng ny chim 4096 byte trong b nh. Khi , mi chu trnh s c bao gm 16 ln tra bng v 12 ln thc hin php XOR 32 bt cng vi 4 php XOR trong bc AddRoundKey. Trong trng hp kch thc cc bng vn ln so vi thit b thc hin th ch dng mt bng v tra bng kt hp vi hon v vng quanh. 3.2.4 Kh nng an ton Vic s dng cc hng s khc nhau ng vi mi chu k gip hn ch kh nng tnh i xng trong thut ton. S khc nhau trong cu trc ca vic m ha v gii m hn ch c cc kha yu (weak key) nh trong phng php DES. Ngoi ra, thng thng nhng im yu lin quan n m kha u xut pht t s ph thuc vo gi tr c th ca m kha ca cc thao tc phi tuyn nh trong phng php IDEA (International Data Encryption Algorithm). Trong cc phin bn m rng, cc kha c s dng thng qua thao tc XOR v tt c nhng thao tc phi tuyn u c c nh sn trong S-box m khng ph thuc vo gi tr c th ca m kha. Tnh cht phi tuyn cng kh nng khuch tn th ng tin (diffusion) trong vic to bng m kha m rng lm cho vic phn tch mt m da vo cc kha tng ng hay cc kha c lin quan tr nn khng kh thi. i vi phng php vi phn rt gn, vic phn tch ch yu khai thc c tnh tp trung thnh vng (cluster) ca cc vt vi phn trong mt s phng php m ha. Trong trng hp thut ton Rijndael vi s lng chu k ln hn 6, khng tn ti phng php cng ph mt m no hiu qu hn phng php th v sai. Tnh cht phc tp ca biu thc S-box trn GF(28) cng vi hiu ng khuch tn gip cho thut ton khng th b phn tch bng phng php ni suy. 3.2.5 Kt lun
- 62 -
Phng php Rijndael thch hp cho vic trin khai trn nhiu h thng khc nhau, khng ch trn cc my tnh c nhn m in hnh l s dng cc chip Pentium, m c trn cc h thng th thng minh. Trn cc my tnh c nhn, thut ton AES thc hin vic x l rt nhanh so vi cc phng php m ha khc. Trn cc h thng th thng minh, phng php ny cng pht huy u im khng ch nh vo tc x l cao m cn nh vo m chng trnh ngn gn, thao tc x l s dng t b nh. Ngoi ra, tt c cc bc x l ca vic m ha v gii m u c thit k thch hp vi c ch x l song song nn phng php Rijndael cng chng t th mnh ca mnh trn cc h thng thit b mi. Do c tnh ca vic x l thao tc trn tng byte d liu nn khng c s khc bit no c t ra khi trin khai trn h thng big-endian hay little-endian. Xuyn sut phng php AES, yu cu n gin trong vic thit k cng tnh linh hot trong x l lun c t ra v c p ng. ln ca khi d liu cng nh ca m kha chnh c th ty bin linh hot t 128 n 256-bit vi iu kin l chia ht cho 32. S lng chu k c th c thay i ty thuc vo yu cu ring c t ra cho tng ng dng v h thng c th. Tuy nhin, vn tn ti mt s hn ch m hu ht lin quan n qu trnh gii m. M chng trnh cng nh thi gian x l ca vic gii m tng i ln hn vic m ha, mc d thi gian ny vn nhanh hn ng k so vi mt s phng php khc. Khi ci t bng chng trnh, do qu trnh m ha v gii m khng ging nhau nn khng th tn dng li ton b on chng trnh m ha cng nh cc bng tra cu cho vic gii m. Khi ci t trn phn cng, vic gii m ch s dng li mt phn cc mch in t s dng trong vic m ha v vi trnh t s dng khc nhau.
- 63 -
3.3 Trin khai an ninh mng LAN khng dy trn nn chun 802.11i
3.3.1 M t bi ton
Xy dng mng khng dy kt ni Internet phc v cho cc my trm hot ng ng thi. Sau khi thit k v lp t xong th tin hnh ci t cu hnh bo mt cho cc h thng. Tip th nghim an ninh nhm minh chng s an ton ca mng vi giao thc m ha WAP2. 3.3.2 Thit k s mng S mng m phng:
Hnh 3.16: Mng khng dy sau khi thit k v lp t
3.3.3. Cu hnh bo mt
a. Cu hnh trn thit b Access Point ( y minh ha vi thit b Access Point Linksys WRK45G)
- 64 -
tin hnh cu hnh u tin cn truy cp vo mc cu hnh ca thit b. T trnh duyt web browser g http://192.168.1.1. Khi s hin ra bng nhp user v pass truy cp.
Hnh 3.17: Nhp User name v Password cu hnh Sau khi nhp user name v Password th s truy cp c vo phn cu hnh c giao din dng web. Tin hnh cu hnh WEP: - Chn tab Wireless mc wireless security. - Chn cu hnh WEP Security Mode. - Chn mc di kha l 128 bit phn WEP Encryption - Nhp kha b mt vo mc Passphase ri nhn Generate. Sau khi nhn th h thng sinh ra 4 kha WEP. La chn kha wep s dng, nu chn kha no th s dng kha cu hnh WEP trn my trm. - Chn Save lu cu hnh sau khi hon tt vic ci t WEP.
- 65 -
Hnh 3.18: Cu hnh WEP trn Access Point b. Cu hnh bo mt WEP trn my trm. - Chn kiu m ha l WEP Data Encryption. - Nhp kha WEP Network key v Confirm network key. - Chn ch xc thc l Shared Network Authentication.
Hnh 3.19: Cu hnh WEP trn my PC Tin hnh cu hnh WAP2: Khi tin hnh cu hnh bo mt WAP2 ta cng thc hin cc bc tng t 3.3.4 Th nghim an ninh.
- 66 -
a. Kim tra hiu qu vi chun bo mt WEP S dng mt my tnh c kh nng kt ni mng khng dy c ci chng trnh phn tch gi tin mnh Wireshark. Tin hnh bt cc gi tin do AP pht ra. - u tin l trong ch thit t chun bo mt WEP.
Hnh 3.20: Phn tch gi tin m ha WEP bng Wireshark T hnh trn ta thy, sau khi bt c gi tin th ta c th bit c mi thng tin trong gi tin . T SSID, a ch ngun, a ch ch, knh truyn v c bit l ni dung d liu trong gi tin . b. Kim tra hiu qu bo mt vi chun bo mt WAP2 .
- 67 -
KT LUN
An ton d liu my tnh lun l vn rt c quan tm, c bit l vn an ton d liu mng khi m mng my tnh trong giai on pht trin mnh m. Mng LAN khng dy 802.11 s dng mi trng truyn dn khng dy in t vi nhng c im ring ca n cn c nhng gii php an ninh ring bn cnh cc gii php an ninh truyn thng cho mng hu tuyn. Vic tp trung nghin cu, nh gi mc an ninh ca mng ny khng ch c ngha i vi ring lnh vc qun s, k thut m cn i vi tt c cc lnh vc ang p dng n. Do vy lun vn trc ht thc hin vic tm hiu, phn tch cc gii php an ninh cng nh cc ri ro t mng 802.11 da trn cc tiu ch m bo: tnh an ton, tnh xc thc, tnh ton vn. Qua c th thy chun an ninh 802.11i vi mc tiu cung cp mt gii php an ninh mi cho mng 802.11 kh nng mang li m ha an ton cho d liu. Theo hng tm hiu c cho thy phng php Rijndael thch hp cho vic trin khai trn nhiu h thng khc nhau, Ngoi ra, tt c cc bc x l ca vic m ha v gii m u c thit k thch hp vi c ch x l song song nn phng php Rijndael cng chng t th mnh ca mnh trn cc h thng thit b mi. Mc d vy, do hn ch v mt thi gian, iu kin thit b, cng vi trnh c hn, lun vn cha tin hnh c v mt thc nghim m hnh l thuyt xut. Do ch c c nhng nh gi bc u v lnh vc tm hiu. Phng php Rijndael vi mc an ton rt cao cng cc u im ng ch khc chc chn s nhanh chng c p dng rng ri trong nhiu ng dng trn cc h thng khc nhau. Do , trong tng lai, vic tip tc nghin cu phng php m ha ny cng l vn cn quan tm c v mt l thuyt ln p dng trong h thng thc tin.
- 68 -
TI LIU THAM KHO

