1 00:00:04,280 --> 00:00:09,700 Hello and welcome this video titled Introduction to the RSN framework. 2 00:00:09,700 --> 00:00:13,820 And if you're wondering what is RSN, don't worry, I'll explain the acronym 3 00:00:13,820 --> 00:00:15,720 in just a moment. 4 00:00:15,720 --> 00:00:23,560 So let's talk a little bit about keys and how they pertain to Wi-Fi security. 5 00:00:23,560 --> 00:00:27,440 So if you know anything about security, you're probably familiar with 6 00:00:27,440 --> 00:00:31,920 this term key. So the key is a numeric construct. 7 00:00:31,920 --> 00:00:38,560 It's a series of 1s and 0 bits, usually quite long, that is applied against 8 00:00:38,560 --> 00:00:44,240 some data with some algorithm, like for example, an encryption algorithm. 9 00:00:44,240 --> 00:00:48,960 And when you pair the data with this string of bits, call this key and 10 00:00:48,960 --> 00:00:52,880 your encryption algorithm, you're able to encrypt and then using the same 11 00:00:52,880 --> 00:00:56,040 algorithm and key, you can decrypt your data. 12 00:00:56,040 --> 00:00:59,640 But keys are used for a lot more than just encryption and decryption, 13 00:00:59,640 --> 00:01:03,480 or less the most common way that people think of keys. 14 00:01:03,480 --> 00:01:08,460 Now in the world of wireless LANs or Wi-Fi, all security revolves around 15 00:01:08,460 --> 00:01:13,720 keys. If you want to obviously protect your data via encryption and decryption, 16 00:01:13,720 --> 00:01:15,540 you're going to need some keys to do that. 17 00:01:15,540 --> 00:01:18,800 If you want to validate the integrity of the data to ensure it hasn't 18 00:01:18,800 --> 00:01:22,360 been modified or changed in transit, you're going to need some keys to 19 00:01:22,360 --> 00:01:27,200 do that. So it's a complete basis of wireless confidentiality, which is 20 00:01:27,200 --> 00:01:32,400 encryption, the foundation for integrity, and it also stops replay and 21 00:01:32,400 --> 00:01:34,100 impersonation attacks. 22 00:01:34,100 --> 00:01:37,000 So as you can see here, there's several different kinds of keys which 23 00:01:37,000 --> 00:01:38,920 are used for different purposes. 24 00:01:38,920 --> 00:01:41,280 And as we go through this video, I'm going to give you a really quick 25 00:01:41,280 --> 00:01:45,360 introduction to the names of some of these different types of keys. 26 00:01:45,360 --> 00:01:48,900 And then in subsequent videos, we'll talk about how they are derived and 27 00:01:48,900 --> 00:01:51,260 what specifically they're used for. 28 00:01:51,260 --> 00:01:56,760 Now, the derivation and distribution of keys is defined by the RSN. 29 00:01:56,760 --> 00:01:59,580 We're going to say what the RSN is in just a second. 30 00:01:59,580 --> 00:02:01,720 But this thing called the RSN that we're going to look at in the next 31 00:02:01,720 --> 00:02:06,880 slide really dictates things like, all right, how is a key formed? 32 00:02:06,880 --> 00:02:10,500 What's the procedure for creating this string of bits that we're going 33 00:02:10,500 --> 00:02:13,720 to call a key? How long is this key going to be? 34 00:02:13,720 --> 00:02:15,900 What exactly is it going to be used for? 35 00:02:15,900 --> 00:02:21,040 If this key is going to be used as a foundation to build other keys, how 36 00:02:21,040 --> 00:02:22,580 does that process work? 37 00:02:22,580 --> 00:02:24,820 So RSN dictates all of that. 38 00:02:24,820 --> 00:02:28,760 And also, how do we distribute the keys in a secure manner so that some 39 00:02:28,760 --> 00:02:33,420 eavesdropper can't see it while it's being distributed and use it? 40 00:02:33,420 --> 00:02:37,180 So RSN stands for the robust security network. 41 00:02:37,180 --> 00:02:43,460 And this was technically introduced in the 802.11i amendment back in 2004. 42 00:02:43,460 --> 00:02:47,100 So if you remember a little bit about Wi-Fi history, you remember that 43 00:02:47,100 --> 00:02:51,160 when Wi-Fi first came out, the earliest forms of data confidentiality 44 00:02:51,160 --> 00:02:54,660 was called WEP, Wired equivalent privacy. 45 00:02:54,660 --> 00:02:57,920 And that was built right into the 802.11 standard. 