WLAN-Sicherheit.html

<!doctype html>
<html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0">
  <title>WLAN-Sicherheit</title>
  <style type="text/css">
    /* Color Palette Based on Monokai

white       : #fafafa
light grey  : #efefef
grey        : #75715e
dark grey   : #272822
black       : #191919

light blue  : #66d9ef
blue        : #1db4d0
lavender    : #bf79db
magenta     : #f92672
light green : #a6e22e
*/

/* Local Fonts */
@font-face {
  font-family: 'Open Sans';
  font-style: normal;
  font-weight: 300;
  src: url('fonts/opensans/300.woff2') format('woff2'),
       url('fonts/opensans/300.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: normal;
  font-weight: 400;
  src: url('fonts/opensans/400.woff2') format('woff2'),
       url('fonts/opensans/400.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: normal;
  font-weight: 600;
  src: url('fonts/opensans/600.woff2') format('woff2'),
       url('fonts/opensans/600.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: normal;
  font-weight: 700;
  src: url('fonts/opensans/700.woff2') format('woff2'),
       url('fonts/opensans/700.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: normal;
  font-weight: 800;
  src: url('fonts/opensans/800.woff2') format('woff2'),
       url('fonts/opensans/800.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: italic;
  font-weight: 300;
  src: url('fonts/opensans/300i.woff2') format('woff2'),
       url('fonts/opensans/300i.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: italic;
  font-weight: 400;
  src: url('fonts/opensans/400i.woff2') format('woff2'),
       url('fonts/opensans/400i.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: italic;
  font-weight: 600;
  src: url('fonts/opensans/600i.woff2') format('woff2'),
       url('fonts/opensans/600i.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: italic;
  font-weight: 700;
  src: url('fonts/opensans/700i.woff2') format('woff2'),
       url('fonts/opensans/700i.woff') format('woff');
}

@font-face {
  font-family: 'Open Sans';
  font-style: italic;
  font-weight: 800;
  src: url('fonts/opensans/800i.woff2') format('woff2'),
       url('fonts/opensans/800i.woff') format('woff');
}

@font-face {
  font-family: 'Merriweather';
  font-style: normal;
  font-weight: 400;
  src: url('fonts/merriweather/400.woff2') format('woff2'),
       url('fonts/merriweather/400.woff') format('woff');
}

@font-face {
  font-family: 'Merriweather';
  font-style: normal;
  font-weight: 700;
  src: url('fonts/merriweather/700.woff2') format('woff2'),
       url('fonts/merriweather/700.woff') format('woff');
}

@font-face {
  font-family: 'Merriweather';
  font-style: normal;
  font-weight: 900;
  src: url('fonts/merriweather/900.woff2') format('woff2'),
       url('fonts/merriweather/900.woff') format('woff');
}

@font-face {
  font-family: 'Merriweather';
  font-style: italic;
  font-weight: 400;
  src: url('fonts/merriweather/400i.woff2') format('woff2'),
       url('fonts/merriweather/400i.woff') format('woff');
}

@font-face {
  font-family: 'Merriweather';
  font-style: italic;
  font-weight: 700;
  src: url('fonts/merriweather/700i.woff2') format('woff2'),
       url('fonts/merriweather/700i.woff') format('woff');
}

@font-face {
  font-family: 'Merriweather';
  font-style: italic;
  font-weight: 900;
  src: url('fonts/merriweather/900i.woff2') format('woff2'),
       url('fonts/merriweather/900i.woff') format('woff');
}

@font-face {
  font-family: 'Fira Mono';
  font-style: normal;
  font-weight: 400;
  src: url('fonts/fira/400.woff2') format('woff2'),
       url('fonts/fira/400.woff') format('woff');
}

@font-face {
  font-family: 'Fira Mono';
  font-style: normal;
  font-weight: 500;
  src: url('fonts/fira/500.woff2') format('woff2'),
       url('fonts/fira/500.woff') format('woff');
}

