Um Mecanismo de Proteção de Quadros de Controle para Redes IEEE 802.11
Resumo
De todos os quadros definidos pelo padrão IEEE 802.11, apenas os quadros de controle ainda não possuem qualquer tipo de mecanismo de segurança. Isso permite que entidades maliciosas, mesmo não pertencentes à rede, se utilizem de técnicas de forjamento, manipulação e reinjeção desses quadros a fim de gerar algum tipo de negação de serviço na rede. Este artigo propõe um mecanismo de segurança para os quadros de controle do IEEE 802.11. O mecanismo proposto se vale do uso de números de sequência e da geração de Códigos de Autenticação de Mensagem a fim de evitar que estações maliciosas, não pertencentes à rede, tenham sucesso ao forjar, manipular ou reinjetar quadros de controle que levariam à negação de serviços. Além de proteger todos os quadros de controle indistintamente, o mecanismo proposto possui um maior grau de segurança e introduz, nesses quadros, um overhead significativamente menor em comparação aos trabalhos relacionados que também se propõem a proteger todos os quadros de controle.Referências
Bellardo, J. and Savage, S. (2003). 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions. In Proc. of the 12th USENIX Security Symposium (SSYM), pages 15–28, Washington, DC, USA.
Bellovin, S. and Rescorla, E. (2005). Deploying a New Hash Algorithm. Technical report.
Bogdanov, A., Khovratovich, D., and Rechberger, C. (2011). Biclique Cryptanalysis of the Full AES. In Proc. of the 17th Annual International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT), Seoul, Korea, (To appear).
Cam-Winget, N., Smith, D., and Walker, J. (2007). IEEE 802.11-07/2163r0 A-MPDU Security Issues. Technical report.
Canniére, C. D. and Rechberger, C. (2006). Finding SHA-1 Characteristics: General Results and Applications. In Lecture Notes in Computer Science ADVANCES IN CRYPTOLOGY (ASIACRYPT), volume 4284, pages 1–20.
Chen, B. and Muthukkumarasamy, V. (2006). Denial of Service Attacks Against 802.11 DCF Abstract.
Fogie, S. (2005). Cracking Wi-Fi Protected Access (WPA), Part 2. http://www.fermentas.com/techinfo/nucleicacids/maplambda.htm.
IEEE Standard 802.11 (1999). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications.
IEEE Standard 802.11 (2007). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications.
IEEE Standard 802.11e (2005). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 8: Medium Access Control (MAC) Quality of Service Enhancements.
IEEE Standard 802.11i (2004). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 6: Medium Access Control (MAC) Security Enhancements Interpretation.
IEEE Standard 802.11k (2008). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 1: Radio Resource Measurement of Wireless LANs.
IEEE Standard 802.11r (2008). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 2: Fast Basic Service Set (bss).
IEEE Standard 802.11v (2011). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 8: IEEE 802.11 Wireless Network Management.
IEEE Standard 802.11w (2009). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 4: Protected Management Frames.
Khan, M. and Hasan, A. (2008). Pseudo random number based authentication to counter denial of service attacks on 802.11. In Proc. of 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN), pages 1–5.
Kim, J., Biryukov, A., Preneel, B., and Hong, S. (2006). On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0, and SHA-1. Designs, Codes Cryptography, 4116:242–256.
Koenings, B., Schaub, F., Kargl, F., and Dietzel, S. (2009). Channel Switch and Quiet attack: New DoS Attacks Exploiting the 802.11 Standard. In Proc. of the 34th IEEE Conference on Local Computer Networks (LCN), Zurich, Switzerland.
Malekzadeh, M., Ghani, A. A. A., and Subramaniam, S. (2010). Design of Cyberwar Laboratory Exercises to Implement Common Security Attacks against IEEE 802.11 Wireless Networks. J. Comp. Sys., Netw., and Comm., pages 5:1–5:15.
Manuel, S. (2008). Classification and Generation of Disturbance Vectors for Collision Attacks against SHA-1. Cryptology ePrint Archive, Report 2008/469.
Myneni, S. and Huang, D. (2010). IEEE 802.11 Wireless LAN Control Frame Protection. In Proc. of the 7th IEEE Conference on Consumer communications and Networking Conference (CCNC), pages 844–848, Piscataway, NJ, USA. IEEE Press.
Qureshi, Z. I., Aslam, B., Mohsin, A., and Javed, Y. (2007). A Solution to Spoofed PS-Poll Based Denial of Service Attacks in IEEE 802.11 WLANs. In Proc. of the 11th WSEAS International Conference on Communications, pages 7–11, Stevens Point, Wisconsin, USA. World Scientific and Engineering Academy and Society (WSEAS).
Rachedi, A. and Benslimane, A. (2009). Impacts and Solutions of Control Packets Vulnerabilities with IEEE 802.11 MAC. Wireless Communications and Mobile Computing, 9(4):469–488.
Ray, S. and Starobinski, D. (2007). On False Blocking in RTS/CTS-Based Multihop Wireless Networks. IEEE Transactions on Vehicular Technology, 56(2):849–862.
Rechberger, C. and Rijmen, V. (2008). New Results on NMAC/HMAC when Instantiated with Popular Hash Functions. Universal Computer Science, 14(3):347–376.
Rogaway, P. (2011). Evaluation of Some Blockcipher Modes of Operation. Technical report, Cryptography Research and Evaluation Committees (CRYPTREC).
