Explore
For Enterprise
Join for Free
Log In

Artes e Humanas
Negócios
Ciência da Computação
Ciência de Dados
Tecnologia da informação
da saúdesaúde
Matemática e Lógica
Desenvolvimento Pessoal
Ciência e Engenharia Física
Ciências Sociais
Línguas
Notas
Certificados

Explore todo o Coursera

Navegar
Pesquisar
For Enterprise
Entrar
Inscreva-se gratuitamente

Let's Get Rid of WEP! WPA/WPA2

Loading...

IT Security: Defense against the digital dark arts

4.8 (2,796 classificações) | 30K alunos inscritos

Curso 1 de 5 no Certificado profissional de suporte de TI do Google Programa de cursos integrados

This course covers a wide variety of IT security concepts, tools, and best practices. It introduces threats and attacks and the many ways they can show up. We’ll give you some background of encryption algorithms and how they’re used to safeguard data. Then, we’ll dive into the three As of information security: authentication, authorization, and accounting. We’ll also cover network security solutions, ranging from firewalls to Wifi encryption options. Finally, we’ll go through a case study, where we examine the security model of Chrome OS. The course is rounded out by putting all these elements together into a multi-layered, in-depth security architecture, followed by recommendations on how to integrate a culture of security into your organization or team. At the end of this course, you’ll understand: ● how various encryption algorithms and techniques work as well as their benefits and limitations. ● various authentication systems and types. ● the difference between authentication and authorization. ● how to evaluate potential risks and recommend ways to reduce risk. ● best practices for securing a network. ● how to help others to grasp security concepts and protect themselves.

Visualizar o programa do curso

Habilidades que você aprenderá

Cybersecurity, Wireless Security, Cryptography, Network Security

Avaliações

4.8 (2,796 classificações)

5 stars
2,291 ratings
4 stars
407 ratings
3 stars
62 ratings
2 stars
18 ratings
1 star
18 ratings

TE

Oct 05, 2018

Thank you to all the instructors. I learned concrete and useful IT skills from the courses and especially from the projects. After completing this course, I feel I want to learn more and more.

DS

Jan 30, 2019

Course 1 and 5 are probably my favorite of the courses because i feel i learned a lot in these two the most, all are great i just really wanted to learn more about security which was course 5

Na lição

Securing Your Networks

In the fourth week of this course, we'll learn about secure network architecture. It's important to know how to implement security measures on a network environment, so we'll show you some of the best practices to protect an organization's network. We'll learn about some of the risks of wireless networks and how to mitigate them. We'll also cover ways to monitor network traffic and read packet captures. By the end of this module, you'll understand how VPNs, proxies and reverse proxies work; why 802.1X is a super important for network protection; understand why WPA/WPA2 is better than WEP; and know how to use tcpdump to capture and analyze packets on a network. That's a lot of information, but well worth it for an IT Support Specialist to understand!

WEP Encryption and Why You Shouldn't Use It8:35

Let's Get Rid of WEP! WPA/WPA214:18

Wireless Hardening3:07

Heather Social Engineering1:20

Ministrado por

Google

Transcrição

The replacement for WEP from the Wi-Fi Alliance was WPA or Wi-Fi Protected Access.

It was introduced in 2003 as a temporary measure while the alliance finalized

their specification for what would become WPA2 introduced in 2004.

WPA was designed as a short-term replacement that would be

compatible with older WEP-enabled hardware with a simple firmware update.

This helped with user adoption because it

didn't require the purchase of new Wi-Fi hardware.

To address the shortcomings of WEP security,

a new security protocol was introduced called

TKIP or the Temporal Key Integrity Protocol.

TKIP implemented three new features that made it more secure than WEP.

First, a more secure key derivation method was used to more

securely incorporate the IV into the per packet encryption key.

Second, a sequence counter was implemented to

prevent replay attacks by rejecting out of order packets.

Third, a 64-bit MIC or Message Integrity Check was introduced to prevent forging,

tampering, or corruption of packets.

TKIP still use the RC4 cipher as the underlying encryption algorithm.

But it addressed the key generation weaknesses of WEP by using

a key mixing function to generate unique encryption keys per packet.

It also utilizes 256 bit long keys.

This key mixing function incorporates the long live the Wi-Fi passphrase with the IV.

This is different compared to the simplistic concatenation of the shared key and IV.

Under WPA, the pre-shared key is the Wi-Fi password

you share with people when they come over and want to use your wireless network.

This is not directly used to encrypt traffic.

It's used as a factor to derive the encryption key.

The passphrase is fed into the PBKDF2 or Password-Based Key Derivation Function 2,

along with the Wi-Fi networks SSID as a salt.