@font-face {
  font-family: 'Fira Mono';
  font-style: normal;
  font-weight: 700;
  src: url('fonts/fira/700.woff2') format('woff2'),
       url('fonts/fira/700.woff') format('woff');
}

/* Theme Styles */
body {
  font-family: 'Open Sans', sans-serif;
  font-size: 100%;
  color: #fafafa;
  background-color: #191919;
}

/* Custom Slide Styles */
#slide-1 {
  background: #222 url(wireball.png) center center no-repeat;
  background-size: cover;
}

#slide-1 h1 {
  text-shadow: 1px 2px 4px #191919;
}

#slide-1 p {
  text-shadow: 1px 1px 1px #191919;
}

.center {
  text-align: center;
}

img.badge {
  height: 128px;
  width: 128px !important;
  border-radius: 50% !important;
}

/* Presentation Styles */
.slide {
  position: absolute;
  top: 0;
  right: 0;
  bottom: 0;
  left: 0;
  padding: 100px;
}

.slide-content {
  height: 100%;
  width: 100%;
  padding: 0;
  margin: 0 auto;
  font-size: 200%;
  font-weight: 200;
  line-height: 1.375;
  overflow: hidden;
}

.slide-content img {
  width: 100%;
  border-radius: 3px;
}

.controls {
  position: absolute;
  bottom: 10px;
  left: 10px;
}

.arrow {
  float: left;
  height: 0;
  width: 0;
  margin-right: 15px;
  border: 15px solid #272822;
  -webkit-touch-callout: none;
    -webkit-user-select: none;
     -khtml-user-select: none;
       -moz-user-select: none;
        -ms-user-select: none;
            user-select: none;
}

.prev {
  border-top-color: transparent;
  border-right-width: 25px;
  border-bottom-color: transparent;
  border-left-color: transparent;
  border-left-width: 0;
}

.next {
  border-top-color: transparent;
  border-right-color: transparent;
  border-right-width: 0;
  border-bottom-color: transparent;
  border-left-width: 25px;
}

.prev:hover {
  border-right-color: #efefef;
  cursor: pointer;
}

.next:hover {
  border-left-color: #efefef;
  cursor: pointer;
}

h1,
h2,
h3 {
  font-family: 'Merriweather', serif;
}

h1 {
  margin: 170px 0 0;
  font-size: 300%;
  text-align: center;
  line-height: 1.2;
}

h2 {
  margin: 5px 0;
  font-size: 100%;
  font-weight: 200;
  text-align: center;
  line-height: 1.2;
}

h3 {
  margin: 0;
  padding-bottom: 15px;
  font-size: 140%;
  line-height: 1.2;
  border-bottom: 2px ridge #fafafa;
}

ul {
  padding: 20px 0 0 60px;
  font-weight: 200;
  line-height: 1.375;
}

blockquote {
  padding-left: 20px;
  margin-left: 0;
  background: #272822;
  border-left: 5px solid #efefef;
  border-radius: 0 3px 3px 0;
}

blockquote p {
  padding: .5em;
  color: #efefef;
}

.left {
  float: left;
  width: 48%;
}

.right {
  float: right;
  width: 48%;
}

.author h1 {
  margin-bottom: 30px;
  font-size: 170%;
  font-weight: 200;
  text-align: center;
}

.author h3 {
  font-size: 95%;
  font-weight: 100;
  text-align: center;
  border: none;
}

.author h3.twitter::before {
  content: 'Twitter: ';
}

.author h3.github::before {
  content: 'Github: ';
}

.author h3.email::before {
  content: 'Email: ';
}

.author h3.url::before {
  content: 'Web: ';
}

a {
  text-decoration: none;
  color: #66d9ef;
}

a:hover {
  color: #66d9ef;
  border-bottom: 1px solid #66d9ef;
}

hr {
  border: 1px solid #efefef;
}

pre {
  font-size: 75%;
  line-height: 1.3;
}

table td,
table th {
  padding-right: 3em;
  text-align: left;
}

.progress {
  position: fixed;
  top: 0;
  right: 0;
  left: 0;
  height: 3px;
}

.progress-bar {
  height: 3px;
  width: 0;
  background-color: #a6e22e;
  -webkit-transition: width .15s ease-out;
     -moz-transition: width .15s ease-out;
       -o-transition: width .15s ease-out;
          transition: width .15s ease-out;
}

