IEEE 802.1X Authentication

The Institute of Electrical and Electronics Engineers (IEEE) 802.1X standard is an improvement over the capabilities of the WEP. Although WEP provides encryption services, 802.1X provides authentication services. WEP offers a certain measure of encryption between AP and client; however, the data still floats in the ether, exposing it to analysis and examination. In a wired network, unauthorized devices can be blocked from the network if you disable unused RJ-45 jacks and associating Media Access Control (MAC) addresses to Ethernet switch ports.

Manage Port Access

WLANs can include or exclude devices based on MAC addresses using access control lists (ACLs). For more on MAC filtering, skip ahead to Chapter 8, "Wireless Security: Next Steps." Although this type of ACL is easy to implement and manage on small networks, they are tough to manage in large and dynamic networks because individual MAC addresses have to be entered manually for each authorized device. Obviously, this is laborious.

Attacking with MAC

Because ACLs use MAC addresses, they are also prone to attack. An intruder can sit nearby and pick up traffic between the AP and authorized clients. Although the contents of a WEP conversation are encrypted, the MAC address is not. As a result, an attacker can do one of two things:

• The patient attacker can wait until the monitored station disassociates from the network, and then simply reconfigure the network interface card (NIC) to broadcast the intercepted MAC address.

• The impatient attacker can simply send a disassociate request to the AP, bumping the legitimate station off the WLAN. Before the legitimate station can reassociate, the attacker can associate with the spoofed MAC address.

The LAN Port Access Control framework, outlined by the 802.1X standard, helps control access to one's WLAN.

802.1X Protocols

802.1X can be thought of as a control inside your Ethernet switches and APs. The control starts in the OFF position. It considers 802.1X requests and if it decides to grant access, the control moves to the ON position. After a period of time, the station times out or disconnects, moving the control back to the OFF position.

Although the credibility of WEP has taken a beating, it's not totally out of the WLAN security game. WEP is a necessary part of an 802.1X deployment. WEP, used in conjunction with 802.1X, is far more secure than when it is used in static deployments. An even more robust security mechanism, Wi-Fi Protected Access (WPA), is discussed later in this chapter.

There are several protocols used with the 802.1X standard for LAN Port Access Control. Within the 802.1X framework, a LAN station is not allowed to pass traffic through an Ethernet device or WLAN AP until it has successfully authenticated itself. After it has been authenticated, the client can pass traffic on the LAN.

There are 43 protocols that work within the framework of 802.1X authentication. Some of the popular protocols you are likely to see in Cisco wireless networking include a variety of Extensible Authentication Protocol (EAP) authentication frameworks. These are covered in the sections that follow.

Extensible Authentication Protocol

The EAP is a framework that supports multiple methods of authentication. In essence, EAP manages the authentication, but the variant of EAP used dictates how clients are authenticated. Some authentication methods include:

• Token cards

• Kerberos

• Public key authentication

• Certificates

• Smart cards

• One-time passwords (OTP)

Several variations on EAP are possible. Depending on your organization's need, it allows different types of authentication.

As Figure 4-1 shows, EAP authentication is a multistep process:

This is the basic framework of how EAP works. However, individual authentication methods can make the process slightly different.

EAP-TLS

EAP with Transport Layer Security (EAP-TLS) requires that both the station and RADIUS server authenticate themselves using public key cryptography, such as smart cards or digital certificates.

This conversation is secured with an encrypted TLS tunnel. That is, only the authentication is encrypted. After that is complete, then WEP, WPA, or WPA2 provide user data encryption. Although this makes EAP-TLS resistant to decryption dictionary and man-in-the-middle (MitM) attacks, the station's identity (and the name bound to the certificate) can still be culled by attackers.

Because EAP-TLS is standard on Microsoft Windows XP, Windows 2000, and Windows Server 2003, it is popular in Windows-based environments. Figure 4-2 shows EAP-TLS in action.

The EAP-TLS authentication process is as follows:

The downside to this method is that issuing digital certificates to each station is time consuming, and most organizations prefer to use usernames and passwords for wireless authentication. Protected EAP (PEAP), which is discussed later in this chapter, is a good substitute for EAP-TLS.

Cisco Wireless EAP

The Cisco proprietary take on EAP is known as Cisco Wireless EAP.

