Professional Documents
Culture Documents
Wireless Networks
Chris H, Chris R, Mindy C
04/27/07
Table of Contents
1
2
Overview......................................................................................................................4
Procedure.....................................................................................................................4
2.1
Packet Capture.....................................................................................................4
2.1.1
Overview......................................................................................................4
2.1.2
Procedure.....................................................................................................4
2.2
Encryption Cracking............................................................................................6
2.2.1
Overview......................................................................................................6
2.2.2
Procedure.....................................................................................................6
3
Results..........................................................................................................................8
3.1
Packet Capture.....................................................................................................8
3.1.1
Overview......................................................................................................8
3.1.2
Data..............................................................................................................8
3.2
Encryption Cracking..........................................................................................14
3.2.1
Overview....................................................................................................14
3.2.2
Data............................................................................................................15
4
Summary and Conclusions........................................................................................19
Table of Figures
Figure 1 - WEP64 Authentication........................................................................................9
Figure 2 - WEP128 Authentication......................................................................................9
Figure 3 WPA Personal TKIP Authentication...................................................................9
Figure 4 - WPA Personal AES Authentication.....................................................................9
Figure 5 - WPA2 Personal TKIP/AES Authentication......................................................10
Figure 6: Kismet Capturing Traffic...................................................................................15
Figure 7: Encrypted Traffic................................................................................................15
Figure 8: Network Selection..............................................................................................16
Figure 9: Key Found..........................................................................................................16
Figure 10: Failed crack attempt........................................................................................17
Figure 11: Airodump-ng capturing WEP traffic................................................................17
Figure 12: Airodump-ng capturing WPA traffic................................................................17
Figure 13: Aireplay-ng attempting to generate a handshake.............................................18
Figure 14: WPA Handshake Confirmation........................................................................18
Figure 15: WPA Key Found...............................................................................................18
Figure 16: WPA2 Key Found...........................................................................................19
1 Overview
Our goal was to evaluate the relative security between WEP 64-bit, WEP 128-bit, WPA,
and WPA2. The methods of evaluation were broken into two main efforts, cracking &
evaluation/setup of each system. Our encryption attacking efforts consisted of using a
range of tools to breach the security of each wireless protection scheme. The results of
our attempts have been recorded in this report. The other piece of our evaluation
consisted of setting up each security protocol, capturing traces, and comparing
data/communication.
2 Procedure
2.1 Packet Capture
2.1.1 Overview
The setup for these sets of experiments was accomplished in the ITL Wireless Evaluation
Network (ITL-WEN). The setup consisted of a Linksys N Access Point connected to a
server. The server acted as a host for two other machines with wireless network cards.
One of the clients was setup to connect, download, and generate traffic for the other
machine to capture traffic via Wireshark. Below we have listed the steps taken to setup
each protocol, connect to the access point, generate traffic, and trace the traffic.
2.1.2 Procedure
1) Wired Equivalent Privacy (WEP)
A) WEP 64 bit encryption (wep64.pcap)
1. Set the security on the Linksys to WEP, with 64 bit encryption.
2. Passphrase set to: goknights
3. After clicking generate 4 keys were created.
4. Save configuration.
5. On tracing machine, start trace.
6. On ITL-Wireless-1, connect to the test network by typing one of the keys.
7. Connect to: 192.168.1.102/files.
8. Begin downloading file FC-6-1386-disc1.iso
9. After about a minute of downloading, cancel the download.
10. Disconnect ITL-Wireless-1 from the test network.
11. On tracing machine: stop trace, save file.
5
11. On tracing machine: stop trace, save file.
6
4. Connect to: 192.168.1.102/files.
5. Begin downloading file FC-6-1386-disc1.iso
6. After about a minute of downloading, cancel the download.
7. Disconnect ITL-Wireless-1 from the test network.
8. On tracing machine: stop trace, save file.
2.2.2 Procedure
1) Wired Equivalent Privacy (WEP)