.hidden {
  display: none;
}

/* Code Highlighting */
code {
  padding: .1em .35em;
  font-family: 'Fira Mono';
  color: #fafafa;
  background-color: #272822;
  border-radius: 3px;
}

pre code {
  display: block;
  padding: .5em;
  font-family: 'Fira Mono';
  font-weight: 400;
  overflow-y: hidden;
  background: #272822;
}

pre .tag,
pre .tag .title,
pre .keyword,
pre .literal,
pre .change,
pre .winutils,
pre .flow,
pre .lisp .title,
pre .clojure .built_in,
pre .nginx .title,
pre .tex .special {
  color: #f92672;
}

pre code {
  color: #75715e;
}

pre code .constant {
  color: #66d9ef;
}

pre .class .title {
  color: #fafafa;
}

pre .attribute,
pre .symbol,
pre .symbol .string,
pre .value,
pre .regexp {
  color: #bf79db;
}

pre .tag .value,
pre .string,
pre .subst,
pre .title,
pre .haskell .type,
pre .preprocessor,
pre .ruby .class .parent,
pre .built_in,
pre .sql .aggregate,
pre .django .template_tag,
pre .django .variable,
pre .smalltalk .class,
pre .javadoc,
pre .django .filter .argument,
pre .smalltalk .localvars,
pre .smalltalk .array,
pre .attr_selector,
pre .pseudo,
pre .addition,
pre .stream,
pre .envvar,
pre .apache .tag,
pre .apache .cbracket,
pre .tex .command,
pre .prompt {
  color: #a6e22e;
}

pre .comment,
pre .java .annotation,
pre .python .decorator,
pre .template_comment,
pre .pi,
pre .doctype,
pre .deletion,
pre .shebang,
pre .apache .sqbracket,
pre .tex .formula {
  color: #75715e;
}

pre .keyword,
pre .literal,
pre .css .id,
pre .phpdoc,
pre .title,
pre .haskell .type,
pre .vbscript .built_in,
pre .sql .aggregate,
pre .rsl .built_in,
pre .smalltalk .class,
pre .diff .header,
pre .chunk,
pre .winutils,
pre .bash .variable,
pre .apache .tag,
pre .tex .special,
pre .request,
pre .status {
  /* font-weight: 600; */
}

pre .coffeescript .javascript,
pre .javascript .xml,
pre .tex .formula,
pre .xml .javascript,
pre .xml .vbscript,
pre .xml .css,
pre .xml .cdata {
  opacity: .5;
}

/* Responsiveness */

@media (max-width: 850px) {

  body {
    font-size: 70%;
  }

  .slide-content {
    width: auto;
  }

  img {
    width: 100%;
    border-radius: 3px;
  }

  h1 {
    margin-top: 120px;
  }

  .prev,
  .prev:hover {
    border-right-color: rgba(135, 135, 135, .5);
  }

  .next,
  .next:hover {
    border-left-color: rgba(135, 135, 135, .5);
  }
}

@media (max-width: 480px) {
  body {
    overflow: hidden;
    font-size: 50%;
  }

  .slide-content {
    height: 340px;
    padding: 10px;
    margin-top: 10px;
  }

  h1 {
    margin-top: 50px;
  }

  ul {
    padding-left: 25px;
  }
}

@media print {
  * {
    -webkit-print-color-adjust: exact;
  }

  @page {
    size: letter;
  }

  .hidden {
    display: inline;
  }

  html {
    height: 100%;
    width: 100%;
    overflow: visible;
  }

  body {
    float: none !important;
    padding: 0;
    margin: 0 auto !important;
    overflow: visible;
    font-size: 52%;
    background: none !important;
    border: 0;
  }