Note

Cisco Wireless EAP is also known as Lightweight EAP (LEAP). However, some users interpreted "lightweight" with a negative connotation, so Cisco opted to call it Cisco Wireless EAP instead.

Cisco Wireless EAP provides username and password-based authentication between a wireless client and AP, via an authentication server.

Cisco Wireless EAP server and client derive a session key, so that future frames can be encrypted with a key different than keys used by other sessions, thus providing stronger security. In addition, new keys are generated each time the client roams to a new AP.

Dynamic keys, a feature in all EAP implementations, address an enormous vulnerability inherent with static encryption keys. Static keys are shared among all stations on the WLAN. If an attacker can crack the static shared key, he can eavesdrop on all WLAN traffic. Dynamic session keys make it more difficult for the attacker because there is less traffic to analyze, and consequently, it reduces the potential for finding a flaw. In addition, if the attacker is able to crack the key, the session might already be over.

When using Cisco Wireless EAP, dynamic per-user, per-session WEP keys are generated each time the user authenticates to the WLAN. You can strengthen security even further by requiring WEP key timeouts, which forces re-authentication. This generates a new WEP key, even for existing sessions. Figure 4-3 shows the Cisco Wireless EAP process.

The Cisco Wireless EAP authentication process is as follows:

PEAP

PEAP was developed by Cisco, Microsoft, and RSA Security. PEAP allows authentication of WLAN clients without requiring certificates. This protocol simplifies the architecture of WLAN security.

PEAP Overview

PEAP, like the competing tunneled transport layer security (TTLS), uses transport layer security (TLS). Think of it as a stronger version of SSL, the protocol used to secure HTTP sessions. TLS establishes an end-to-end tunnel to transmit the client's credentials. A certificate is required on the server.

There are two phases to PEAP functionality:

• Phase 1 Server-side TLS authentication starts, and an encrypted tunnel is created. This creates a server-side authentication system, such as the kind used to authenticate using SSL. When this phase is completed, all authentication data is encrypted.

• Phase 2 The client is authenticated using either MS-CHAP Version 2 or other authentication schemes (which are explained in the next section, "PEAP Version 0 and Version 1").

Figure 4-4 shows how PEAP works.

The PEAP authentication process is as follows:

An organization can use Windows logins and passwords if it has not issued certificates to every station. RADIUS servers that support EAP-TTLS and PEAP can check LAN access requests with Windows domain controllers, Active Directories, and other existing user databases.

PEAP Version 0 and Version 1

There are two versions of PEAP:

• PEAP Version 0 (also known as Microsoft PEAP)

• PEAP Version 1 (also known as Cisco PEAP)

Each version supports a different method of client authentication through its TLS tunnel. Version 0 authenticates clients using MS-CHAP Version 2. This limits user databases to those supporting MS-CHAP Version 2, such as Active Directory.

Version 1 (Cisco PEAP) authenticates clients using OTPs and logon passwords, which allow OTP support from vendors and logon password databases in addition to Microsoft databases.

In addition, Version 1 enables users to hide name identities until the TLS tunnel is created. This ensures that usernames are not broadcast during the authentication phase.

EAP-FAST

EAP-FAST is like EAP-TLS in that it uses a certificate-like Protected Access Credential (PAC) file for authentication, and it is like PEAP in that it authenticates the station using a username and password via an encrypted TLS tunnel. EAP-FAST is unique in that it is designed to speed re-authentication as stations roam among APs. EAP-TLS and PEAP require lengthy message exchanges between the station and the server, taking several seconds to re-authenticate. Applications that are not latency sensitive do not need to worry much about this; however, applications that are sensitive to latency (such as voice over IP) suffer if re-authentication takes more than a few milliseconds.

EAP-FAST uses shared secret keys to accelerate the re-authentication process. Public keys are convenient because the station and AP can authenticate each other without having to know each other in advance. (Public keys are used when connecting to a secure website, for instance.) Secret keys are faster, but require that both the station and the AP already have the secret key. Figure 4-5 shows how EAP-FAST works.

The EAP-FAST authentication process is as follows:

Comparison of 802.1X Authentication Methods

There are a lot of differences among PEAP, Cisco Wireless EAP, EAP-TLS, and EAP-FAST. To help sort the attributes of these protocols, Table 4-1 compares the various features of these different authentication methods.