Security in Wireless Local Area Networks
Basic Idea WLAN coverage has a radius of around 100 m typically. This covers several rooms or a small company with a few offices. Of course, actual coverage depends on where it is deployed, the material in the walls, the frequency range, other nearby radio sources, etc. WLANs offer a cheap alternative to running a wire to every office, allowing fast installation.
Many wireless access points (see below) work directly “out of the box,” requiring no configuration. The user simply plugs them into the network and a power outlet, and they work. The downside is that most devices default to being very open, with most security features disabled; these features often are overlooked for an “out of the box” installation. In addition, the users may not know that some of the security features are either limited or flawed.
The wireless station (WS) is the remote or mobile unit. The access point (AP) or base station is the non mobile unit that connects the wireless network into a wire-based network. The AP acts as a bridge or router and usually has some protection mechanisms built in. 802.11 networks can be organized in two different ways: infrastructure or ad hoc.
A basic service set (BSS), identified by a 6-byte string, is a network formed by an AP and the wireless stations that are associated with it. An extended service set (ESS) is two or more BSSs that form a single logical network. As they move, wireless stations can switch seamlessly from one AP to another with no disruption of service. The APs coordinate the handoff among themselves, generally via an Ethernet connection.
Wireless Alphabet Soup 802.11a is a physical-layer standard that uses orthogonal frequency division multiplexing (OFDM) in the 5-GHz band, supporting speeds from 6 to 54 Mbps. 802.11a offers the highest speeds currently, although the range for the highest speeds I limited, and transmission rates drop to slower speeds beyond a short distance. 802.11a has leap-frogged over 802.11b as the fastest 802.11 technology available, having a maximum speed of 54 Mbps. However, it faces competition from 802.11g, which provides similar speeds but with better signal propagation than 802.11a and is compatible with (soon to be legacy) 802.11b cards.
802. 11b uses DSSS in the 2. 4-GHz range to achieve faster speeds of 5 802.11b uses DSSS in the 2.4-GHz range to achieve faster speeds of 5.5 and 11 Mbps using complementary code keying (CCK) and is widely deployed. Wired-equivalent privacy (WEP) is the scheme to provide data protection. 802.11b is currently the most widely deployed version of 802.11 cards for home and business but this will change rapidly as 802.11a and 802.11g become more widely available and less expensive.
802.11c provides required information to ensure proper bridging operations and is used when developing APs.
802. 11d provides “global harmonization 802.11d provides “global harmonization.” It defines physical-layer requirements to satisfy the different regulatory organizations in different parts of the world, e.g., United States, Japan, and Europe. This includes both the 2.4- and 5-GHz bands and only affects those developing 802.11 products.
802. 11e extends the MAC layer of 802 802.11e extends the MAC layer of 802.11 to provide quality-of-service (QoS) support for audio and video applications. These MAC-level changes will affect all 802.11 operating frequencies (i.e., 2.4 and 5 GHz) and will be backwards-compatible with the existing protocol.
802.11f defines a standard so that different APs can communicate with each other. This “inter access point protocol” will allow wireless stations to “roam” from one AP to another. Currently, 802.11 defines no standard, so each vendor can create its own incompatible means to implement roaming.
802. 11g specifies a higher-speed extension to the 2. 4- GHz band. 802 802.11g specifies a higher-speed extension to the 2.4- GHz band. 802.11g extends 802.11b to support up to 54 Mbps. 802.11g uses OFDM rather than DSSS. Essentially, 802.11g is designed to make 802.11b compete with the bandwidth of 802.11a.
802. 11h provides “spectrum-managed 802 802.11h provides “spectrum-managed 802.11a” to address the requirements in Europe for use of the 5- GHz band. The functions provided include dynamic channel selection (DCS) and transmit power control (TPC), which will help to prevent any interference with satellite communications. 802.11h eventually will replace 802.11a.
802.11i standardizes MAC enhancements for 802.11 security. It is designed to address the problems and shortcomings of WEP, incorporating 802.1x and stronger encryption techniques, such as the advanced encryption standard (AES), the follow-on to DES. 802.11i updates the MAC layer to provide security for all 802.11 protocols.