46 00:02:57,920 --> 00:03:01,660 But very quickly, it became realized that it was insecure. 47 00:03:01,660 --> 00:03:07,280 So then several years elapsed between WEP and the next thing in order 48 00:03:07,280 --> 00:03:09,460 for them to make Wi-Fi a lot more secure. 49 00:03:09,460 --> 00:03:12,560 And that thing that finally came out, which said, okay, we're redoing 50 00:03:12,560 --> 00:03:17,280 the whole landscape of Wi -Fi security was 802.11i. 51 00:03:17,280 --> 00:03:20,120 So there's a lot of stuff in 802.11i. 52 00:03:20,120 --> 00:03:24,640 And one of the main components of that was the robust security network. 53 00:03:24,640 --> 00:03:27,300 Now, what is RSN? 54 00:03:27,300 --> 00:03:28,880 So RSN is really a framework. 55 00:03:28,880 --> 00:03:32,320 Now remember, in the world of networking and stuff, when we talk about 56 00:03:32,320 --> 00:03:36,440 something being a framework, like the RSN framework, or we'll talk about 57 00:03:36,440 --> 00:03:39,560 something called the EAP framework, we're really talking about like a 58 00:03:39,560 --> 00:03:45,200 blueprint or a scaffolding that describes how something works. 59 00:03:45,200 --> 00:03:49,240 Like what at a high level are the components that are needed to make this 60 00:03:49,240 --> 00:03:52,200 work? How do these components interact? 61 00:03:52,200 --> 00:03:56,100 But a framework many times doesn't go into the nitty-gritty implementation 62 00:03:56,100 --> 00:04:00,200 details. It says, well, we're going to need these processes and these 63 00:04:00,200 --> 00:04:03,520 particular orders and the things that do these are going to have to have 64 00:04:03,520 --> 00:04:04,620 these characteristics. 65 00:04:04,620 --> 00:04:08,200 But we're really going to leave it up to individual manufacturers and 66 00:04:08,200 --> 00:04:12,840 ventures to come up with the specific details of how that stuff works. 67 00:04:12,840 --> 00:04:14,960 So RSN is a framework. 68 00:04:14,960 --> 00:04:16,720 So what does it include? 69 00:04:16,720 --> 00:04:21,260 So it includes things like we talked about how are keys derived and managed. 70 00:04:21,260 --> 00:04:22,880 It talks about cipher suites. 71 00:04:22,880 --> 00:04:25,420 Like when we talk about cipher suites, we're talking about like the specific 72 00:04:25,420 --> 00:04:30,220 algorithms for figuring out how to encrypt and decrypt data. 73 00:04:30,220 --> 00:04:33,800 So for example, a very common cipher suite that you see in the world of 74 00:04:33,800 --> 00:04:36,200 Wi-Fi is AES, CCNP. 75 00:04:36,200 --> 00:04:43,920 That was very first included in the 802.11i robust security network. 76 00:04:43,920 --> 00:04:46,900 How the four-way EAP over land handshake works. 77 00:04:46,900 --> 00:04:49,440 Now, I'm not sure where you're watching this video in the context of anything 78 00:04:49,440 --> 00:04:53,140 else. You may not have heard of that yet, but I will be talking about 79 00:04:53,140 --> 00:04:58,280 what that is. But just at a real quick level, the EAP over land handshake, 80 00:04:58,280 --> 00:04:59,040 it's a four-way handshake. 81 00:04:59,040 --> 00:05:00,660 So it's one, two, three, four. 82 00:05:00,660 --> 00:05:04,020 Four messages are exchanged back and forth between a Wi-Fi client and 83 00:05:04,020 --> 00:05:09,160 the access point that helps derive the final set of keys that the client 84 00:05:09,160 --> 00:05:13,200 and the access point need to encrypt things, decrypt things, manage data 85 00:05:13,200 --> 00:05:16,540 integrity, and so forth. 86 00:05:16,540 --> 00:05:21,220 So it also defines in the remote security network a particular field in 87 00:05:21,220 --> 00:05:32,340 Wi-Fi management frames that actually say, okay, what are my capabilities 88 00:05:32,340 --> 00:05:35,500 as far as Wi-Fi security is concerned? 89 00:05:35,500 --> 00:05:40,840 So if you capture a beacon from an access point and you want to see, okay, 90 00:05:40,840 --> 00:05:45,040 what encryption algorithms is this access point supporting? 91 00:05:45,040 --> 00:05:49,340 What authentication key mechanisms is he supporting? 