Paranoid Penguin - Securing WLANs with WPA and FreeRADIUS, Part I
Are you worried about the security of your 802.11b wireless local area network (WLAN) because you're using plain-old wired equivalent privacy (WEP)? If you're still relying on WEP alone, you should be nervous: venerable and well-known vulnerabilities in WEP make it simple for eavesdroppers to crack your WEP keys simply by capturing a few hours' worth of WLAN packets and brute-forcing the flawed encryption used by WEP.
But there's hope! Wi-Fi protected access (WPA) adds new authentication mechanisms and improved encryption key generation to 802.11b, and WLAN products supporting WPA have become readily available. Better still, Linux tools are available for WPA supplicants (client systems), authenticators (access points) and servers (RADIUS authentication servers).
In the next couple of columns, I describe WPA and its component protocols, how they interoperate and how to build a Linux-based WLAN authentication server using the FreeRADIUS server-software package.
So, what's wrong with 802.11b security in the first place? In a nutshell, 802.11b's WEP protocol has two fatal flaws. First, cryptographic-implementation flaws make it impossible to achieve encryption key strength effectively higher than 40 bits, even if your gear supports higher key lengths. Second, a weakness in WEP's encryption key derivation implementation makes it possible for an attacker to derive a WEP-protected network's WEP secret key—the encryption key used by all clients on the entire WLAN—after capturing a sufficient number of packets.
The pending 802.11i protocol will provide a complete, robust security framework for WLANs. Even after it's finalized, however, it will be some time before this protocol is available widely in commercial products or free software packages.
Enter WPA. WPA adds two crucial components of 802.11i to 802.11b. First, it adds the 802.1x authentication protocol, which provides flexible and powerful authentication capabilities. Second, it adds the TKIP protocol, which provides mechanisms for assigning unique WEP keys to each WLAN client and then dynamically re-negotiating them, such that WEP's key derivation vulnerability effectively is mitigated.
Figure 1 shows how the various pieces of a WPA system interact. First, we have a WLAN-enabled client system, whose WPA client software is called a supplicant. The client/supplicant connects to a wireless access point (AP), which serves as an authenticator, effectively proxying authentication between the supplicant and a back-end authentication server. In Figure 1, this back-end server is portrayed as a RADIUS server, but TACACS also can be used.
Besides proxying authentication between supplicant and server, the AP/authenticator also feeds data from the authentication server through the Temporal Key Integrity Protocol (TKIP) to obtain a WEP session key. It then pushes the key back to the supplicant. The supplicant periodically is prompted to re-authenticate itself, at which time its WEP key is replaced by a new one.
The authentication (RADIUS) server is optional. Another option is to use pre-shared key (PSK) mode, in which shared keys unique to each WPA supplicant system manually are entered into the AP and used for authentication in lieu of RADIUS. This is better than WEP by itself, because this shared key is not used as an encryption key itself. Rather, it is used to seed TKIP transactions, which in turn provide dynamic WEP keys.
WPA already is supported by a wide variety of new commercial WLAN adapters and access points. It's even been back-ported to some older 802.11b products, thanks to firmware upgrades. In the Linux world, it's supported on the client side by wpa_supplicant (hostap.epitest.fi/wpa_supplicant), on Linux access points by hostapd (hostap.epitest.fi/hostapd) and on the authentication server side by FreeRADIUS (www.freeradius.org).
Before we narrow our focus to building a WPA-ready FreeRADIUS server, which mainly will be covered in my next column, let's look more closely at the authentication and encryption portions of WPA.
Are you following me? Because WPA actually is a bit more complicated than Figure 1 implies. To review: in WPA, your client system (supplicant) must authenticate itself to the network before being allowed to connect, at which point it's provided with a session encryption key that changes periodically.
The reason this gets complicated is the 802.1x protocol used for WPA authentication allows for a variety of methods to authenticate supplicants, which is a good thing. By using a modular, extensible authentication mechanism, the odds are reduced that WPA—or 802.1x or 802.11i—will be made obsolete as particular authentication protocols go in and out of favor. 802.1x's modularity and extensibility is provided, appropriately enough, by the Extensible Authentication Protocol (EAP), of which a number of variants exist. Let's talk about a few of the most popular ones.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
|CentOS 6.8 Released||May 27, 2016|
|Secure Desktops with Qubes: Introduction||May 27, 2016|
|Chris Birchall's Re-Engineering Legacy Software (Manning Publications)||May 26, 2016|
|ServersCheck's Thermal Imaging Camera Sensor||May 25, 2016|
|Petros Koutoupis' RapidDisk||May 24, 2016|
|The Italian Army Switches to LibreOffice||May 23, 2016|
- Secure Desktops with Qubes: Introduction
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- CentOS 6.8 Released
- Linux Mint 18
- The Italian Army Switches to LibreOffice
- Chris Birchall's Re-Engineering Legacy Software (Manning Publications)
- ServersCheck's Thermal Imaging Camera Sensor
- Petros Koutoupis' RapidDisk
- The FBI and the Mozilla Foundation Lock Horns over Known Security Hole
- Oracle vs. Google: Round 2
Until recently, IBM’s Power Platform was looked upon as being the system that hosted IBM’s flavor of UNIX and proprietary operating system called IBM i. These servers often are found in medium-size businesses running ERP, CRM and financials for on-premise customers. By enabling the Power platform to run the Linux OS, IBM now has positioned Power to be the platform of choice for those already running Linux that are facing scalability issues, especially customers looking at analytics, big data or cloud computing.
￼Running Linux on IBM’s Power hardware offers some obvious benefits, including improved processing speed and memory bandwidth, inherent security, and simpler deployment and management. But if you look beyond the impressive architecture, you’ll also find an open ecosystem that has given rise to a strong, innovative community, as well as an inventory of system and network management applications that really help leverage the benefits offered by running Linux on Power.Get the Guide