[1] Aaron E. Earle, Wireless Security Handbook, Auerbach 2006. [2] Bruce E. Alexander, 802.11 Wireless Network Site Surveying and
Installation, Cisco Press 2004. [3] Danny Briere - Walter R. Bruce III - Pat Hurley, Wireless Home Networking for Dummies, Wiley Publishing 2003. [4] Douglas Stinson, Cryptography: Theory And Practice, CRC Press 1995. [5] Eric Geier, Wi-Fi Hotspots, Cisco Press 2006. [6] Jame Kempf, Wireless Internet Security - Architecture and Protocols, Cambridge University Press 2008. [7] Jim Geier, Implementing 802.1X Security Solutions for Wired and Wireless Networks, Wiley Publishing 2005. [8] Jim Geier, Wireless Networking Handbook, New Riders 2002. [9] Matthew Gast, 802.11 Wireless Networks - Definitive Guide, O'Reilly 2002, pp. 1-464. [10] Pablo Brenner, A Technical Tutorial on IEEE 802.11 Protocol, Breeze, 1997. Andrew S. Tanenbaum, Computer Networks, fourth edition, PrenticeHall US 2003, pp. 292-299,311-316. [11] Pejman Roshan - Jonathan Leary, 802.11 Wireless LAN Fundamentals, Cisco Press 2003. [12] Russell Dean Vines, Wireless Security Essentials, Wiley Publishing 2002. [13] Scott Empson, CCNA Portable Command Guide, Cisco Press 2007. [14] Toby J. Velte - Ph.D., Anthony T. Velte, Cisco 802.11 Wireless Networking Quick Reference, Cisco Press 2005. William Stallings, Cryptography and Network Security Principles and Practices, Fourth Edition, Prentice Hall 2005.

