Wireless Network Security

By Patrick Yount and

CIS 4360
Fall 2009
Taking Steps Towards a
Wireless World
QuickTime™ and a
decompressor QuickTime™ and a
are needed to see this picture. decompressor
are needed to see this picture.

QuickTime™ and a
decompressor
are needed to see this picture.
QuickTime™ and a
decompressor
are needed to see this picture.
What is a Wireless Network?
A group of
connected devices
that communicate
through the air by
means of
electromagnetic
waves, such as radio
waves.
 Types of Wireless Networks
 WPAN’s dynamically connect devices within a
relatively small area; maintain random
network configurations.
i.e. Bluetooth, ad-hoc networks
 WLAN’s connect devices over a more broad
area, known as a cell. Can be found in our
homes, libraries, and coffee shops.
i.e. Wi-Fi, laser bridges
 Types of Wireless Networks
WMAN’s are the connection of multiple
WLAN’s and may span an entire city or
college campus.
i.e. WiMAX
Mobile device networks which are
used by our cell phones.
i.e. GSM (2G), 3G cellular networks
 Wireless Applications
 Laptops  Laser Bridges
 Cellular phones  Emergency Services
 Headphones  Robotics
 Keyboards  Biotechnology
 Printers  Nanotechnology
 Speakers  Radio Frequency
 Global Positioning Identification (RFID)
Systems (GPS) transponders
The possibilities are endless!
What is RFID?
QuickTime™ and a
By means of a simple
integrated circuit and
decompressor
are needed to see this picture.

an antenna, RFID
tags can quickly and
QuickTime™ and a
decompressor
are needed to see this picture.
reliably identify
nearly anything
when scanned with
QuickTime™ and a
decompressor
are needed to see this picture.
an RFID reader.
Radio Frequency Identification
Three types:
1. Passive does not have a
power supply.
QuickTime™ and a
decompressor
are needed to see this picture.

2. Active has a power

supply that powers the
transmission.
QuickTime™ and a
decompressor
are needed to see this picture.
3. Semi-passive has a
power supply that
powers the chip, but not
the transmission.
 Our Responsibility
 We must  Physical theft
understand and 1. Be aware of your
adequately address surroundings.
the inherent 2. Secure your devices
security risks when they are not
in use.
involved with
wireless  Wireless medium
networking.
Wireless Network Security.
 Types of unauthorized access :

 -Accidental
association
 -Malicious
association
 -Ad-hoc networks
 -Non-traditional
networks
Types of unauthorized access :

 -Identity theft
(MAC spoofing)
 -Man-in-the-
middle attacks
 - Denial of service
 -Network
injection
 - Café Latte
attack
 Counteracting security risks

 All wireless LAN

devices need to be
secured
 All users of the
wireless network need
to be educated in
wireless network
security
 All wireless networks
need to be actively
monitored for
weaknesses and
breaches
 There are some very good cryptographic tools that can
be used to protect digital resources.
 Many of these tools have proven security
 The problem is usually bad implementations
 The best cryptographic security is point-to-point
security (such as VPN)
The source & destination
― are mutually authenticated (with public key cryptography)
― exchange privately a fresh secret key (with public key cryptography)
― use symmetric key encryption scheme to encrypt exchanged data
(with symmetric key
cryptography
 Point-to-point security
― Authentication usually involves certificates (a trusted third party
certifies the public key of the entities) and a cryptographic handshake.
― WIMAX uses the Extensible Authentication Protocol for this purpose.
― For encryption it uses block ciphers such as DES3 or AES
 This offers protection at the protocol layer
― There are still problems at the physical layer, such as jamming attacks
(Denial-of-Service), or flooding attacks
 Security vs. functionality tradeoff
― Rule of thumb: the more security the less functionality …