What is WiFi Security??
Introduction:
A wireless network is an unbounded data communication system that uses radio frequency technology to communicate with devices and obtain data.
They are easy to maintain and are inexpensive, when compared to wired networks.
A wireless network can be easily compromised if adequate security measures are not used.
Using a high security mechanism for a wireless network may be expensive. Hence, we should first determine the critical sources, risks, or vulnerabilities associated with it and then check whether the current security mechanism is able to protect the wireless network against all possible attacks. If not, then upgrade to the security mechanism.
Wi-Fi Authentication modes:
There are two major authentication mechanisms supported by 802.11 standards:
1. Open System Authentication :
· Also called null authentication algorithm
· It consists of 2 steps for authentication:
o The client sends a message to the Access Point containing the authentication information ( identity of the sending station)
o The AP then returns an authentication frame to confirm access to the requested station, and thus complete the authentication process.
2. Shared-Key Authentication:
· It consists of four steps:
o The client will send a request to the AP, to establish a connection with it
o The AP responds with an authentication challenge
o The host then encrypts the authentication challengesent by the AP using a 64-bit or 128-bit key
o The AP decrypts the authentication challenge. If it matches with the original challenge, the host is given access to the wireless network and send a success message back to the host. Else it will send a failure message.
Wi-Fi Standards:
1. WEP:
· WEP Stands for Wireless Equivalent Privacy
· It is an encryption algorithm in IEEE 802.11 -1999 Standard
· for confidentiality: stream cipher RC4 is used
· for integrity: CRC32 is used
· WEP is no longer used due to the following vulnerabilities:
o There is no proper key management system.
The administrator has to manually change the key every time.
Use of static encryption keys.
o Vulnerable to :
Replay attacks
Dictionary attacks
DOS Attacks
Known Plain Text Attacks
o The size of the IV used is only 24 bits which is very small. In case large traffic , the IV can be repeated and the key can be captured very easily
o There is no assurance of packet integrity- data can be modified easily.
2. WPA
· WPA stands for WI-FI Protected access.
· It was defined by 802.11i
· WPA is considered secure than WEP because messages are passed through a Message Integrity Check (MIC) that ensures integrity of the message using the Temporal Key Integrity Protocol (TKIP) that is of 128 –bit and hence provides stronger encryption and authentication.
3. WPA2
· Stands for Wi-Fi Protected Access 2
· It had replaced WPA in 2006
· WPA2 uses NIST FIPS 140–2-compliant AES encryption which is a very strong encryption method.
· It alsousesCCMP-Cipher block chaining message authentication code protocol
· WPA2 is the most secure wireless standard known till now as it provides:
o Stronger data protection
o Network access control
· It operates in two modes:
o WPA2 Personal-
In this PSK (Pre-Shared Key) is used to protect from unauthorized network access.
The encryption keys keep on changing constantly
o WPA2 Enterprise-
Here centralized client method authentication is used such as EAP and RADIUS.
Users must first provide the login credentials provided by the centralized server to login to the network
Multiple authentication methods can be used such as :
· Kerberos
· Token Cards
· Certificates
Wi-Fi Threats:
· Rouge Access Points-
o Using sniffing tools, the attacker can capture a MAC address, SSID, vendor name and security configurations of an access point
o This information can be used for connecting the client to a fake access point.
o The attacker can then obtain all the traffic coming from the client.
· Misconfigured access Point-
o An Access point is misconfigured if it has the following weak points:
SSID Broadcast- this can lead to dictionary and brute force attack
Weak Password-using the default password and not changing it frequently can compromise an AP
Configuration Error- the configuration error may be errors made during installation, no security changes implemented uniformly across an architecture which can lead to a hacker stealing the SSID.
· AP MAC Spoofing:
o When probe requests are transmitted by an AP, then it leads to disclosure of some sensitive information one of which is MAC Address.
o An attacker can spoof the MAC Address and this will ultimately force the client to connect to a rouge AP.
· Denial of Service Attacks:
o By broadcasting de-authentication commands, an attacker can force the client to disconnect from the network that can lead to DoS attack.
· KRACK (Key Reinstallation Attack)
o This attack exploits the behaviour of the 4-way handshake in the wireless networks.
o In this, the attacker captures the ANonce key that is already in used and he can then replay the 4-way handshake process again to authenticate the AP.
Countermeasures against Wireless Threats:
· Use WPA/WPA2 Encryption standard and avoid WEP security.
· Update all the Wi-Fi devices and the routers with latest security patches
· Enable HTTPs everywhere authentication
· Use two factor authentication
· Do not connect to wifi that are found in public places such as airports, coffee shops, railway stations etc.
· Disable SSID broadcast
· Disable remote router login
· Enable MAC address filtering to avoid any unauthorized user to connect to the wifi device.
If you liked the story and want to appreciate us you can clap as much as you can. Appreciate our work by your constructive comment and also you can connect to us on….
Youtube: https://www.youtube.com/channel/SocietyOFAI
LinkedIn : https://www.linkedin.com/company/society-of-ai
Facebook: https://www.facebook.com/societyofai/
Website : https://www.societyofai.in/