802.11j addresses 4.9- to 5.0-GHz operation in Japan (group formed on November 2002). 802.11k defines and exposes radio and network information to facilitate the management and maintenance of a wireless and mobile LAN. Also, it will enable new applications to be created based on this radio information, such as location-enabled services.
Wired-Equivalent Privacy (WEP) WEP is the security scheme provided with 802.11b. Since wireless communication presents an easy target for casual eavesdropping. WEP was designed to raise the baseline security level to be comparable with standard wired Ethernet. Sniffing packets off a wired network requires a user to physically tap into the network; the WEP designers wanted to make sniffers go through a similar level of effort to get similar information from a wireless network.
WEP goals WEP was designed originally to support a few criteria. First, it had to be “reasonably strong.” Second, it had to be self-synchronizing. Stations must be able to resynchronize with the AP without requiring user intervention, such as a password, because the stations may go in and out of coverage frequently. Third, it must be computationally efficient so that it can be performed in either hardware or software because some processors may be low-power, low-speed devices. Fourth, it had to be exportable. Although the United States relaxed some of the encryption restrictions in January of 2000 as part of the “Wassenaar arrangement,” [wassenaar] other countries still tightly restrict encryption technology.
WEP consists of a secret key of either 40 or 104 bits (5 or 13 bytes) and an initialization vector (IV) of 24 bits. Thus the total protection, as it is sometimes called, is 64 or 128 bits (often mistakenly referred to as 64- or 128-bit “keys” even though the keys are 40 or 104 bits). The key plus the IV is used to seed an RC4-based pseudorandom-number generator (PRNG). This sends a stream of pseudorandom numbers that is XORed with the data stream to produce the ciphertext. In addition, an integrity check value (ICV) indicates if the data stream was corrupted. The ICV is a simple CRC-32 checksum.
WEP data frame The WEP data frame, consists of an IV of 4 bytes, the data or protocol data unit (PDU) of 1 or more bytes, and the ICV of 4 bytes. The IV can be further divided into 3 bytes (24 bits) of the actual initialization vector plus 1 byte that uses 2 bits to specify a key and 6 bits of padding. With the 2 bits, the device can store up to four different secret keys (recall that the keys are not transmitted but are local to the device).
WEP encryption Compute the ICV using CRC-32 over the plaintext message. Concatenate the ICV to the plaintext message. Choose a random IV and concatenate it to the secret key, and use it as input to the RC4 PRNG to produce the pseudorandom key sequence. Encrypt the plaintext and the ICV by doing a bitwise XOR with the key sequence from the PRNG to produce the ciphertext. 5. Append the IV to the front of ciphertext.
WEP authentication
The wireless station (WS) sends an authentication request to the AP. The AP sends a (random) challenge text T back to the WS. The WS sends the challenge response, which is text T, encrypted with a shared secret key. The AP sends an acknowledgment (ACK) if the response is valid and a NACK if it is invalid.
WPA Wi-Fi protected access (WPA) was created as an interim measure to increase the security of 802.11b networks. Recognizing that WEP has too many flaws but that it will still be some time before the IEEE adopts the 802.11i protocol for security. Instead of 40-bit keys, as used in WEP, WPA uses 128-bit keys for encryption and hashing to generate new “random” keys for each use. This key protocol is called the Temporal Key Integrity Protocol (TKIP). The Extensible Authentication Protocol (EAP) allows network administrators to select the method to use for authentication, such as biometric.
Encryption protocols The Temporal Key Integrity Protocol (TKIP) and the Counter Mode with CBC-MAC Protocol (CCMP) are two encryption algorithms supported by the 802.11i standard. TKIP. is a short-term fix for the weaknesses of WEP that maintains compatibility with existing hardware. TKIP requires four new algorithms: a message integrity code (MIC) called “Michael”; IV sequencing, a new per packet key construction; and a key distribution. TKIP was designed to fix the biggest flaws in WEP and provide protection against collision, weak key, forgery, and replay attacks.
TKIP extends the 24-bit IV to 48 bits, referred to as the TKIP sequence counter (TSC). While WEP never specified how often the IV should change, TKIP requires that the TSC be updated with every packet. The TSC is constructed from the first and second bytes of the WEP IV and adds 4 extra bytes as the extended IV. The initialization vectors are now required to be a strictly increasing sequence that starts at 0 when the base key is set.