92 00:05:49,340 --> 00:05:52,900 Then you would look for a particular information element within the beacon 93 00:05:52,900 --> 00:05:56,720 called the robust security network or the RSN information element. 94 00:05:56,720 --> 00:05:59,500 It actually looks like this. 95 00:05:59,500 --> 00:06:02,600 So you can see here, here's a beacon frame and you've got all sorts of 96 00:06:02,600 --> 00:06:06,980 information elements in there such as SSID parameter traffic indication 97 00:06:06,980 --> 00:06:10,760 map. And right there, RSN information. 98 00:06:10,760 --> 00:06:13,960 And without going into the gory details of all the stuff here, you can 99 00:06:13,960 --> 00:06:19,080 see that the 802.11i amendment said, well, we're going to structure this 100 00:06:19,080 --> 00:06:25,960 RSN. For example, you can see here the cipher suite is listed as the advanced 101 00:06:25,960 --> 00:06:26,800 encryption standard. 102 00:06:26,800 --> 00:06:30,000 AES, you can see authentication key management. 103 00:06:30,000 --> 00:06:33,900 It says we can actually do two different ways on this particular wireless 104 00:06:33,900 --> 00:06:37,380 LAN of managing authentication. 105 00:06:37,380 --> 00:06:41,700 We can actually do pre shared key right there and we can do the simultaneous 106 00:06:41,700 --> 00:06:43,800 authentication of equals right here. 107 00:06:43,800 --> 00:06:48,740 So this is actually a wireless LAN that's in transition or offers transition 108 00:06:48,740 --> 00:06:53,800 capabilities of both WPA two and WPA three. 109 00:06:53,800 --> 00:06:57,500 That's why we have two different authentication key management methods. 110 00:06:57,500 --> 00:07:01,600 You can see how can we actually protect some of the group frames like 111 00:07:01,600 --> 00:07:06,040 broadcast and multicast that the access point wants to send to all the 112 00:07:06,040 --> 00:07:08,440 clients? Well, we can use BIP to do that. 113 00:07:08,440 --> 00:07:11,200 And we'll talk more about BIP and subsequent videos. 114 00:07:11,200 --> 00:07:15,940 So the whole structure of this information element and how it's put together 115 00:07:15,940 --> 00:07:20,920 and what information it can contain is defined in the robust security 116 00:07:20,920 --> 00:07:23,860 network. All right. 117 00:07:23,860 --> 00:07:27,100 So within the robust security network, it also talks about how there are 118 00:07:27,100 --> 00:07:31,380 a variety of keys that can be used for different purposes. 119 00:07:31,380 --> 00:07:35,480 And a lot of times keys are derived from other keys. 120 00:07:35,480 --> 00:07:38,720 In other words, a bunch of mechanics will take place to derive a string 121 00:07:38,720 --> 00:07:42,920 of bits, which can be used as sort of like a main master key. 122 00:07:42,920 --> 00:07:46,660 And then you'll feed that main master key into a different formula to 123 00:07:46,660 --> 00:07:48,500 come up with other keys. 124 00:07:48,500 --> 00:07:54,760 And the idea here being that, you know, the overall goal of Wi-Fi security, 125 00:07:54,760 --> 00:07:58,860 obviously, is that we want to keep the attackers out, right? 126 00:07:58,860 --> 00:08:00,660 We, there's actually several goals. 127 00:08:00,660 --> 00:08:04,420 One goal might be we want to keep the malicious actors off of our wireless 128 00:08:04,420 --> 00:08:08,120 LAN entirely. We don't want them to be able to associate at all. 129 00:08:08,120 --> 00:08:11,820 Another goal might be, well, if they're just passively sniffing wireless 130 00:08:11,820 --> 00:08:14,760 traffic, maybe they're not associated, but they're sniffing wireless traffic 131 00:08:14,760 --> 00:08:18,440 with their own antenna, we don't want them to be able to read that traffic. 132 00:08:18,440 --> 00:08:19,520 That's another goal. 133 00:08:19,520 --> 00:08:23,360 Another goal might be, well, we don't want them to be able to inject traffic 134 00:08:23,360 --> 00:08:25,200 spoofing somebody else. 135 00:08:25,200 --> 00:08:28,800 So there's a whole bunch of goals with wireless LAN security and keys 136 00:08:28,800 --> 00:08:33,700 are used to implement those particular objectives. 