18.1 What is the basic building block of an 802.11 WLAN?
Get 18.1 exercise solution
18.2 Define an extended service set.
Get 18.2 exercise solution
18.3 List and briefly define IEEE 802.11 services.
Get 18.3 exercise solution
18.4 Is a distribution system a wireless network?
Get 18.4 exercise solution
18.5 How is the concept of an association related to that of mobility?
Get 18.5 exercise solution
18.6 What security areas are addressed by IEEE 802.11i?
Get 18.6 exercise solution
18.7 Briefly describe the four IEEE 802.11i phases of operation.
Get 18.7 exercise solution
18.8 What is the difference between TKIP and CCMP?
Get 18.8 exercise solution
Problems
18.1 In IEEE 802.11, open system authentication simply consists of two communications. An authentication is requested by the client, which contains the station ID (typically the MAC address). This is followed by an authentication response from the AP/router containing a success or failure message. An example of when a failure may occur is if the client’s MAC address is explicitly excluded in the AP/router configuration. a. What are the benefits of this authentication scheme? b. What are the security vulnerabilities of this authentication scheme?
Get 18.1 exercise solution
18.2 Prior to the introduction of IEEE 802.11i, the security scheme for IEEE 802.11 was Wired Equivalent Privacy (WEP). WEP assumed all devices in the network share a secret key. The purpose of the authentication scenario is for the STA to prove that it possesses the secret key. Authentication proceeds as shown in Figure 18.12. The STA sends a message to the AP requesting authentication. The AP issues a challenge, which is a sequence of 128 random bytes sent as plaintext. The STA encrypts the challenge with the shared key and returns it to the AP. The AP decrypts the incoming value and compares it to the challenge that it sent. If there is a match, the AP confirms that authentication has succeeded. a. What are the benefits of this authentication scheme? b. This authentication scheme is incomplete. What is missing and why is this important? Hint: The addition of one or two messages would fix the problem. c. What is a cryptographic weakness of this scheme?
Get 18.2 exercise solution
18.3 For WEP, data integrity and data confidentiality are achieved using the RC4 stream encryption algorithm. The transmitter of an MPDU performs the following steps, referred to as encapsulation: 1. The transmitter selects an initial vector (IV) value. 2. The IV value is concatenated with the WEP key shared by transmitter and receiver to form the seed, or key input, to RC4. 3. A 32-bit cyclic redundancy check (CRC) is computed over all the bits of the MAC data field and appended to the data field. The CRC is a common error-detection code used in data link control protocols. In this case, the CRC serves as a integrity check value (ICV).
4. The result of step 3 is encrypted using RC4 to form the ciphertext block. 5. The plaintext IV is prepended to the ciphertext block to form the encapsulated MPDU for transmission. a. Draw a block diagram that illustrates the encapsulation process. b. Describe the steps at the receiver end to recover the plaintext and perform the integrity check. c. Draw a block diagram that illustrates part b.
Get 18.3 exercise solution
18.4 A potential weakness of the CRC as an integrity check is that it is a linear function. This means that you can predict which bits of the CRC are changed if a single bit of the message is changed. Furthermore, it is possible to determine which combination of bits could be flipped in the message so that the net result is no change in the CRC. Thus, there are a number of combinations of bit flippings of the plaintext message that leave the CRC unchanged, so message integrity is defeated. However, in WEP, if an attacker does not know the encryption key, the attacker does not have access to the plaintext, only to the ciphertext block. Does this mean that the ICV is protected from the bit flipping attack? Explain.
Get 18.4 exercise solution
