Monday, August 3, 2015

802.11w: Protected Management Frame Service

  • Encryption is done on LLC data + L3 frame + MIC but for management packet there is no LLC & L3 data, hence only MIC is protected. 
  • Purpose of 11w is to prevent spoofed disconnect (hence L2 DoS) which can be caused by spoofing Deauth, Disassoc, association or re-association request. However, other L2 DoS attacks are not prevented with 11w. 
  • 11w use keys generated after 4 way handshake hence management frames used before 4 way handshake are not protected. 
  • Beacons, Probe request and response, authentication frame, association request and response, re-association request and response are not protected.
  • CMAC is considered better than CBC-MAC(used in CCMP) hence broadcast management frames MIC is calculated using CMAC. Hence, BIP is used instead of CCMP for these frames. 
  • Usage of transient keys:
    • IGTK for broadcast/multicast management packets 
    • GTK for broadcast/multicast data packets
    • PTK for unicast management and data packets
  • IGTK is delivered to station in the 3rd step of 4 way handshake. 
  • Frames modified to reflect the support of 11w (frames similar to RSN IE):
    • Beacon & Probe response on AP
    • Association/Re-association requests from client.
  • Checking MIC is sufficient to detect if frame is sent by trusted source or not. But to accommodate reboot of either AP or client SA query mechanism was introduced. Refer cases here
  • 11w not applicable to WEP mode. It will work with WPA or WPA2. However, WPA standalone is rarely used and its used only in mixed mode.
  • Possible attacks taken care by 11w are:
    • Deauth / Disassoc notification to AP
    • Deauth / Disassoc notification to client
    • Association / Reassoc request to AP on behalf of client. Note: assoc and reassoc frames are not protected. 
    • Channel switch announcement to AP
  • RSN IE

  • Broadcast management frames:
    • Probe Request
    • Disassociation / Deauth frames with broadcast Destination (sent by AP to disconnect all clients in one go). source
  • Treatment of Broadcast Management frames: (source)
    • Cannot be encrypted otherwise non 11w clients will not be able to decode the broadcast management frames.
    • Hence, only sequence number (for replay protection) and MIC (for forgery protection) is added in the broadcast management frames and for that we use IGTK.
  • AKM suite:
    • With optional mode of 11w, AKM suite contains SHA1 (PSK/1x) and SHA256.
    • With mandatory mode of 11w, AKM suite contains SHA256 only.

No comments:

Post a Comment