A) WEP 64 bit encryption
1. Set the security on the Linksys to WEP, with 64 bit encryption.
2. Renamed router to test.
3. Save settings.
4. Passphrase set to: test
5. After clicking generate 4 keys were created.
6. Save settings.
7. On tracing machine, start trace to capture on channel 6.
Command: airodump-ng --ivs c 6 eth1
8. Connect to: test network (10.0.0.2).
9. Connect to: http://www.hp.com
10. Begin downloading large driver files > 200 MB each
11. Watch airodump-ng till about 500,000 initialization vectors.
12. Stop trace on tracing machine, stop airodump-ng.
13. Start aircrack-ng to begin cracking WEP
Command: aircrack ng a 1 n 64 WEP-64-Capture.dump
14. Wait for one of two outcomes from aircrack-ng
1. Key Found [network key contained here]
2. Try capturing more packets and try again.
7
Command: airodump-ng --ivs c 6 eth1
8. Connect to: test network (10.0.0.2).
9. Connect to: http://www.hp.com
10. Begin downloading large driver files > 200 MB each
11. Watch airodump-ng till about 1.5 million initialization vectors.
12. Stop trace on tracing machine, stop airodump-ng.
13. Start aircrack-ng to begin cracking WEP
Command: aircrack ng a 1 n 128 wep128_cap-01.ivs
14. Wait for one of two outcomes from aircrack-ng
1. Key Found [network key contained here]
2. Try capturing more packets and try again.
B) WPA2
1. Set the security on the Linksys to WPA2 with TKIP.
2. Renamed router to test.
3. Save settings.
4. Passphrase set to: construction
5. After clicking generate 4 keys were created.
6. Save settings.
7. On tracing machine, start trace to capture on channel 6.
Command: airodump-ng c 6 eth1
8. Connect to: test network (10.0.0.2).
9. Disconnect laptop running Mac OS X
11. Reconnect laptop to generate a WPA handshake.
12. Stop trace on tracing machine, stop airodump-ng.
13. Start aircrack-ng to begin cracking WPA
Command: aircrack ng w length12.txt WPA2-02.cap
14. Choose network that needs to be cracked: 1, 2, etc.
14. Wait for one of two outcomes from aircrack-ng
1. Key Found [network key contained here]
2. Key Not Found.
3 Results
3.1 Packet Capture
3.1.1 Overview
Our capturing efforts resulting in six different capture files:
noSecurity.pcap
wep64.pcap
wep128.pcap
wpa-Personal-AES.pcap
wpa-Personal-TKIP.pcap
wpa2-Personal-(TKIP-AES).pcap
We made sure that we filtered out traffic from other network devices so that we were
ONLY evaluating traffic on the ITL-WEN. Using a range of filters we evaluated the
different capture files and did comparisons between each capture file.
3.1.2 Data
To make sure that we were only evaluating traffic between the ITL-WEN we applied a
filter to the MAC addresses of every packet:
wlan.bssid == 00:18:f8:c5:5d:3e
After we applied this filter we also used a few other filters to look more closely at
particular packets. To filter out beacon frames we applied the following filter:
(wlan.fc.type_subtype != 8)
Finally to just look at the authentication frames we applied the following expression:
(llc.type == 0x888e) || (wlan.fc.type_subtype == 11) ||
(wlan.fc.type_subtype == 0) || (wlan.fc.type_subtype == 1) ||
(wlan.fc.type_subtype == 12)
3.1.2.1 Authentication
This filter also allowed us to observe the key being passed to the server. Figure 1 through
5 show the results of filtering out everything but the authentication process. There are
some simple observations that can be made from just comparing each authentication
process. The authentication process involves the station sending some authentication
9
frames. Then the station must associate with the AP by sending an Association Request.
The AP grants access by returning with an Association Response.
WEP64 and WEP128 appear very similar in their authentication process. The
authentication time is hardly different between the two protocols. There is a much more
noticeable difference between WEP and WPA. The biggest difference is the presence of
KEY frames. The process of transferring a key appears to take about a second on a B/G
Mixed network.
WEP64 Authentication
WEP128 Authentication
10
Security
WEP64
WEP128
WPA Personal TKIP
WPA Personal AES
WPA2 TKIP/AES
The table above summarizes the length of time, in seconds, it takes to complete the
authentication periods for each of the security schemes tested. Although the time
difference seems minimal, less than a second, WPAs authentication period is at least 200
times that of WEP.
11
While WEP generates the key using the shared secret key and the IV (Initialization
Vector) as an input, TKIP adds the transmitters MAC address to the list of the input
parameters which implies that all senders will have different encryption keys.
Furthermore, TKIP increases the size of the IV from 24-bit (used by WEP) to 48-bit and
mandates that it is used as a counter (also called TSC TKIP Sequence Counter), which
guarantees that it will only be reused once for every 281,474,976,710,656 (248) packets.