  .progress,
  .controls {
    display: none;
  }

  .slide {
    position: static;
  }

  .slide-content {
    margin-top: 0;
    margin-bottom: 40px;
    height: 3.5in;
    overflow: visible;
    border: 1px solid #222;
  }

  .slide:nth-child(even) {
    /* 2 slides per page */
    page-break-before: always;
  }
}

  </style>
</head>
<body>
    <div class="progress">
    <div class="progress-bar"></div>
  </div>

  <div class="slide" id="slide-1">
    <section class="slide-content"><h1 id="wlan-sicherheit">WLAN-Sicherheit</h1>
</section>
  </div>
  <div class="slide hidden" id="slide-2">
    <section class="slide-content"><h3 id="inhalt">Inhalt</h3>
<ol>
<li>Einführung<ol>
<li>Funktionsweise von WLAN</li>
<li>Möglichkeiten zur Verschlüsselung</li>
</ol>
</li>
<li>Sicherheit von WEP<ol>
<li>Funktionsweise</li>
<li>Angriffe</li>
</ol>
</li>
<li>Sicherheit von WPA<ol>
<li>Funktionsweise</li>
<li>Angriffe</li>
</ol>
</li>
</ol>
</section>
  </div>
  <div class="slide hidden" id="slide-3">
    <section class="slide-content"><h3 id="funktionsweise-von-wlan">Funktionsweise von WLAN</h3>
<ul>
<li>Ein WLAN-Netzwerk besteht aus einer (oder mehreren) <em>Basisstation/-en</em> (Access-Point)
und mehreren <em>Clients</em> (Laptop, Smarthphone, Tablet, etc)</li>
<li>Clients bauen eine Verbindung zum Access-Point auf und authentifizieren sich ggf.</li>
<li>Nach erfolgreicher Authentifizierung ist der Client am Access-Point angemeldet und kann über das Netzwerk (TCP/IP) kommunizieren</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-4">
    <section class="slide-content"><h3 id="m-glichkeiten-zur-verschl-sselung">Möglichkeiten zur Verschlüsselung</h3>
<ul>
<li><p>Open (keine Authentifizierung)</p>
<ul>
<li>Wird meistens mit Portal-Seite/Captive-Portal kombiniert</li>
</ul>
</li>
<li><p>WEP (Wired Equivalent Privacy)</p>
<ul>
<li>Benutzt RC4 als Verschlüsselungs-Algorithmus</li>
<li>Unsicher</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-5">
    <section class="slide-content"><h3 id="m-glichkeiten-zur-verschl-sselung-fortsetzung-">Möglichkeiten zur Verschlüsselung (Fortsetzung)</h3>
<ul>
<li><p>WPA/WPA2 (Wi-Fi Protected Access)</p>
<ul>
<li>Benutzt auch RC4</li>
<li>Schlüssel wird in regelmäßigen Abständen neu erzeugt</li>
<li>Integrität von Paketen wird geprüft</li>
</ul>
</li>
<li><p>WPA2 (Wi-Fi Protected Access II)</p>
<ul>
<li>Verbesserung von WPA</li>
<li>Benutzt AES mit wechselndem Schlüssel (TKIP) oder AES</li>
</ul>
</li>
<li><p>WPA2-Enterprise</p>
<ul>
<li>Verwendet einen RADIUS-Server zur Authentifizierung mit Username und Passwort</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-6">
    <section class="slide-content"><h3 id="zus-tzliche-sicherungsm-glichkeiten">Zusätzliche Sicherungsmöglichkeiten</h3>
<ul>
<li><p>MAC-Adressfilter</p>
<ul>
<li>Blacklist</li>
<li>Whitelist</li>
</ul>
</li>
<li><p>ESSID verstecken</p>
<ul>
<li>macht es schwieriger das WLAN zu finden</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-7">
    <section class="slide-content"><h3 id="details-zu-wep">Details zu WEP</h3>