An Ninh Trong WLAN

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

An Ninh Trong WLAN

Uploaded by

Copyright:

Available Formats

I HC THI NGUYN KHOA CNG NGH THNG TIN

LUN VN THC S KHOA HC MY TNH

Thi Nguyn - 2009

I HC THI NGUYN KHOA CNG NGH THNG TIN

Ngi hng dn khoa hc: PGS.TS NGUYN VN TAM

Thi Nguyn - 2009

S ha bi Trung tm Hc liu i hc Thi Nguyn

DANH MC CC T, K HIU VIT TT

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

CHNG 2: AN NINH MNG LAN KHNG DY ................................ 17

CHNG 3: AN NINH MNG LAN KHNG DY CHUN 802.11i.... 36

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

CHNG I: TNG QUAN V MNG LAN KHNG DY CHUN IEEE 802.11

1.1.1 u im ca mng my tnh khng dy

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.1.2 Hot ng ca mng my tnh khng dy

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.1.3 Cc m hnh ca mng my tnh khng dy c bn

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.2 Kin trc mng LAN chun IEEE 802.11

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.2.2 Tng iu khin truy nhp CSMA/CA

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.3 Cc chun ca 802.11

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.3.1. Nhm lp vt l PHY

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.3.2 Nhm lp lin kt d liu MAC

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.4 Cc kin trc c bn ca chun 802.11

1.4.3 Trm phc v c bn BSS

Hnh 1.5: M hnh mt BSS

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.4.4 BSS c lp IBSS

1.4.5 H thng phn tn DS

1.4.6 H thng phc v m rng - ESS

Hnh 1.6: M hnh ESS

S ha bi Trung tm Hc liu i hc Thi Nguyn

1.4.7 M hnh thc t

Wireless Station Wireless Network Access Point Wireline Network

S ha bi Trung tm Hc liu i hc Thi Nguyn

CHNG 2: AN NINH MNG LAN KHNG DY

S ha bi Trung tm Hc liu i hc Thi Nguyn

Hnh 2.1: Phn mm bt gi tin Ethereal

S ha bi Trung tm Hc liu i hc Thi Nguyn

2.1.2 Tn cng ch ng Active attacks

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

S ha bi Trung tm Hc liu i hc Thi Nguyn

2.1.3 Tn cng kiu chn p - Jamming attacks

2.1.4 Tn cng theo kiu thu ht - Man in the middle attacks

S ha bi Trung tm Hc liu i hc Thi Nguyn

2.2 An ninh mng my tnh khng dy

S ha bi Trung tm Hc liu i hc Thi Nguyn

2.2.1 Gii php an ninh WEP

Generate random number to challenge station