137 00:08:33,700 --> 00:08:37,560 And so now the goal is, well, if we're going to use keys, we want to make 138 00:08:37,560 --> 00:08:42,100 it as difficult as possible for those malicious actors to figure out what 139 00:08:42,100 --> 00:08:46,400 the key is so they can use it themselves for evil purposes. 140 00:08:46,400 --> 00:08:48,660 And there's really sort of two ways of doing that. 141 00:08:48,660 --> 00:08:53,120 Number one, the longer a key is, the more bits it is, the harder it is 142 00:08:53,120 --> 00:08:55,460 to reverse engineer and crack that key. 143 00:08:55,460 --> 00:08:59,900 So you'll see some protocols derive longer keys than others. 144 00:08:59,900 --> 00:09:04,580 Another sort of method of protecting keys is saying, well, why don't we 145 00:09:04,580 --> 00:09:08,800 go through this long complex process to create one key, but then we won't 146 00:09:08,800 --> 00:09:09,640 use that one key. 147 00:09:09,640 --> 00:09:12,700 We'll actually take that one key, feed it into a completely different 148 00:09:12,700 --> 00:09:15,480 process to create a second key. 149 00:09:15,480 --> 00:09:19,560 So as we derive these keys, the more times you take in deriving one key 150 00:09:19,560 --> 00:09:24,360 to another key to another key, that will also make it more difficult for 151 00:09:24,360 --> 00:09:27,140 malicious actor to reverse engineer that process. 152 00:09:27,140 --> 00:09:31,120 So you'll see that the robust security network as we go along here has 153 00:09:31,120 --> 00:09:34,900 different keys are used for different purposes, such as the encryption 154 00:09:34,900 --> 00:09:38,880 of unit cast frames, the encryption of broadcast and multicast frames 155 00:09:38,880 --> 00:09:43,020 and providing integrity verification of some management frames. 156 00:09:43,020 --> 00:09:50,280 And a big thing about the robust security network is that if, let's say 157 00:09:50,280 --> 00:09:55,300 your client, your laptop, your tablet was to associate to your home network, 158 00:09:55,300 --> 00:09:58,520 and let's say that every time you disconnect it from your home network, 159 00:09:58,520 --> 00:10:01,060 like, you know, you drove away from your house and then you come back 160 00:10:01,060 --> 00:10:04,940 and you reassociate again, let's say every time you disconnect and reassociate, 161 00:10:04,940 --> 00:10:09,720 you always ended up using the exact same security keys. 162 00:10:09,720 --> 00:10:13,940 Well, if the key never changed for you, it would be pretty easy for someone 163 00:10:13,940 --> 00:10:17,360 who's sniffing your traffic for hours or days and just passively collecting 164 00:10:17,360 --> 00:10:21,460 it to maybe be able to reverse engineer that key and then be able to break 165 00:10:21,460 --> 00:10:25,380 the code and look at your data and figure out what it was before it became 166 00:10:25,380 --> 00:10:29,020 encrypted. So one of the things of the robust security network in 802 167 00:10:29,020 --> 00:10:34,940 .11i was that a fresh set of keys should be generated for every client 168 00:10:34,940 --> 00:10:38,180 every time they connect to the access point. 169 00:10:38,180 --> 00:10:44,180 So if your laptop, let's say your your smartphone right now is connected 170 00:10:44,180 --> 00:10:48,660 to your access point on the second floor of your house, you move down 171 00:10:48,660 --> 00:10:52,040 to the first floor where there's another access point and now your tablet 172 00:10:52,040 --> 00:10:54,140 or your smartphone connects to that one. 173 00:10:54,140 --> 00:10:57,940 Now you go back to your office on the second floor and you reconnect to 174 00:10:57,940 --> 00:10:59,280 that access point up there. 