Tews, E. (2007). Attacks on the WEP Protocol. Cryptology ePrint Archive, Report 2007/471.
Whiting, D., Housley, R., and Ferguson, N. (2003). RFC 3610 Counter with CBC-MAC (CCM).
Wi-Fi Alliance (2003). Wi-Fi Protected Access: Strong, Standards-based, Interoperable Security for Today’s Wi-Fi Networks.
Bellovin, S. and Rescorla, E. (2005). Deploying a New Hash Algorithm. Technical report.
Bogdanov, A., Khovratovich, D., and Rechberger, C. (2011). Biclique Cryptanalysis of the Full AES. In Proc. of the 17th Annual International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT), Seoul, Korea, (To appear).
Cam-Winget, N., Smith, D., and Walker, J. (2007). IEEE 802.11-07/2163r0 A-MPDU Security Issues. Technical report.
Canniére, C. D. and Rechberger, C. (2006). Finding SHA-1 Characteristics: General Results and Applications. In Lecture Notes in Computer Science ADVANCES IN CRYPTOLOGY (ASIACRYPT), volume 4284, pages 1–20.
Chen, B. and Muthukkumarasamy, V. (2006). Denial of Service Attacks Against 802.11 DCF Abstract.
Fogie, S. (2005). Cracking Wi-Fi Protected Access (WPA), Part 2. http://www.fermentas.com/techinfo/nucleicacids/maplambda.htm.
IEEE Standard 802.11 (1999). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications.
IEEE Standard 802.11 (2007). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications.
IEEE Standard 802.11e (2005). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 8: Medium Access Control (MAC) Quality of Service Enhancements.
IEEE Standard 802.11i (2004). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 6: Medium Access Control (MAC) Security Enhancements Interpretation.
IEEE Standard 802.11k (2008). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 1: Radio Resource Measurement of Wireless LANs.
IEEE Standard 802.11r (2008). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 2: Fast Basic Service Set (bss).
IEEE Standard 802.11v (2011). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 8: IEEE 802.11 Wireless Network Management.
IEEE Standard 802.11w (2009). IEEE Standards for Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 4: Protected Management Frames.
Khan, M. and Hasan, A. (2008). Pseudo random number based authentication to counter denial of service attacks on 802.11. In Proc. of 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN), pages 1–5.
Kim, J., Biryukov, A., Preneel, B., and Hong, S. (2006). On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0, and SHA-1. Designs, Codes Cryptography, 4116:242–256.
Koenings, B., Schaub, F., Kargl, F., and Dietzel, S. (2009). Channel Switch and Quiet attack: New DoS Attacks Exploiting the 802.11 Standard. In Proc. of the 34th IEEE Conference on Local Computer Networks (LCN), Zurich, Switzerland.
Malekzadeh, M., Ghani, A. A. A., and Subramaniam, S. (2010). Design of Cyberwar Laboratory Exercises to Implement Common Security Attacks against IEEE 802.11 Wireless Networks. J. Comp. Sys., Netw., and Comm., pages 5:1–5:15.
Manuel, S. (2008). Classification and Generation of Disturbance Vectors for Collision Attacks against SHA-1. Cryptology ePrint Archive, Report 2008/469.
Myneni, S. and Huang, D. (2010). IEEE 802.11 Wireless LAN Control Frame Protection. In Proc. of the 7th IEEE Conference on Consumer communications and Networking Conference (CCNC), pages 844–848, Piscataway, NJ, USA. IEEE Press.
Qureshi, Z. I., Aslam, B., Mohsin, A., and Javed, Y. (2007). A Solution to Spoofed PS-Poll Based Denial of Service Attacks in IEEE 802.11 WLANs. In Proc. of the 11th WSEAS International Conference on Communications, pages 7–11, Stevens Point, Wisconsin, USA. World Scientific and Engineering Academy and Society (WSEAS).
Rachedi, A. and Benslimane, A. (2009). Impacts and Solutions of Control Packets Vulnerabilities with IEEE 802.11 MAC. Wireless Communications and Mobile Computing, 9(4):469–488.
Ray, S. and Starobinski, D. (2007). On False Blocking in RTS/CTS-Based Multihop Wireless Networks. IEEE Transactions on Vehicular Technology, 56(2):849–862.
Rechberger, C. and Rijmen, V. (2008). New Results on NMAC/HMAC when Instantiated with Popular Hash Functions. Universal Computer Science, 14(3):347–376.
Rogaway, P. (2011). Evaluation of Some Blockcipher Modes of Operation. Technical report, Cryptography Research and Evaluation Committees (CRYPTREC).
Tews, E. (2007). Attacks on the WEP Protocol. Cryptology ePrint Archive, Report 2007/471.
Whiting, D., Housley, R., and Ferguson, N. (2003). RFC 3610 Counter with CBC-MAC (CCM).
Wi-Fi Alliance (2003). Wi-Fi Protected Access: Strong, Standards-based, Interoperable Security for Today’s Wi-Fi Networks.
Publicado
06/11/2011
Como Citar
CORRÊA JÚNIOR, Marcos A. C.; GONÇALVES, Paulo André da S..
Um Mecanismo de Proteção de Quadros de Controle para Redes IEEE 802.11. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 11. , 2011, Brasília.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2011
.
p. 15-28.
DOI: https://doi.org/10.5753/sbseg.2011.20560.
