Print
Discuss
Send to friend
RSS feedsWEP wireless security has been frequently compromised, but how vulnerable are its replacements?
Wireless Equivalent Privacy (WEP) offers protection against casual eavesdroppers using packet sniffers. However, the security it provides is weak for a number of reasons, most notably that it uses shared static keys of fixed lengths. This means that cracking it is a relatively simple matter of collecting enough packets to determine the key by brute force.
Several proprietary alternatives were offered, such as key hopping, which changed the WEP key every few seconds. This made it a great deal harder for crackers to keep up, as they would typically need several minutes-worth of packets with the same key.
The IEEE's response is a security standard called 802.11i, which has been developed around the existing 802.1x specification for port-based user and device authentication. The 802.11i process includes Wi-Fi Protected Access (WPA) and Robust Security Network (RSN).
WPA is a subset of 802.11i that focuses on fixing WEP's weaknesses via rekeying and key mixing functions, and other improvements on the encryption side. It also uses 802.1x and the extensible authentication protocol (EAP), based on a central authentication server such as Radius.
In theory at least, all this should avoid the need for VPNs. In addition, some existing WLAN hardware will be upgradable to WPA. However, some legacy devices will not be WPA-compatible, and it is not clear yet whether it will be practical to run the necessary keying and encryption software on less powerful clients, such as PDAs.
So does that mean companies should wait for 802.11i devices to be released?
Not necessarily - WPA fixes the vulnerabilities in WEP that made the latter unsuitable for use by businesses, and more significantly it should work for numerous legacy devices.
However, the future of wireless security is 802.11i and RSN, which uses dynamic negotiation of authentication and encryption algorithms between APs and mobile devices. It too is based on 802.1x and EAP, with the addition of the Advanced Encryption Standard (AES) privacy algorithm, which supports key lengths up to 256 bits.
Dynamic negotiation will let RSN evolve as new algorithms are developed, and will make it significantly stronger than WEP and WPA, with equivalent security to IPSec. The snag is that legacy clients and APs are unlikely to have the hardware needed to accelerate those algorithms and provide acceptable performance.
GLOSSARY
802.11a 54Mbit/s wireless Ethernet operating in the 5GHz band
802.11b The industry standard - 11Mbit/s wireless Ethernet operating at 2.4GHz
802.11e Defines quality-of-service for WLANs, to support voice over IP, for example
802.11g Successor to 802.11b, providing up to 54Mbit/s at 2.4GHz
802.11h A supplement to 802.11a to make it meet European regulations on 5GHz WLANs
802.11i Wireless security standard, of which WPA is a subset
802.11j The Japanese equivalent of 802.11h
802.11n A proposed spec to double the speed of 802.11a/g WLAN equipment expected in 2006
802.15 A standard for personal area networks, based on Bluetooth
802.16 Specifications for fixed-wireless broadband
802.16a Also called WiMax, can transfer up to 70Mbit/s over as much as 30 miles
802.20 Proposal for 1Mbit/s wireless metropolitan area networks
802.1x Authentication scheme based on EAP (Extensible Authentication Protocol)
WEP Wired Equivalent Privacy, uses static encryption keys
WPA Wireless (or Wi-Fi) Protected Access, a WEP replacement that uses rotating keys
RSN Robust Security Network, a WPA replacement built on 802.1x and the Advanced Encryption Standard.
del.icio.us
Digg this
reddit!