This is then run through the HMAC-SHA1 function

4096 times to generate a unique encryption key.

The SSID salt is incorporated to help defend against rainbow table attacks.

The 4096 rounds of

HMAC-SHA1 Increase the computational power required for a brute force attack.

I should call out that the pre-shared key can be entered using two different methods.

A 64 character hexadecimal value can be entered,

or the 64 character value is used as the key,

which is 64 hexadecimal characters times four bits,

which is 256 bits.

The other option is to use

PBKDF2 function but only if entering ASCII characters as a passphrase.

If that's the case, the passphrase can be anywhere from eight to 63 characters long.

WPA2 improve WPA security even more by implementing

CCMP or Counter Mode CBC-MAC Protocol.

WPA2 is the best security for wireless networks currently available,

so it's really important to know as an I.T.

Support Specialist.

It's based on the AES cipher finally getting away from the insecure RC4 cipher.

The key derivation process didn't change from WPA,

and the pre-shared key requirements are the same.

Counter with CBC-MAC is a particular mode of operation for block ciphers.

It allows for authenticated encryption,

meaning data is kept confidential, and is authenticated.

This is accomplished using an authenticate, then encrypt mechanism.

The CBC-MAC digest is computed first.

Then, the resulting authentication code is

encrypted along with the message using a block cipher.

We're using AES in this case,

operating in counter mode.

This turns a block cipher into a stream cipher by using

a random seed value along with

an incrementing counter to create a key stream to encrypt data with.

Now, let's walk through

the Four-Way Handshake process that authenticates clients to the network.

I should call out, that while you might not encounter this in your day to day work,

it's good to have a grasp on how the authentication process works.

It will help you understand how WPA2 can be broken.

This process also generates

the temporary encryption key that will be used to encrypt data for this client.

This process is called the Four-Way Handshake,

since it's made up of four exchanges of data between the client and AP.

It's designed to allow an AP to confirm that

the client has the correct pairwise master key,

or pre-shared key in a WPA-PSK setup without disclosing the PMK.

The PMK is a long live key and might not change for a long time.

So an encryption key is derived from the PMK that's used for

actual encryption and decryption of traffic between a client and AP.

This key is called the Pairwise Transient Key or PTK.

The PTK is generating using the PMK,

AP nonce, Client nonce,

AP MAC address, and Client MAC address.

They're all concatenated together, and run through a function.

The AP and Client nonces are just random bits of

data generated by each party and exchanged.

The MAC addresses of each party would be known through the packet headers already,

and both parties should already have the correct PMK.

With this information, the PTK can be generated.

This is different for every client to allow for confidentiality between clients.

The PTK is actually made up of five individual keys,

each with their own purpose.

Two keys are used for encryption and confirmation of EAPoL packets,

and the encapsulating protocol carries these messages.

Two keys are used for sending and receiving message integrity codes.

And finally, there's a temporal key,

which is actually used to encrypt data.

The AP will also transmit the GTK or Groupwise Transient Key.

It's encrypted using the EAPoL encryption key contained in the PTK,

which is used to encrypt multicast or broadcast traffic.

Since this type of traffic must be readable by all clients connected to an AP,

this GTK is shared between all clients.

It's updated and retransmitted periodically,

and when a client disassociates the AP.

That's a lot to take in, so let's recap.

The four messages exchanged in order are,

the AP, which sends a nonce to the client, the Client,

then sends its nonce to the AP, the AP,

sends the GTK, and the Client replies with an Ack confirming successful negotiation.

The WPA and WPA2 standard also introduce an 802.1x authentication to Wi-Fi networks.

It's usually called WPA2-Enterprise.

The non-802.1x configurations are called either WPA2-Personal or WPA2-PSK,

since they use a pre-shared key to authenticate clients.

We won't rehash 802.1x here since it operates

similarly to 802.1x on wire networks, which we covered earlier.

The only thing different is that the AP acts as the authenticator in this case.

The back-end radius is still the authentication server and

the PMK is generated using components of the EAP method chosen.

While not a security feature directly,

WPS or Wi-Fi protected setup is a convenience feature

designed to make it easier for clients to join a WPA-PSK protected network.

You might encounter WPS in a small IT shop that uses commercial SOHO routers.

It can be useful in these smaller environments to make it easier

to join wireless clients to the wireless networks securely.

But there are security implications to having enabled that you should be aware of.

The Wi-Fi Alliance introduced WPS in 2006.

It provides several different methods that allow our wireless client to securely

join a wireless network without having to directly enter the pre-shared key.

This facilitates the use of

very long and secure passphrases without making it unnecessarily complicated.

Can you imagine having to have your less technically inclined friends and family enter

a 63-character passphrase to use your Wi-Fi when they come over?

