Improving WPA and WPA2

Improving WPA and WPA2IntroductionWPA is an acronym for Wi-Fi Protected retrieve. It was designed and developed by Wi-Fi alliance as a reponse to the weaknesses and vulnerabilities in the antecedent radiocommunication warranter protocol i.e. WEP (Wired Equivalent Privacy). It is a certification chopine developed by wireless local atomic number 18a network alliance to indicate compliance with the foregoing certification department protocol and unafraid(p) wireless ne tworks.WPA2WPA2 is vulnerable to in nerver attack(If attacker is in the network or somehow gets into the network) under certain conditions.Following are the attacks on WPA/WPA2PSK (Pre-Shared cardinal) vulnerability.PSK cracking gumshoe, Eavesdropping. (Attack on PSK Authentication)PEAP mis-configuring Vulnerability. (Attack on Authetication Server)TKIP Vulnerability. (Attack on Encryption)Encyption in WPA2 at that place are two types of discloses practice sessiond in WPA2 for encryptionPairwise key(PTK) It is used to treasure unicast data frames.Group key (GTK) It is used to defend group address data frames ilk Broadcast APR data request frames. It is used as an encryption key in Access Point(AP) while as a decryption key in Client. compendium and Improvement of 802.11i (WPA2)The security destiny for WLAN(Wireless Local Area network) industry are data confidentiality. Intergrit, mutual assay-mark and availability.Primary recommendationsCCMP should be used for data confidentiality.Mutual Authentication must be implemented for security concerns.Addresses commonwealth(Denial of Service ) in MAC (Medium Access Control)layer.Wireless ThreatsPassive Eavesdropping/ Traffic AnalysisAn attacker dope easilty blub and store all the traffic in the WLAN.Message Injection / bustling EavesdroppingAn attacker is capable of inserting a message into the wireless network with the help oneself of NIC cards(Network Interface cards). Attacker whoremonger generate any choosen packet, modify con tent of the packet and completely control the transmission of the packet.Message Deletion and InterceptionIt is prevail by interfering with the packet reception processon the telephone receivers antenna. eg. Causing CRC errors so that the receiver drops the packet. Message interception means that an adversary is able to control a nexus completely i.e an attacker can capture a packet in the first place the receiver actually receives it and decide whether to delete the packet or preliminary it to the receiver.Masquerading and Malicious AP (Access Point)An attacker can learn MAC addresses by eavesdropping and it can also spoof MAC address.Session hijackingAn adversary whitethorn be able to hijack alegitimate session after the wireless devics prolong finished authenticatin themselves successfully. It can be overcome using data confidentiality and affectionate integrity meachanismMan in the Middle Attack (MitM)ARP cache posioning is a type of Man in the Middle Attack in encase o f wired bear onion.Denial of Service(DoS)An adversary is capable of making the whole canonical Service Set (BSS) unavailable, or disrupting the connection betwixt legitimate peers .Ex. hammer the unprotected management frames, protocol weaknesses or jamming of frequency bands with vindication of service to the legitimate drug users.selective information Confidentiality and integrityIt defines threee confidentiality security protocolsWEP (Wired Equivalent Privacy).TKIP (Temporal Key Integrity Protocol)CCMP (Counter Mode Cipher Blocking chaining MAC (Message Authetication Code) Protocol).A mankindly key (TK) is assumed tobe shared between peers before executing any data confidentiality protocols.Authentication and Key ManagementThere are two types of Authetication governing bodysOpen System Authetication.Shared Key Authentication.These are not secured so IEEE802.11i definesa new standard to wit RSNA (Robust Security Network Association)RSNA establishment mathematical proces sNetwork and Security Caability Discovery.802.11 Authentication and Association.EAP / 802.1X / RADIUS Authentication.4-way handshakeGroup key handshake.Secure data communication.AvailabilityMain cause is due to DoS attackFirst, an adversary can launch an 802.11i attack oftentimes more easily than a physical layer attack, with only moderate equipment.Second, it is much more difficult for a network administrator to detect and order these attacks.Layer abstraction is a very important concept in networks, requiring each layer to provide independent functionality separately.Michael Algorithm is used to cipher above problems. It woks as followsWhen a awry(p) packet is detected by Access point, it waits for 60 secs,within this time span of 60 secsif another incorrect packet is received by access point from the same informant then it shut down that link.Application1. Security for Mobile eatThe data collected from hardware systems using meandering(a) phones, PDAs application demand to be protected as currently some