Although TKIP improved security especially for legacy hardware, a stronger alternative
was needed for newer hardware. Advanced Encryption System (AES) utilizes a
symmetric 128-bit block data encryption.
Both AES and TKIP, using 802.1X, offer much stronger encryption than that of WEP. The
stronger encryption will effect both the authentication periods as well as the packet size.
The 802.1X protocol offers an effective framework for authenticating and controlling
user traffic to a protected network, as well as dynamically varying encryption keys. This
public key authentication uses a protocol called EAP (Extensible Authentication
Protocol).
WPAs key exchange is established using the IEEE 802.11i EAPOL-key exchange. There
are two main EAPOL-key exchanges defined in IEEE 802.11i. The first is the four way
handshake and the second is the group key handshake. The four way handshake does
several things: Confirms the pairwise master key (PMK) between supplicant and
authenticator; establishes the temporal keys to be used by the data-confidentiality
protocol; authenticates the security parameters that were negotiated; performs the first
key handshake; and provides keying material to implement the group handshake. Not
surprisingly, the reason its called the 4-way handshake is because four packets are
exchanged between the supplicant and the authenticator. When comparing the third
message of the 4-way handshakes we can see the differences in the security parameters.
This can be shown in figures 6 through 8.
WPA Personal TKIP Authentication
12
13
14
15
By keeping all of these traces on a private network, the risk of catching traffic that was
not intended for this project was at a minimum. Also for this reason, there was no needed
to implement filters to remove external traffic from the scans.
3.2.2 Data
WEP-64 Encryption
In order to crack WEP 64 bit approximately 500,000 packets needed to be captured in
order to facilitate an efficient crack.
In figure 7, the symbols shown as DD and MB represent the type of data that Kismet is
capturing such as Management Beacons (MB) or Data (DD). Since the traffic was
16
encrypted with WEP, the actual type of data cannot be viewed, until after the key is
cracked.
Since there were multiple networks present (though only one was being captured on) the
correct network must be chosen for it to crack the key, as shown below. The BSSID and
ESSID of the other network have been removed to be more secure.
Once the network has been selected, as show in Figure 8, it only takes a short time (one
second for this key to be found. The more initialization vectors that are captured the
faster the cracking process will go. The key that was found, shown in Figure 9, was
1B:9D:DA:48:3D. This corresponds to the passphrase test was the first of the four
keys that were generated.
WEP-128 Encryption
In order to crack 128 bit WEP encryption, Kismet was initially tried for capturing packets
but could not do so in a reasonable amount of time. It took Kismet approximately two
hours to capture only 700,000 thousand packets.
17
As a result, Kismet was replaced with using the command line program airodump-ng.
Using airodump-ng allowed us to only capture initialization vectors (--ivs) and also could
specify to only capture traffic on channel six (-c 6)and therefore sped the process up
quite a bit and made the overall capture file much smaller, 8MB compared to 356MB.
Once approximately, 1.5 million initialization vectors had been captured, the cracking
process took a bit longer than 64 bit but still was only 17 seconds.
WPA and WPA2 with TKIP Encryption
Since we had such great success with airodump-ng, we decided to abandon Kismet all
together and continue using airodump-ng to capture packets. Airodump-ng was once
again started, except told to look for WPA and WPA2 encryption (Figure 12).
We found WPA and WPA2 encryption much easier to begin cracking since all that is
needed is one handshake as compared to WEP which requires one million packets or
more. To speed up the process of receiving handshakes, aireplay-ng (Figure 13) was used
18
to try and force the other laptop in the room to de-authenticate and re-authenticate, thus
generating a handshake. However, this method proved to be unsuccessful and we forced
a laptop to disconnect and reconnect. In a busy network, multiple machines would be
constantly connecting and disconnecting and finding a handshake would not be a
problem.
Once the handshake was received, confirmed by aircrack-ng (Figure 14) the cracking
process was started by giving aircrack-ng a dictionary file that was downloaded from the
internet. This dictionary file contained all known eleven character words as well as some
clever combinations of capitals, lowercase, and symbols. For example engineering
became Engin33ring or something similar. There were multiple spellings for each word.
Once the network was selected (only one to choose), the cracking process began and
lasted approximately six minutes before it found the key.
As shown below in Figure 16, the WPA2 key was also cracked but in a shorter run time,
approximately three minutes.
19