Deep knowledge and keen interest of our supervisor in wireless field influenced us to carry out this project. Subrata Kumar Aditya Professor and Chairman of the Department of Applied Physics Electronics and Communication Engineering University of Dhaka, Mr. And also to other faculty members and the staff of the ICE Department of Daffodil International University.
- Introduction
- Research Motivation
- Aim and Objectives
- Report format
There are many successful applications of the probabilistic model related to wireless networks. Some authentication has been given which relies on simulating time and trying to provide some commentary on challenges that are avoidable for a good solution. There is another Chapter 5 that deals with the 802.11i security protocol and Chapter 6 of the article is a simulation analysis section intended to show our work on what we have already done in the screenshot process. At the end, Chapter 7 is performance analysis.
4
Wireless Networks
Improved forms of IEEE 802.11b operating in the 2.5 GHz repetition band and donation information rates of up to 11 Mbps downloaded in 1999. The form of IEEE 802.11a was together with downloaded donation information rates of 54 MbHz and worked in At the point when each ideal choice is used, the 802.11n form can strengthen information rates up to 600 Mbps.
WLAN Architecture
From the receipt of the Request to Send overview, if the destination is allowed to get information, it returns the (CTS) Clear to Send statement. Those envelopes are a duplicate transfer period shown in the Request to Send (RTS) statement. Stations hearing Request To Send (RTS) or potentially Clear To Send (CTS) edges will extract send information for the span demonstrated in these envelopes.
Wireless Security Threats
Message Deletion: In this type of active attack, the attacker can evict the information after the system earlier reaches the intended goal. In this type of attack, the attacker will have the ability to obtain all information related to the shared device and send the information as the original device. This attack is generally triggered after a real gadget is authenticated to the system accordingly, a maverick gadget does not need to experience authentication.
11
How WEP Works
- WEP Data Encryption
An encryption key used to create a 256-bit state table that is later used to create a pseudo-arbitrary torrent. An XOR is performed over the plain content to produce the ciphertext. Once the key design stage is complete, figuration will follow, involving and randomizing the quality of the tables to obtain the figurative key, which is XORed over the plain content to yield the ciphertext. The secret key (k) is provided on WEP by an authorized station that provides system information.
WEP Security Features
- information Integrity
- Verification
- Access Control
The checksum is prefigured in the message in addition to the contrast and one inserted into the plaintext. If the given checksums are equivalent, the message is accepted and the correspondence is terminated. To do this, WEP relies on the information of a shared key thriller many of the flexible stations.
Accepting the check, the flexible station will scramble it using the thriller key and send back the encoded flag to access the factor. Access factor will at this factor decode the flag and compare the decoded content and the primary plaintext. Through this setup, the client is somewhat equipped to get to the system, which is proportional to having no access control by any stretch of the imagination.
Be that as it may, distinctive third-party equipment vendors have developed two notable methods to control customer access to the system. Through this gadget, a passage keeps an overview of customers who have been given permission to access the device. The overview depends on the MAC addresses of customers and only customers whose MAC addresses are in the overview can be suitable to access the gadget.
The aggressor can then exchange his MAC feed to one of the authorized sites and in addition to these types gain access to the gadget.
WEP Vulnerabilities
- Susceptibility to brute pressure attacks
- assaults because of the reuse Initialization Vector
- Message change assaults
- Station Association Attacks
In order to maintain this form of the WEP standard, it is prescribed that the initial rate be changed for each packet. The IV usage percentages and thus the stream key are again expanded in such a way that every device in the device under the WEP relationship installs a comparable thriller key. Again, the use of IV makes the WEP conference vulnerable to attacks that ignore the thriller key length.
The Cyclic Redundancy Checksum (CRC-32) used by WEP to ensure that the legitimacy of a message is not adequate can change during travel without changing the checksum value. The insecurity of the esteem checksum scams in its assets, which is the true ability of the message. A consequence of the overhead linearity means is that the above allows transformation of the marked ciphertext (C) without changing the checksum value and consequently reducing the cyclic redundancy checksum capability.
The regularized plaintext decryption P' can be a hyperlink of another message M' and any other checksum b(M') in order to be an appropriate checksum for the message M'. This indicates changes may be complete in a scrambled flag and the checksum evaluation will not have the ability to detect the adjustment. An attacker who wants to connect to a remote gadget can act as such without the development data of the usual thriller key.
By studying the plaintext and ciphertext in the form, the attacker can easily derive the key used in obtaining the plaintext encryption.
22
WPA-Personal
WiFi Protected Access Convention can be actualized in two modes: the main mode and the one discussed so far in this part is known as a WPA Enterprise. Due to staggering expense and complicated design of validation servers, WPA-Enterprise implementation of WPA convention is not suitable for few home and office work situations. WPA Personal uses a (PSK) Pre Shared Key, which consists of a pass phrase whose distance ranges from 8 to 63 ASCII characters and 64 hexadecimal digits such as 256 bits.