<ul>
<li><p>Mögliche Shlüssellängen (24-bit IV + Schlüssel)</p>
<ul>
<li>64-bit (40-bit)</li>
<li>128-bit (104-bit)</li>
<li>152-bit (128-bit) (manche Hersteller)</li>
<li>256-bit (232-bit) (manche Hersteller)</li>
</ul>
</li>
<li><p>Authentifizierungs-Modi</p>
<ul>
<li>Open-System (keine Authentifizierung nur Verschlüsselung)</li>
<li>Shared Key (Challenge-Response mit WEP-Schlüssel)</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-8">
    <section class="slide-content"><h3 id="sicherheit-von-wep">Sicherheit von WEP</h3>
<p><img src=wep.gif style="width: 40%; height: 40%"></p>
</section>
  </div>
  <div class="slide hidden" id="slide-9">
    <section class="slide-content"><h3 id="angriffe-auf-wep">Angriffe auf WEP</h3>
<ul>
<li>Shared Key Authentifizierung<ul>
<li>XOR-Angriff<ul>
<li>Access-Point schickt Challenge1</li>
<li>Client berechnet Ciphertext1=E(IV1,Challenge1)=Challenge1 &#8853; Keystream1</li>
<li>Client schickt IV1+Ciphertext1 zurück</li>
<li>Angreifer berechnet Challenge1 &#8853; Ciphertext1 = Keystream1</li>
</ul>
</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-10">
    <section class="slide-content"><h3 id="angriffe-auf-rc4-prng">Angriffe auf RC4 PRNG</h3>
<ul>
<li><p>ARP-Replay Angriff</p>
<ul>
<li>abgehörtes ARP-Paket wird an Access-Point zurückgesendet</li>
<li>Access-Point antwortet mit neue ARP-Paket und neuem IV</li>
<li>Solange wiederholen biss ausreichen IVs gesammelt wurden</li>
</ul>
</li>
<li><p>Nachdem ausreichend Pakete gesammelt wurden (500.000 - 6.000.000)</p>
<ul>
<li>PTW Angriff auf 40-bit und 104-bit Schlüssel</li>
<li>FMS/KoReK Angriff auf alles andere</li>
<li>beide Angriffe basieren auf statistischer Analyse des Schlüsselstroms</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-11">
    <section class="slide-content"><h3 id="sicherheit-von-wpa2">Sicherheit von WPA2</h3>
<ul>
<li><p>Verschlüsselung baut auf AES auf</p>
<ul>
<li>TKIP wird verwendet um den Schlüssel regelmäßigen zu ändern</li>
<li>PBKDF2 wird verwendet um den &quot;Master-Key-Hash&quot; aus Password und ESSID abzuleiten</li>
</ul>
</li>
<li><p>4-Way-Handshake</p>
<ul>
<li>Wird zum Schlüsselaustausch verwendet (nur der mit PBKDF2 berechnete &quot;Master-Key-Hash&quot; wird übertragen)</li>
</ul>
</li>
<li><p>WPS</p>
<ul>
<li>Anmeldung im WLAN mit 7 oder 8 stelligem PIN</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-12">
    <section class="slide-content"><h3 id="sicherheit-von-wpa-wpa2-mit-wps">Sicherheit von WPA/WPA2 mit WPS</h3>
<p><img src=wpa_wps.png style="width: 50%; height: 50%"></p>
</section>
  </div>
  <div class="slide hidden" id="slide-13">
    <section class="slide-content"><h3 id="angriffe-auf-wpa2">Angriffe auf WPA2</h3>
<ul>
<li><p>Deauth Angriff</p>
<ul>
<li>Authentifizierte Client könne durch Paket-Injektion vom Access-Point getrennt werden</li>
<li>beim Wiederverbinden kann der 4-Way-Handshake abgefangen werden</li>
<li>Knacken des Master-Key-Hashes mittels Bruteforce (kann sehr lange dauern)</li>
</ul>
</li>
<li><p>WPS</p>
<ul>
