6.2 Define an extended service set. Get this solution
6.3 List and briefly define IEEE 802.11 services. Get this solution
6.4 Is a distribution system a wireless network? Get this solution
6.5 How is the concept of an association related to that of mobility? Get this solution
6.6 What security areas are addressed by IEEE 802.11i? Get this solution
6.7 Briefly describe the four IEEE 802.11i phases of operation. Get this solution
6.8 What is the difference between TKIP and CCMP? Get this solution
6.9 What is the difference between an HTML filter and a WAP proxy? Get this solution
6.10 What services are provided by WSP? Get this solution
6.11 When would each of the three WTP transaction classes be used? Get this solution
6.12 List and briefly define the security services provided by WTLS. Get this solution
6.13 Briefly describe the four protocol elements of WTLS. Get this solution
6.14 List and briefly define all of the keys used in WTLS. Get this solution
6.15 Describe three alternative approaches to providing WAP end-to-end security. Get this solution
Problems
6.1 In IEEE 802.11, open system authentication simply consists of two communications.
An authentication is requested by the client, which contains the station ID (typically the MAC address). This is followed by an authentication response from the AP/router containing a success or failure message.
An example of when a failure may occur is if the client’s MAC address is explicitly excluded in the AP/router configuration.
a. What are the benefits of this authentication scheme?
b. What are the security vulnerabilities of this authentication scheme? Get this solution
6.2 Prior to the introduction of IEEE 802.11i, the security scheme for IEEE 802.11 was Wired Equivalent Privacy (WEP). WEP assumed all devices in the network share a secret key.The purpose of the authentication scenario is for the STA to prove that it possesses the secret key. Authentication proceeds as shown in Figure 6.23.The STA sends a message to the AP requesting authentication. The AP issues a challenge, which is a sequence of 128 random bytes sent as plaintext. The STA encrypts the challenge with the shared key and returns it to the AP.The AP decrypts the incoming value and
compares it to the challenge that it sent. If there is a match, the AP confirms
that authentication has succeeded.
a. What are the benefits of this authentication scheme?
b. This authentication scheme is incomplete.What is missing and why is this important?Hint: The addition of one or two messages would fix the problem.
c. What is a cryptographic weakness of this scheme? Get this solution
1. The transmitter selects an initial vector (IV) value.
2. The IV value is concatenated with the WEP key shared by transmitter and
receiver to form the seed, or key input, to RC4.
3. A 32-bit cyclic redundancy check (CRC) is computed over all the bits of the
MAC data field and appended to the data field. The CRC is a common
error-detection code used in data link control protocols. In this case, the
CRC serves as a integrity check value (ICV).
4. The result of step 3 is encrypted using RC4 to form the ciphertext block.
5. The plaintext IV is prepended to the ciphertext block to form the encapsulated
MPDU for transmission.
a. Draw a block diagram that illustrates the encapsulation process.
b. Describe the steps at the receiver end to recover the plaintext and perform
the integrity check.
c. Draw a block diagram that illustrates part b. Get this solution
6.4 A potential weakness of the CRC as an integrity check is that it is a linear function.
This means that you can predict which bits of the CRC are changed if a single bit of the message is changed. Furthermore, it is possible to determine which combination of bits could be flipped in the message so that the net result is no change in the CRC. Thus, there are a number of combinations of bit flippings of the plaintext message that leave the CRC unchanged, so message integrity is defeated. However, in WEP, if an attacker does not know the encryption key, the attacker does not have access to the plaintext, only to the ciphertext block. Does this mean that the ICV is protected from the bit flipping attack? Explain. Get this solution
6.5 One potential weakness in WTLS is the use of CBC mode cipher encryption. The standard states that for CBC mode block ciphers, the IV (initialization vector) for each record is calculated in the following way: , where IV is the original IV and S is obtained by concatenating the 2-byte sequence number of the record the needed number of times to obtain as many bytes as in IV.Thus, if the IV is
8 bytes long, the sequence number of the record is concatenated with itself four times.Now, in CBC mode, the first block of plaintext for a record with sequence number would be encrypted as (Figure 2.10) where Ps,1 is the first block of plaintext of a record with sequence number and is the concatenated version of . Consider a terminal application (such as telnet), where each keypress is sent as an individual record. Alice enters her password into this application, and Eve captures these encrypted records. Note that the sequence number is known to Eve, because this portion of the record is not encrypted (Figure 6.17). Now somehow Eve gets hold of Alice’s channel, perhaps through an echo feature in some application. This means that Eve can present unencrypted
records to the channel and view the encrypted result. Suggest a brute-force method by which Eve can guess password letters in Alice’s password. Hint: Exploit these properties of exclusive-OR: . Get this solution
6.6 An earlier version of WTLS supported a 40-bit XOR MAC and also supported RC4 stream encryption. The XOR MAC works by padding the message with zeros, dividing it into 5-byte blocks and XORing these blocks together. Show that this scheme does not provide message integrity protection. Get this solution