In case ASCII characters are selected, hash work is used to decrease the amount of bits from 504 bits from 63 characters to 256 bits. PSK is entered into WLAN gadgets in the system and after gadget is validated, TKIP will use PSK, Service Set Identity and nonces to create the (PMK) pairwise master key which will be used to create information encryption coming in as mentioned in the area of TKIP and encryption key management. In this way, the basic distinction between the two activity methods is that with WPA Enterprise the validation server produces the PMK, but with WPA Personal, the PMK is created from the pass phrase.
Despite the fact that TKIP ensures that encryption keys for WPA Personal are frequently reformulated, it has been shown that the security offered by this use of WPA generally depends on the length of the passphrase used as the (PSK)Pre Shared Key expression. Pass. The express use of a single gateway for all utilities in the Extended Service Set (ESS) increases the damage an attacker can cause to the system, because once the PSK is obtained, the attacker can inspect and adjust the traffic in the ESS. To provide a legitimate dimension of security for personal use of WPA, long passphrases must be used.
33
- Session Hijacking
- Man-in-the-Middle
- Security Level Rollback Attack
- Comparison of security features of different protocols
The 802.11i EAPOL key alternative uses single keys and has key hierarchies that divide initial keys into useful keys. In case the 802.11i is running the 802.11X, the PMK would come from the acknowledgment server and when the Pre-Shared Key (PSK) is used, 802.11i will pass a secret phrase to the PMK. Messages (4) and (6) are implemented in the 802.11 Open System Authentication and are included to enable reverse similarity.
The 4-way handshake, as defined by IEEE 802.11i, plays several roles, including declaring a PMK between authenticator and supplicant, constructing pass-through keys to be used by record secrecy conventions, and verifying agreed security parameters. between the supplicant authenticator. The 802.11X port can be unblocked and the applicant can access the administrations available through the authenticator. In the IEEE, 802.11i was intended to combat all the security flaws found in the WPA and WEP conventions.
It was practiced in a significant part and 802.11i provides preferable security ended all past conventions. Below is an investigation of the security power provided by 802.11i against basic remote threats. This is still applicable to a snoring enemy and preserves any information traffic on the secured 802.11i WLAN.
If the rebel gadget only gets information from AP, TK performed by the 802.11i prevents the wayward gadget from decrypting the information and causes no damage to the information classification. In any case, when a solid shared validation tool like an EAP-TLS is realized with the 802.11i, the maverick gadget will not have the capacity to confirm itself with the real AP. In addition, the (TSN) Transient Security Network that supports both RSNA and pre-RSNA calculations is fueled by the use of 802.11i where there are many supplicants, for example through historical gadgets.
48
Performance of routing protocols
- WEP Authentication Delay vs 802.11i Authentication Delay
- WAP Authentication Delay vs WEP Authentication Delay
- WEP Loss vs WPA Loss
- WEP ,WPA & 802.11i Loss
- WEP ,WPA & 802.11i Output
55
Conclusion
8] IEEE Standard 802.11X-2004; IEEE Standard for Local and Metropolitan Area Networks Port-based Network Access Control, 2004. 9] Borisov, N., Goldberg, I., Wagner, D.; Interception of cellular communications: The insecurity of 802.11; Seventh Annual International Conference on Mobile Computing and Networking; July 2001. 10] Hao Yang, Ricciato, F., Songwu Lu, Lixia Zhang; Securing a wireless world Proceedings of IEEE Volume 94; February
15] Sithirasenan, E.; Zafar, S.; Muthukkumarasamy, V.; Formal verification of the IEEE802.11i WLAN security protocol; Australian Software Engineering Conference,. 17] Jyh-Cheng Chen, Yu-Ping Wang; Extensible authentication protocol (EAP) and IEEE 802.11X: tutorial and empirical experience Communications Magazine,. 18] Changhua He, John Mitchell; Analysis of 802.11i 4-way handshake; Proceedings of the 3rd ACM Workshop on Wireless Security; 2004 Advanced Encryption Standard (AES), Federal Information Processing Standards Publication 197, November 2001.
20] Wool, A.; A note on the fragility of the "Michael" message integrity code; IEEE Transactions on Wireless Communications; Sept 21] Tsakountakis, A., Kambourakis, G., Gritzalis, S.; Toward Effective Wireless Intrusion Detection in IEEE 802.11i; Third International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, 2007. 22] KeunSoon Lee, HyoJin Kim, JooSeok Song; Lightweight packet authentication in IEEE 802.11; Wireless Telecommunications Symposium, 2005; April, 2005.
26] Xiao Liu, Fapojuwo, A.O.; Formal evaluation of major authentication methods for IEEE 802.11i WLAN standard; IEEE 64th Vehicle Technology Conference, 2006;.
