www.studymafia.

org

Seminar
On
  Wireless LAN Security

Submitted To: Submitted By:

www.studymafia.org www.studymafia.org
 Content
• Introduction
• WLAN Authentication
• WLAN Authentication Vulnerabilities
• WEP Encryption
• WEP Encryption Weaknesses
• Component of WLAN Security
• Future of WLAN Security
• Conclusion
• Reference
 Introduction
• It is also easy to interfere with wireless
communications. A simple jamming transmitter can
make communications impossible. For example,
consistently hammering an access point with access
requests, whether successful or not, will eventually
exhaust its available radio frequency spectrum and
knock it off the network.
 WLAN Authentication
• Types Of Authentication
 Open Authentication
• The authentication request
• The authentication response
 Shared Key Authentication
• requires that the client configure a static WEP key
 Service Set Identifier (SSID)
 MAC Address Authentication
• MAC address authentication verifies the client’s
MAC address against a locally configured list of
allowed addresses or against an external
authentication server
WLAN Authentication Vulnerabilities
• SSID
An eavesdropper can easily determine the SSID with the use of an
802.11 wireless LAN packet analyzer, like Sniffer Pro.

• Open Authentication
Open authentication provides no way for the access point to
determine whether a client is valid.

• Shared Key Authentication Vulnerabilities

The process of exchanging the challenge text occurs over the
wireless link and is vulnerable to a man-in-the-middle attack

• MAC Address Authentication Vulnerabilities

A protocol analyzer can be used to determine a valid MAC
address
 WEP Encryption
• WEP is based on the RC4 algorithm, which is a
symmetric key stream cipher. The encryption keys must
match on both the client and the access point for frame
exchanges to succeed
 Stream Ciphers

Encrypts data by generating a key stream from the key and

performing the XOR function on the key stream with the plain-
text data
 WEP Encryption
 Block Ciphers

Fragments the frame into blocks of predetermined size and

performs the XOR function on each block.
 WEP Encryption Weaknesses
• There are two encryption techniques to overcome WEP
encryption weakness
Initialization vectors
Feedback modes
• Initialization vectors
 WEP Encryption Weaknesses
• Feedback Modes
 WEP Encryption Weaknesses

• Statistical Key Derivation—Passive Network Attacks

A WEP key could be derived by passively collecting particular frames
from a wireless LAN

• Inductive Key Derivation—Active Network Attacks

Inductive key derivation is the process of deriving a key by coercing
information from the wireless LAN

 Initialization Vector Replay Attacks

 Bit-Flipping Attacks
• Static WEP Key Management Issues
 Component of WLAN Security
• The Authentication Framework (802.1X)
• The EAP Authentication Algorithm
 Mutual Authentication
 User-Based Authentication
 Dynamic WEP Keys

• Data Privacy with TKIP (Temporal Key Integrity Protocol )

 A message integrity check (MIC
 Per-packet keying
 Broadcast Key Rotation
 Future of WLAN Security
• AES (Advanced Encryption Standard )
 AES-OCB Mode
 Future of WLAN Security
 AES-CCM Mode
 Conclusion
Wireless LAN deployments should be made as
secure as possible. Standard 802.11 security is
weak and vulnerable to numerous network attacks.
This paper has highlighted these vulnerabilities
and described how it can be solved to create
secure wireless LANs.
Some security enhancement features might not be
deployable in some situations because of device
limitations such as application specific devices
(ASDs such as 802.11 phones capable of static
WEP only) or mixed vendor environments. In such
cases, it is important that the network
administrator understand the potential WLAN
security vulnerabilities.
 REFERENCES
• www.google.com
• www.wikipedia.com
• www.studymafia.org
• www.projectsreports.org

15
Thank You!!!