175 00:10:59,280 --> 00:11:02,680 Guess what? The set of keys that has just been derived will be completely 176 00:11:02,680 --> 00:11:06,800 different than when you're on the second floor like an hour ago. 177 00:11:06,800 --> 00:11:10,620 So every time you connect to a wireless LAN, a fresh set of keys is derived 178 00:11:10,620 --> 00:11:14,300 and that's what makes it more difficult for the malicious hacker to do 179 00:11:14,300 --> 00:11:18,580 their job. Now without going into sort of the gory details here, this 180 00:11:18,580 --> 00:11:24,900 is just a real sort of introduction into the types of the names of the 181 00:11:24,900 --> 00:11:28,120 different keys that the robust security network uses. 182 00:11:28,120 --> 00:11:31,200 And you can see here that they sort of go in an order. 183 00:11:31,200 --> 00:11:35,120 So at the very top, you've got one called a master session key, which 184 00:11:35,120 --> 00:11:39,900 you can see here that's only used if you're doing WPA enterprise, which 185 00:11:39,900 --> 00:11:45,140 uses 802.1x and a back end authentication server doing radius. 186 00:11:45,140 --> 00:11:48,380 So if you're doing WPA enterprise, the first key that will be derived 187 00:11:48,380 --> 00:11:50,780 is the master session key. 188 00:11:50,780 --> 00:11:55,520 And then from that, another key called the pairwise master key will then 189 00:11:55,520 --> 00:11:59,200 be derived. Now, if you're not doing WPA enterprise, if you're just doing 190 00:11:59,200 --> 00:12:02,760 WPA personal, you're just going to start out with the pairwise master 191 00:12:02,760 --> 00:12:05,840 key. And then from the pairwise master key, you can see there are these 192 00:12:05,840 --> 00:12:09,820 other keys that are subsequently derived from those. 193 00:12:09,820 --> 00:12:13,500 And we're going to talk about what are the sort of formulas used to derive 194 00:12:13,500 --> 00:12:17,420 each of these. What are each of these keys actually used for? 195 00:12:17,420 --> 00:12:21,060 For example, you can see here in the box in the left, all these keys are 196 00:12:21,060 --> 00:12:23,560 used for unit cast traffic. 197 00:12:23,560 --> 00:12:27,860 And for the box on the right, these are keys used for multicast or broadcast 198 00:12:27,860 --> 00:12:30,700 traffic. And we'll talk about all of those. 199 00:12:30,700 --> 00:12:33,640 Now, one more thing I want to talk about before I leave this presentation 200 00:12:33,640 --> 00:12:38,180 is notice that there's a lot of keys, for example, here on the left, that 201 00:12:38,180 --> 00:12:43,900 start out with the word pairwise, like pairwise master key, pairwise transient 202 00:12:43,900 --> 00:12:47,600 key. So what does this word pairwise mean? 203 00:12:47,600 --> 00:12:49,840 So this is actually quite important. 204 00:12:49,840 --> 00:12:57,480 So pairwise simply is talking about how this key is for a pair of devices 205 00:12:57,480 --> 00:13:02,560 only. So for example, your laptop and the access point you're connected 206 00:13:02,560 --> 00:13:05,460 to, that is a pair of devices. 207 00:13:05,460 --> 00:13:11,140 So there is a set of pairwise keys just for you, your laptop and the access 208 00:13:11,140 --> 00:13:16,540 point. If Sally's laptop sitting next to you is connected to that same 209 00:13:16,540 --> 00:13:21,860 access point, she's going to get a different set of pairwise keys. 210 00:13:21,860 --> 00:13:26,140 So this also helps maintain per client isolation. 211 00:13:26,140 --> 00:13:31,540 You see, it wouldn't really be very secure if you and Sally, who are on 212 00:13:31,540 --> 00:13:35,220 the exact same wireless LAN, could actually read each other's traffic. 213 00:13:35,220 --> 00:13:38,820 If you could crank up, you know, wire shark, capture all of Sally's Wi 214 00:13:38,820 --> 00:13:42,840 -Fi frames and clearly see in plain text what she was doing. 215 00:13:42,840 --> 00:13:46,560 But because she's got her own set of pairwise keys, you can't do that. 216 00:13:46,560 --> 00:13:48,760 And she can't read your data. 217 00:13:48,760 --> 00:13:50,460 And so that's what is referring to here. 218 00:13:50,460 --> 00:13:54,860 Each client has its own distinct set of keys. 219 00:13:54,860 --> 00:13:58,000 So thank you so much for watching this brief overview and introduction 220 00:13:58,000 --> 00:14:02,580 to the robust security network and how keys fit into the scheme of things. 221 00:14:02,580 --> 00:14:05,040 I really hope this video was helpful for you.