CWNP CWSP – Module 03 – Encryption Ciphers and Methods Part 4

10. CCMP Part1

CCMP is where we’re moving to. It’s often associated with the advanced Encryption standard AES we call it, as you see here, the counter mode with cipher block chaining message authentication code protocol. So somehow they left out a bunch of the letters to come up with that acronym, CCMP. This is a part of the 8211 series that was designed for security. As part of the amendment. It was designed here. It is here as a replacement not only to TKIP but certainly to Web. And it is something that is considered mandatory if you want to have what we call a robust security network. Mandatory because it is better encryption, it is better process. And currently our standard that we use for WPA Two as we set that up, either personal or WPA Two for enterprise.

So it is, like I said, something that we should strive for. And most any different types of devices you buy currently today from almost any vendor, even if you went down to your local electronics shop and bought a home access point, you’re going to sit there and see that it is ready to do WPA Two, maybe personal, but you’re still basically going to be doing CCMP. So unless you have some really old equipment or have equipment with a very old operating system, this shouldn’t be a big deal. Now, there are a number of different acronyms that go with this and the acronyms that you want to know and we’ll try to get a little bit deeper into what CCMP does is what we call counter mode, which is a part of what we use for confidentiality. Remember, that is encryption, the message authentication code. All right? So I’m sorry to tell you this. I’m just going to write it out right over here on the side. That acronym, Mac, has a lot of meanings.

The two that you’ve already heard from me in this course was Media Access Control, which I said was the same as a burned in address, right? Some people call it a hardware address of the network card, but it also stands for Message Authentication Code. What that means is that we’re actually doing two things. We’re doing authentication, verifying where it came from and it’s also part of the integrity check. Remember, the integrity check goes back to being able to hash things and make sure that nothing has changed. So that’s another acronym that Mac does, which I’ll just put authentication.

And if you really care about it, when you get into security systems and operating systems, it also can stand for Mandatory Access Control, which you would see a lot of government or military systems use things like ratings or classifications like Top Secret, Secret and those types of things. And if you really want to get into the forensics, it also stands for Date, Modified Date, last access date created when it comes to verifying when a file was actually made, accessed or changed. All right, that’s trivia. So in case you ever go on the game show Jeopardy.

You’re ready for computer acronyms for 1000. All right. And then the other one, of course, was the advanced encryption standard, AES. Now, remember, AES is a standard that was actually put out to bid. And when it was put out to bid, many companies would submit an algorithm they thought met the standards. And then when one was chosen, it’s almost synonymous with AES. But that’s for a time anyway, there are many different solutions that could meet the AES standard. So it was really a definition of what we wanted our crypto systems to do. And, you know, then companies submitted their own solutions for it until one was chosen.

11. CCMP Part2

Now, CCMP has a number of components. One of the things and this kind of a review, we talked about the fact that it uses 128 bit key for either a pairwise transient key. And remember, that was for unicast traffic and would be unique with each of the stations that are connected to the access point. And then they would all share a group wise transient key which is used for the multicast or broadcast. So that’s where I’m just saying MCAST or BCAST traffic, which makes sense because all of the stations would want to hear the broadcast traffic. Well, maybe they don’t, but they should if it was a broadcast. Another part of what we use in CCMP is what’s called a PN or packet number. And that’s a 48 bit number that uniquely identifies a frame. It’s just kind of like a label. It’s a number and it’s incremented with each frame transmission. So again, if you think about one of the weaknesses we had with Web is when this hacker would do a replay attack, right? And the idea of the replay attack to the access point was to try to generate all of these IVs and figure out what’s happening.

Well, if you’re replaying a packet number that has already been sent and the replay doesn’t increment these packet numbers, the access point is going to drop it. It’s going to know that, hey, this is either a replay or an injection attack that we want to be able to stop. Now, the next part of this is what’s called a nonce. All right? So a nonce is a random numerical value generated one time only. It’s 104 bits in size and it’s constructed from the packet number, the priority data that you might use in QoS and the transmitter address.

