skip to: page content | links on this page | site navigation | footer (site information)

Security for 802.11 Wireless LAN

Course 151

Request an onsite quote for this course

Summary:

This three-day course addresses IEEE 802.11 wireless local area network security in detail. Aspects of disclosure, data integrity, and denial-of-service threats are presented. Indoor RF propagation physics are used to calculate the extent of eavesdropping and jamming threats to the physical layer. The 802.11 medium access control methods are studied and the numerous threats to this layer are discussed. Next, wired equivalent privacy (WEP) is presented and its weaknesses examined in areas of disclosure, data integrity, and authentication. The IEEE 802.11i-based solutions are discussed, beginning with interim solutions such as temporal key integrity protocol (TKIP), and moving on to stronger solutions based upon the advanced encryption standard (AES). The synergism between Wi-Fi protected access (WPA) and 802.11i is demonstrated. Finally, upper layer authentication and key management as provided by IEEE 802.1X are discussed.

Learning Objectives:

Upon completing the course, the participant will be able to:

• Describe general security threats on disclosure, data integrity, and denial-of-service
• Calculate the extent of security vulnerabilities at the physical layer
• Describe various security threats at the IEEE 802.11 medium access control layer
• Demonstrate an in-depth understanding of wired equivalent privacy (WEP) operation and weaknesses
• Comprehend IEEE 802.11i robust security network (RSN) operations
• Describe the operation of temporal key integrity protocol (TKIP) and the advanced encryption standard (AES)
• Demonstrate 802.1X authentication and key management operation
• Show how the various WEP vulnerabilities are addressed by RSN

Target Audience:

Professionals such as engineers, product developers, managers, security officers, city/state government or law enforcement professional, wireless Internet service providers, and network administrators who have a special concern for wireless security and are interested in evaluating, designing, or implementing 802.11 wireless local area networks.

Outline:

Day One

Introduction
• Security overview • Short-range wireless systems • WLAN characteristics • Categories of information transmission • Security threats • IEEE 802.11 operations overview
Propagation and Range Limit
• Review of decibels • Link budget equation and path loss model • Calculating maximum range • Partition attenuation and primary ray tracing • Eavesdropping and jamming vulnerabilities • Multipath characteristics and mitigation
802.11 Physical Link
• RF modulation methods used in 802.11a/b/g • Direct sequence spread spectrum • Operating frequencies and signal spectrum • 802.11b radio requirements • Modeling interference and jamming

Day Two

802.11 Physical Link (continued)
• 802.11b PHY packet structure • Orthogonal frequency division multiplexing (OFDM) • 802.11a/g radio requirements • 802.11a/g jamming vulnerability • 802.11a/g PHY packet structure • Multiple-input multiple-output (MIMO) methods
802.11 Medium Access Control (MAC)
• Carrier-sense multiple-access operation and throughput • Distributed coordination function (DCF) operation • Point coordination function (PCF) operation • MAC frame construction and examples • IEEE 802.11e quality-of-service (QoS) operation • 802.11 management operations

Day Three

Wired Equivalent Privacy (WEP)
• Shared key and public key cryptography • Cryptanalysis attack methods • WEP encryption process and weaknesses • WEP data integrity process and weaknesses • WEP access control process and weaknesses • Denial-of-service attack methods • Bluetooth security overview and comparison to WEP
Security Enhancements
• IEEE 802.11i robust security network (RSN) overview • Temporal key integrity protocol (TKIP) operation and vulnerability • Advanced encryption standard (AES) operation and implementation • AES counter mode with cipher block chaining protocol (CCMP) operation • 802.1X extensible authentication protocol (EAP) and variants • 802.1X key distribution methods • RSN information elements • Wi-Fi protected access (WPA) operation • Security analysis and cracking tools • Virtual private network (VPN) operation

Subject Areas Covered

Wireless LAN: IEEE 802.11 WiFi

Check the above links for other courses that may interest you based on subject matter.

About Us | Site Map || Contact Us | ©2010 Besser Associates