<li>WPS-PIN mit Bruteforce knacken (2x10000 an stelle von 10000x10000 möglichen PINS)</li>
<li>Pixiedust Angriff (funktioniert nicht immer)</li>
<li>Wenn Angriff erfolgreich ist kann der WPA-PSK ausgelesen werden</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-14">
    <section class="slide-content"><h3 id="angriffe-auf-wpa2-fortsetzung-">Angriffe auf WPA2 (Fortsetzung)</h3>
<ul>
<li>Evil-Twin-Angriff<ul>
<li>Eigenen Access-Point mit den selben Einstellungen wie der zu knackende AP erstellen</li>
<li>ggf Fake-Router-Konfigurations-Seite erstellen, welche nach WLAN-Password fragt</li>
<li>bei WPA2 Enterprise eigenen FreeRADIUS WPE (Wireless Pwnage Edition) Server aufsetzen</li>
<li>Dann Challenge-Response Abfangen und per Bruteforce knacken</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-15">
    <section class="slide-content"><h3 id="angriffe-auf-mac-filter">Angriffe auf MAC-Filter</h3>
<ul>
<li><p>MAC-Adress-Spoofing</p>
<ul>
<li>MAC-Adresse eines legitimen Clients kopieren</li>
<li>Eigene MAC-Adresse zu der kopierten ändern</li>
</ul>
</li>
<li><p>MAC-Adress-Bruteforce</p>
<ul>
<li>So lange MAC-Adressen ausprobieren bis man eine nicht blockierte Adresse gefunden hat</li>
</ul>
</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-16">
    <section class="slide-content"><h3 id="wie-kann-man-sich-sch-tzen-">Wie kann man sich schützen?</h3>
<ul>
<li>WPA2 benutzen</li>
<li>WPS abschalten</li>
<li>Ein starkes Passwort verwenden</li>
<li>Schauen ob man mit dem richtigen Access-Point verbunden ist</li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-17">
    <section class="slide-content"><h1 id="live-demo">Live Demo</h1>
<h2 id="angriff-auf-wep-netzwerk-via-arp-replay-und-ptw-angriff">Angriff auf WEP-Netzwerk via ARP-Replay und PTW-Angriff</h2>
</section>
  </div>
  <div class="slide hidden" id="slide-18">
    <section class="slide-content"><h1 id="fragen-">Fragen?</h1>
</section>
  </div>
  <div class="slide hidden" id="slide-19">
    <section class="slide-content"><h1 id="quellen">Quellen</h1>
<ul>
<li><a href="https://de.wikipedia.org/wiki/Wired_Equivalent_Privacy">https://de.wikipedia.org/wiki/Wired_Equivalent_Privacy</a></li>
<li><a href="https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access">https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access</a></li>
<li><a href="http://aircrack-ng.org/doku.php?id=aircrack-ng">http://aircrack-ng.org/doku.php?id=aircrack-ng</a></li>
<li><a href="https://de.wikipedia.org/wiki/Wi-Fi_Protected_Setup">https://de.wikipedia.org/wiki/Wi-Fi_Protected_Setup</a></li>
<li><a href="http://phreaklets.blogspot.de/2013/06/cracking-wireless-networks-protected.html">http://phreaklets.blogspot.de/2013/06/cracking-wireless-networks-protected.html</a></li>
</ul>
</section>
  </div>
  <div class="slide hidden" id="slide-20">
    <section class="slide-content"><div class="author">
  <h1 class="name">Daniel Seiller</h1>
    <h3 class="email">
      <a href="mailto:seiller@kph.uni-mainz.de">seiller@kph.uni-mainz.de</a>
    </h3>
</div>
</section>
  </div>