Now, this is not the same number. That when we get into the four way handshake in another part of this course, it’s not the same number, but it is used sometimes in what we call salt. When we talk about salt, we’re adding some value that’s random to make it again, more difficult for people to try to crack what’s happening. The term nonce, depending on what you read, at one point, was called a magic number, at another point it was called a reasonably random number. And now we seem to have settled on the term not. But I wanted to give you the other values. And again, it’s just something we’re adding with randomness to make it harder for people to guess or to crack what’s happening in there. Now, remember in CCMP we had the Mpdu and the Mpdu was the actual hole encapsulation.

Like I said, we had the layer two. And I guess you could say the Mpdu was this whole thing and what it did contain was the encrypted part, which was the MSDU. So again, that’s just so the Mpdu is also going to contain things like Michael the Mic, as we talked about it, before. It’s considered the upper layer payload that we use and it’s protected by Mic and it’s also contains as a part of it the Mac header. So just more acronyms for you to memorize. And then we have the AAD you might think, oh maybe it’s a misspelling, it’s the additional authentication data. And it’s again constructed from part of the Mpdu header and again used for data integrity of the Mac header.

So basically what we’re trying to do is by using and what did I say was here? Layer two as part of it. So we can use that information as another way of verifying the integrity of the packet that’s being sent. So there’s a lot of pieces. I don’t know if you’ve got a clear picture of what all these pieces are that we’re going to set up, but what I’m going to do is because going to take you through the steps of the data integrity process. And then after I do that, I’m going to try my best to illustrate that for you. As you can see, I am doing great with my hand drawn pictures of I call it Ken’s Visio. So we’re going to take you through the steps and then from those steps, like I said, I’ll try my best to illustrate that for you.

12. CCMP Part3

All right, so here’s the steps of CCMP and it is pretty verbose. I tried to put all of the steps in here with all of the different things that are set up to go with these steps. And like I said from that point then if I try to illustrate it and you go back and you listen to me repeat the steps and you watch the illustration that I hope that together I’ll make some sense out of it. One of the first things that we’ve, we said is that every packet gets a unique number of PN and so that’s again going to increment with each packet, with each individual Mpdu and remember, they might remain the same for a retransmission. But the idea is if you did accept it so retransmissions are not the end of the world, that doesn’t mean it’s a replay attack. There could have been some sort of interference, whether it was interference to the radio frequency or maybe the access point wasn’t ready.

Maybe your system decided that it was clear to sand when it wasn’t its turn. But basically if it’s not acknowledged then those are okay for retransmissions. But if you got let’s say packet number one and then I sent you packet number one again but you already received it. That’s the problem with the replay attack. Now the next part as I said, is that we use parts of the fields of the Mpdu header and we just talked about what was in the Mpdu header and we use that for the AAD. So we construct the additional authentication data.

Again, Michael provides integrity protection for those fields in the Mac header. Again, remember what Michael was made up of part of what was made up with the source and destination address and it also provides protection for the frame body. So all of the Mac addresses that I just mentioned, which would include the basic service that ID that’d be the Mac address of the access point are also being protected. Portions of the other fields of the Mac header are also protected by this integrity check. So the idea is that as the receiving station will validate the integrity of that protected portion of the Mac header and even though the rest might be encrypted at this point, we at least are taking care of a lot of those different types of attacks.

Again bit flipping or replaying retransmissions or the rest of them. So as an example anyway, the frame type and the distribution bits that are subfields of this, what we call I guess the frame control field are going to be protected. The receiving stations, whether the laptop or the access point will validate the integrity of these protected portions of the Mac header. And the AAD does not include, it says the header duration field because the duration field value can change based on normal 800 and 211 operation. Which is why I don’t think we’ve even brought it up at this point as a part of that header. So for that same reason, several of the other subfields that we haven’t brought up in the frame control field, like the sequence control and the QoS control field are going to be masked down to zero.

So they’re not protected. Which is again another reason why we didn’t bring it up. Another example the retry bit and the power management. These are parts by the way, of the initial management frames that we haven’t talked about yet. So we’re going to come back and talk about what those mean. But those are also going to be managed, asked off and not protected by the CCM integrity.