internet like things are done on wide awakes only. We are also aware that the security in fluid phones while accessing internet is not secured.To overcome this, many ATE (Automatic test Equipment) are isolated from networks and run in stand-alone environments.An ATE system describes a single hardware device perform test measurements or a group of devices testing another hardware system.Mobile app developers need to focus on securing data using apps conformity of the mobile device.Apps running on the device.Equipment communicating with the device.Wireless connection between the device and ATE.When ATE is sending data out from the device, it can use an https connection, data encryption and user authenticationto ensure that the non-trusted sources will not stool access to the data.The wireless connection between the device and the server should be secured using wireless security protocols like WPA,WPA2, HTTPS and AES encryption.Below fig. shows th e security concerns for the mobile devices.Fig. Major Mobile Application Server AreasSecuring the Wireless ConnectionThe mobile device should never connect to the ATE system through an unsecure WiFi network. Users must connect to the networks that implements strongest security protocol with encryption included. In austere scenarios, the application must use a secure VPN(Virtual Private Network) to connect to the server.Securing the mobile DeviceNo amount of coding, server configuration or wireless setup will be useful if the hardware containing the mobile application has already been compromised. Before installing any application on the mobile device, user must check that they have ot already compromised their systems security features by jailbreaking or rooting the device. A jailbroken device is that device where user removes Operating system limitations imposed by the manufacturer. By two of the process i.e. jailbreaking or rooting, all of the security features that the system d esigners built-in to protect users are put into jeopardy.Securing the ApplicationApplication must not compass too much controlof the mobile device. Each application must be independent of each other i.e one application must not call other application or use resources of the other.Securing the ATE systemThe administrator and the developer on the ATE server need to work unitedly to assure that the server providing the mobile apllication data is secure. Most of the data affect must be done on the ATE server side as it is difficult for the attacker to access data and also computer science power is ore on server side.(A)Data Acquisition MethodologyObtaining black -listed IP addresses It was obtained from a german website, which was not up-to-date. This blacklisted IP addresses were the primary source for quantifying misbranded activities.Associating blacklisted IP addresses with geographic locations IP addresses were never assigned to a special(prenominal) geographical area or regi on. IP addresses were assigned to organisations in blocks or assigned to residences through fixed commercials ISPs. Maxmind provided one much(prenominal) tool named GeoIP. The GeoIP tool contains a database of IP addresses and their corresponding global location information viz. City, State, Country, longitude and latitude.Obtaining security statistics of WiFi deployments The statistics of WiFi deployments such as percentage of secure access points and the compute of blacklisted IP address occuring within the specific deployments for cities.(B) Data Manipulation MethodologyIt involves processing the data. Depending on the number of IP addresses balcklisted, city were choosen i.e the city having highest number of blacklisted IP addresses were considered.Data Analysis MethodologyWe generated derived statistics of fileds such as IP address availability, WiFi network security and the number of blacklisted IP addresses.Results of Data realated MethodologySuggestionAfter 2006, every wi reless enabled device is WPA/WPA2 certified and Trademarked by WiFi alliance. The biggest hurdle is that users are unaware of the wireless security protocols and in the security dialogue case also first one is None and after that there is a list from WEP to WPA2. It has been seen that the user choose None or WEP as a security protocol without knowing exactly what that security protocol does as it comes earlier in the list.So, the first and the foremost thing is do make user aware of the protocols and advice them to use better protocol as per the requirements. For Ex.,Corporate world must use the toughest to decipher protocol whereas normal user can use somewhat lighter version of the protocol with good password, and it must never have the Wireless access without any security protocol i.e. none.ReferencesSecurity for Mobile ATE Applications by Susan Moran.Malicious wireless local area network Network A First Look by Andrew Zafft and Emmaneal Agu.Security Analysis and Improvements f or IEEE 802.11i by Changhua He and John C Mitchell .