That probably wouldn't go so well.

WPS simplifies this by allowing for secure exchange of the SSID and pre-shared key.

This is done after authenticating or exchanging

data using one of the four supported methods.

WPS supports PIN entry authentication,

NFC or USB for out of

banned exchange of the network details, or push-button authentication.

You've probably seen the push-button mechanism.

It's typically a small button somewhere on

the home router with two arrows pointing counter-clockwise.

The push-button mechanism works by requiring a button to be

pressed on both the AP side and the client side.

This requires physical proximity and a short window of

time that the client can authenticate with a button press of its own.

The NFC and USB methods just provide

a different channel to transmit the details to join the network.

The PIN methods are really interesting and also where critical flaw was introduced.

The PIN authentication mechanism supports two modes.

In one mode, the client generates a PIN which is then entered into the AP,

and the other mode,

the AP has a PIN typically hard-coded into the firmware which is entered into the client.

It's the second mode that is vulnerable to an online brute force attack.

Feel free to dive deep into this by reading more about it in the supplementary readings.

The PIN authentication method uses PINs that are eight-digits long,

but the last digit is a checksum that's computed from the first seven digits.

This makes the total number of possible PINs 10

to the seventh power or around 10 million possibilities.

But the PIN is authenticated by the AP in halves.

This means the client will send the first four digits to the AP,

wait for a positive or negative response,

and then send the second half of the PIN if the first half was correct.

Did you see anything wrong with this scenario?

We're actually reducing the total possible valid PINs even

more and making it even easier to guess what the correct PIN is.

The first half of the PIN being four digits has about 10,000 possibilities.

The second half, only three digits because of the checksum value,

has a maximum of only 1,000 possibilities.

This means the correct PIN can be guessed in a maximum of 11,000 tries.

It sounds like a lot, but it really isn't.

Without any rate limiting,

an attacker could recover the PIN and the pre-shared key in less than four hours.

In response to this,

the Wi-Fi Alliance revised the requirements for the WPS specification,

introducing a lockout period of one minute after three incorrect PIN attempts.

This increases the maximum time to guess the PIN from four hours to less than three days.

That's easily in the realm of possibility for a determined and patient attacker,

but it gets worse.

If your network is compromised using this attack because the PIN

is an unchanging element that's part of the AP configuration,

the attacker could just reuse the already recovered WPS PIN to get the new password.

This would happen even if you detected

unauthorized wireless clients on your network and changed your Wi-Fi password.

WPA2 is a really robust security protocol.

It's built using best in class mechanisms to prevent

attacks and ensure the confidentiality of the data it's protecting.

Even so, it's susceptible to some forms of attack.

The four-way authentication handshake that we covered earlier

is actually susceptible to an offline brute force attack.

If an attacker can manage to capture the four-way handshake process just for packets,

they can begin guessing the pre-shared key or PMK.

They can take the nonces and MAC addresses from

the four-way handshake packets and computing PTKs.

Sends the message authentication code,

secret keys are included as part of the PTK.

The correct PMK guess would yield a PTK that successfully validates a MIC.

This is a brute force or dictionary-based attack,

so it's dependent on the quality of the password guesses.

It does require a fair amount of computational power to

calculate the PMK from the passphrase guesses and SSID values.

But the bulk of the computational requirements lie in the PMK computation.

This requires 4096 iterations of a hashing function,

which can be massively accelerated through the use of

GPU-accelerated computation and cloud computing resources.

Because of the bulk of the computations involving computing the PMK,

by incorporating the password guesses with the SSIDs,

it's possible to pre-compute PMKs in bulk for common SSIDs and password combinations.

This reduces the computational requirements to

deriving the PTK from the unique session elements.

These pre-computed sets are referred to as rainbow tables and exactly this has been done.

Rainbow tables are available for download for

the top 1000 most commonly seen SSIDs and 1 million passwords.

Explore nosso catálogo

Registre-se gratuitamente e obtenha recomendações, atualizações e ofertas personalizadas.

O Coursera proporciona acesso universal à melhor educação do mundo fazendo parcerias com as melhores universidades e organizações para oferecer cursos on-line.

© 2019 Coursera Inc. Todos os direitos reservados.

Baixar na App Store

Baixar no Google Play

Coursera
Sobre
Liderança
Carreiras
Lista de cursos
Certificados
Certificados MasterTrack™
Notas
For Enterprise
For Government

Comunidade
Learners
Partners
Developers
Beta Testers
Translators

Conectar
Blog
Facebook
LinkedIn
Twitter
Instagram
YouTube
Tech Blog

Mais
Termos
Privacidade
Ajuda
Acessibilidade
Imprensa
Contato
Diretório
Afiliados