Documentos de Académico
Documentos de Profesional
Documentos de Cultura
WEP l g?
WEP (Wired Equivalent Privacy) c ngha l tng ng mng c dy b mt. Cc nh
thit k chun 802.11 c nh cung cp cho ngi dng mng khng dy vi mc an
ton tng ng vi mng c dy. Nhng khng may, WEP c qu nhiu im yu an ninh
hn d kin.
WEP lm vic nh th no ?
WEP s dng cc kho (key) b mt m ho d liu. C im truy cp (AP-Access Point)
v cc trm nhn tn hiu phi bit cc key b mt ny. WEP c hai loi key l 64bit v
128bit. Key di hn th an ton hn. Thc t key ngi s dng l 40bit v di 104bit, 24bit
cn li m nhn nhng thay i gi l Vector khi to (IV).
WEP sai g ?
Cc gi tr (IV) c th c ti s dng
Thc t chun ny khng ch nh r gi tr cn thay i tt c. Ti s dng cc key l
im yu mt m chnh trong h thng an ninh.
di (IV ) qu ngn
Key 24bit cho php 16,7 triu kh nng, nghe th nhiu, nhng trn mt h thng lm vic
lin tc con s ny c th thc hin trong vi gi. Vic ti s dng (IV) l khng th trnh.
Vi nh sn xut dng cc key ngu nhin. y l cch tt nht trnh vic ti s dng
key. Gii php tt nht l bt u mt key v gia tng thm mt key na theo sau mi key
. Nhng khng may, nhiu thit b tr v gi tr nh ban u lc khi ng v sau lin
tc cung cp nhiu gi tr tng t cho hacker.
Cc key yu d b tn cng
S kt hp gi tr cc key, s yu km gi tr (IV), khng to ra d liu ngu nhin cho
mt vi byte u tin. y l vn c bn trong cc cuc tn cng WEP c cng b
v l do cc key c th b tm ra.
Cc nh sn xut thng thn trng khng c php cc gi tr (IV) yu km. Vic ny tt v
lm gim c hi ca hacker bt cc key yu, nhng n cng tc ng lm gim key gii
hn c th thm, lm gia tng c hi ti s dng cc key.
Kt lun
Mc d WEP khng cn l gii php an ninh l tng. Nhng c vi bin php an ninh cn
tt hn l khng c g. K tn cng nht nh c th tm ra key ca bn vi thi gian v gi
tr (IV) yu km.
WEP vs WPA
Trch:
WPA l g ?
WiFi Protected Access (WPA: bo v truy cp wifi) l chun an ninh mi, c tp on
WiFi Alliance la chn, n m bo s tng tc cc thit b ca nhng nh sn xut khc
nhau. Chun WPA cung cp mc an ton hn chun WEP, l cu ni gia chun WEP v
chun 802.11i, n c u im l phn sn (firmware) trong cc thit b c c th nng cp
c.
WPA lm vic nh th no ?
WPA dng Temporal Key Integrity Protocol (TKIP: giao thc ton vn Key thi gian). TKIP
c thit k cho php WEP c th nng cp c. iu ny c ngha l tt c nhng
khi kin trc ca WEP u hin hu nhng c hiu chnh nhng vn v an ninh.
S qun l v cp nht ngho nn trong WEP c trong WPA nhng khng phi vn ca
WPA. Vic kim tra tnh ton vn thng tin khng hiu qu trn WEP nhng WPA s dng
MIC-Message Integrity Check : kim tra tnh ton vn thng tin. Do phn cng rng buc
nn vic kim tra tng i n gin. Theo l thuyt, c 1 triu c hi on chnh xc MIC.
Vic cn u tin l thay i cu trc vt qua TSC v c gi tin key m ho thm ch
chm n im MIC hot ng. An ninh ca MIC c th pht hin tn cng v thc hin o
c ngn chn cc cuc tn cng mi.
Kt lun:
WPA (TKIP) l gii php tt, an ton hn nhiu so vi WEP, nh v tt c nhng im yu
v cho php tng thch, nng cp trn cc thit b c.
WPA vs WPA2
Trch:
Tuy nhin, WPA ang on cui ca gii php tho hip. N vn da vo thut ton m
ho RC4 v TKIP. Mc d khng chc chn, nhng c kh nng tnti im yu mi.
Mt h thng an ninh ton vn mi nn trnh thit k chun WEP yu km, v kh nng xm
nhp vo mng LAN khng dy. y ban thng trc WiFi Alliance quyt nh thit k
mt h thng an ton mi, chun 802.11i, cng l WPA2.
Chun 802.11i l g ?
Chun 802.11i l khi nim ca Robust Security Network (RSN). Trong cc thit b RSN
cn h tr tnh nng b sung. iu ny i hi phn cng mi v trnh iu khin tng
thch RSN vi cc thit b WEP. Trong qu trnh chuyn tip th c 2 thit b RSN v WEP
u c h tr (trong thc t WPA/TKIP l gii php thit k dng c cho cc thit b
c hn) nhng xa hn th cc thit b WEP s b loi b.
Chun 802.11i dng c nhiu mng v c th dng TKIP, nhng mc nh RSN dng
AES(Advanced Encryption Standard) v CCMP (Counter Mode CBC MAC Protocol)
chng cung cp gii php an ton hn.
AES/CCMP l g ?
Advanced Encryption Standard (AES) l h thng mt m c RSN s dng. N tng
ng thut ton RC4 c s dng trn chun WPA. Tuy nhin c ch m ho phc tp
hn v khng b xm hi bi nhng vn lin quan n WEP. AES l mt khi mt m,
hot ng trn cc khi d liu c di 128bit.
CCMP l giao thc an ninh c AES s dng. N tng ng TKIP trong WPA. CCMP
tnh ton MIC dng phng php ni ting CBC-MAC (Cipher Block Chaining Message
Authentication Code). Vic thay i d ch 1 bit trn thng tin cng lm sai lch ton b.
Mt trong nhng iu ti t ca WEP l qun l key b mt. Nhiu nh qun tr thy khng
kh thi khi phi qun l key ny trong mt mng ln. Kt qu l WEP key khng c
thay i thng xuyn v to iu kin d dng hn cho hacker.
RSN ch nh tui th ca Key; tng t nh TKIP, AES/CCMP yu cu 512bit cha tt
c cc Key, t hn TKIP.
Key chnh TKIP khng s dng trc tip, nhng c dng to cc key khc. May mn
l cc nh qun tr ch cn cung cp 1 key chnh.
Thng tin c m ho dng key b mt (128bit) v mt khi d liu 128bit. Qu trnh m
ho th phc tp nhng cc nh qun tr khng cn bit cc php tnh phc tp ny. Kt qu
m ho cui cng kh ph v hn c WPA.
Kt lun
Chun 802.11i l chun an ninh mnh nht i vi mng khng dy. Khi chun 802.11i
c ph chun th cc thit b tng thch RSN (WPA2) xut hin. 802.11i (WPA2) s l
gii php an ton, c sc thu ht i vi ngi dng doanh nghip, nh qun tr mng.