  <script type="text/javascript">
    /**
 * Returns the current page number of the presentation.
 */
function currentPosition() {
  return parseInt(document.querySelector('.slide:not(.hidden)').id.slice(6));
}


/**
 * Navigates forward n pages
 * If n is negative, we will navigate in reverse
 */
function navigate(n) {
  var position = currentPosition();
  var numSlides = document.getElementsByClassName('slide').length;

  /* Positions are 1-indexed, so we need to add and subtract 1 */
  var nextPosition = (position - 1 + n) % numSlides + 1;

  /* Normalize nextPosition in-case of a negative modulo result */
  nextPosition = (nextPosition - 1 + numSlides) % numSlides + 1;

  document.getElementById('slide-' + position).classList.add('hidden');
  document.getElementById('slide-' + nextPosition).classList.remove('hidden');

  updateProgress();
  updateURL();
  updateTabIndex();
}


/**
 * Updates the current URL to include a hashtag of the current page number.
 */
function updateURL() {
  window.history.replaceState({} , null, '#' + currentPosition());
}


/**
 * Sets the progress indicator.
 */
function updateProgress() {
  var progressBar = document.querySelector('.progress-bar');

  if (progressBar !== null) {
    var numSlides = document.getElementsByClassName('slide').length;
    var position = currentPosition() - 1;
    var percent = (numSlides === 1) ? 100 : 100 * position / (numSlides - 1);
    progressBar.style.width = percent.toString() + '%';
  }
}


/**
 * Removes tabindex property from all links on the current slide, sets
 * tabindex = -1 for all links on other slides. Prevents slides from appearing
 * out of control.
 */
function updateTabIndex() {
  var allLinks = document.querySelectorAll('.slide a');
  var position = currentPosition();
  var currentPageLinks = document.getElementById('slide-' + position).querySelectorAll('a');
  var i;

  for (i = 0; i < allLinks.length; i++) {
    allLinks[i].setAttribute('tabindex', -1);
  }

  for (i = 0; i < currentPageLinks.length; i++) {
    currentPageLinks[i].removeAttribute('tabindex');
  }
}

/**
 * Determines whether or not we are currently in full screen mode
 */
function isFullScreen() {
  return document.fullscreenElement ||
         document.mozFullScreenElement ||
         document.webkitFullscreenElement ||
         document.msFullscreenElement;
}

/**
 * Toggle fullScreen mode on document element.
 * Works on chrome (>= 15), firefox (>= 9), ie (>= 11), opera(>= 12.1), safari (>= 5).
 */
function toggleFullScreen() {
  /* Convenient renames */
  var docElem = document.documentElement;
  var doc = document;

  docElem.requestFullscreen =
      docElem.requestFullscreen ||
      docElem.msRequestFullscreen ||
      docElem.mozRequestFullScreen ||
      docElem.webkitRequestFullscreen.bind(docElem, Element.ALLOW_KEYBOARD_INPUT);

  doc.exitFullscreen =
      doc.exitFullscreen ||
      doc.msExitFullscreen ||
      doc.mozCancelFullScreen ||
      doc.webkitExitFullscreen;

  isFullScreen() ? doc.exitFullscreen() : docElem.requestFullscreen();
}

document.addEventListener('DOMContentLoaded', function () {
  // Update the tabindex to prevent weird slide transitioning
  updateTabIndex();

  // If the location hash specifies a page number, go to it.
  var page = window.location.hash.slice(1);
  if (page) {
    navigate(parseInt(page) - 1);
  }

  document.onkeydown = function (e) {
    var kc = e.keyCode;

    // left, down, H, J, backspace, PgUp - BACK
    // up, right, K, L, space, PgDn - FORWARD
    // enter - FULLSCREEN
    if (kc === 37 || kc === 40 || kc === 8 || kc === 72 || kc === 74 || kc === 33) {
      navigate(-1);
    } else if (kc === 38 || kc === 39 || kc === 32 || kc === 75 || kc === 76 || kc === 34) {
      navigate(1);
    } else if (kc === 13) {
      toggleFullScreen();
    }
  };

  if (document.querySelector('.next') && document.querySelector('.prev')) {
    document.querySelector('.next').onclick = function (e) {
      e.preventDefault();
      navigate(1);
    };

    document.querySelector('.prev').onclick = function (e) {
      e.preventDefault();
      navigate(-1);
    };
  }
});

  </script>
</body>
</html>