Paranoid Penguin - Securing WLANs with WPA and FreeRADIUS, Part I
Are you worried about the security of your 802.11b wireless local area network (WLAN) because you're using plain-old wired equivalent privacy (WEP)? If you're still relying on WEP alone, you should be nervous: venerable and well-known vulnerabilities in WEP make it simple for eavesdroppers to crack your WEP keys simply by capturing a few hours' worth of WLAN packets and brute-forcing the flawed encryption used by WEP.
But there's hope! Wi-Fi protected access (WPA) adds new authentication mechanisms and improved encryption key generation to 802.11b, and WLAN products supporting WPA have become readily available. Better still, Linux tools are available for WPA supplicants (client systems), authenticators (access points) and servers (RADIUS authentication servers).
In the next couple of columns, I describe WPA and its component protocols, how they interoperate and how to build a Linux-based WLAN authentication server using the FreeRADIUS server-software package.
So, what's wrong with 802.11b security in the first place? In a nutshell, 802.11b's WEP protocol has two fatal flaws. First, cryptographic-implementation flaws make it impossible to achieve encryption key strength effectively higher than 40 bits, even if your gear supports higher key lengths. Second, a weakness in WEP's encryption key derivation implementation makes it possible for an attacker to derive a WEP-protected network's WEP secret key—the encryption key used by all clients on the entire WLAN—after capturing a sufficient number of packets.
The pending 802.11i protocol will provide a complete, robust security framework for WLANs. Even after it's finalized, however, it will be some time before this protocol is available widely in commercial products or free software packages.
Enter WPA. WPA adds two crucial components of 802.11i to 802.11b. First, it adds the 802.1x authentication protocol, which provides flexible and powerful authentication capabilities. Second, it adds the TKIP protocol, which provides mechanisms for assigning unique WEP keys to each WLAN client and then dynamically re-negotiating them, such that WEP's key derivation vulnerability effectively is mitigated.
Figure 1 shows how the various pieces of a WPA system interact. First, we have a WLAN-enabled client system, whose WPA client software is called a supplicant. The client/supplicant connects to a wireless access point (AP), which serves as an authenticator, effectively proxying authentication between the supplicant and a back-end authentication server. In Figure 1, this back-end server is portrayed as a RADIUS server, but TACACS also can be used.
Besides proxying authentication between supplicant and server, the AP/authenticator also feeds data from the authentication server through the Temporal Key Integrity Protocol (TKIP) to obtain a WEP session key. It then pushes the key back to the supplicant. The supplicant periodically is prompted to re-authenticate itself, at which time its WEP key is replaced by a new one.
The authentication (RADIUS) server is optional. Another option is to use pre-shared key (PSK) mode, in which shared keys unique to each WPA supplicant system manually are entered into the AP and used for authentication in lieu of RADIUS. This is better than WEP by itself, because this shared key is not used as an encryption key itself. Rather, it is used to seed TKIP transactions, which in turn provide dynamic WEP keys.
WPA already is supported by a wide variety of new commercial WLAN adapters and access points. It's even been back-ported to some older 802.11b products, thanks to firmware upgrades. In the Linux world, it's supported on the client side by wpa_supplicant (hostap.epitest.fi/wpa_supplicant), on Linux access points by hostapd (hostap.epitest.fi/hostapd) and on the authentication server side by FreeRADIUS (www.freeradius.org).
Before we narrow our focus to building a WPA-ready FreeRADIUS server, which mainly will be covered in my next column, let's look more closely at the authentication and encryption portions of WPA.
Are you following me? Because WPA actually is a bit more complicated than Figure 1 implies. To review: in WPA, your client system (supplicant) must authenticate itself to the network before being allowed to connect, at which point it's provided with a session encryption key that changes periodically.
The reason this gets complicated is the 802.1x protocol used for WPA authentication allows for a variety of methods to authenticate supplicants, which is a good thing. By using a modular, extensible authentication mechanism, the odds are reduced that WPA—or 802.1x or 802.11i—will be made obsolete as particular authentication protocols go in and out of favor. 802.1x's modularity and extensibility is provided, appropriately enough, by the Extensible Authentication Protocol (EAP), of which a number of variants exist. Let's talk about a few of the most popular ones.
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?
|Designing Electronics with Linux||May 22, 2013|
|Dynamic DNS—an Object Lesson in Problem Solving||May 21, 2013|
|Using Salt Stack and Vagrant for Drupal Development||May 20, 2013|
|Making Linux and Android Get Along (It's Not as Hard as It Sounds)||May 16, 2013|
|Drupal Is a Framework: Why Everyone Needs to Understand This||May 15, 2013|
|Home, My Backup Data Center||May 13, 2013|
- RSS Feeds
- Dynamic DNS—an Object Lesson in Problem Solving
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Designing Electronics with Linux
- Using Salt Stack and Vagrant for Drupal Development
- New Products
- A Topic for Discussion - Open Source Feature-Richness?
- Drupal Is a Framework: Why Everyone Needs to Understand This
- Validate an E-Mail Address with PHP, the Right Way
- What's the tweeting protocol?
- Kernel Problem
5 hours 38 min ago
- BASH script to log IPs on public web server
10 hours 5 min ago
13 hours 41 min ago
- Reply to comment | Linux Journal
14 hours 13 min ago
- All the articles you talked
16 hours 37 min ago
- All the articles you talked
16 hours 40 min ago
- All the articles you talked
16 hours 41 min ago
21 hours 6 min ago
- Keeping track of IP address
22 hours 57 min ago
- Roll your own dynamic dns
1 day 4 hours ago