Wireless Security
Background.
By design, wireless is inherently vulnerable when it comes to security.
Think about transmitting information between a client and an AP through
radio waves. It should make sense that other people could easily
pick up the signal. This is even more true since APs and clients
broadcast their packets by design. Many people are very suspicious and concerned about wireless due to its security vulnerabilities. I've seen very little evidence that their concerns are unfounded. One should also always remember that improving security is going to come at some costs of operating overhead. Considering that wireless bandwidth is not all that great in the first place, you should assume that the better the security approach, the more it impacts bandwidth availability. Yet, security measures do exist that convince many security professionals. But, wireless implementations are not for the careless! WEP. Standard wireless security is based on something called WEP - Wired Equivalent Privacy. It is very reasonable to look at WEP as the first line of defense. WEP encryption scrambles the radio communication between wireless devices to keep the communication private. Communicating devices use the same WEP key to encrypt and decrypt radio signals. WEP keys are used to encrypt both unicast and multicast messages. Remember, unicast messages are addressed to just one device on the network. Multicast messages are addressed to multiple devices on the network. But even Cisco's website states the following about WEP.
This can even be done with software that is widely available such as Kismet and AirSnort. So unless you have implementations where you have almost no concerns about intelligent outsiders tapping into your wireless transmissions you need to do something more than make use of WEP. Improvements on WEP. Due to the necessities, you should expect that improvements over WEP exist. I will survey some of the things that Cisco has implemented in addition to some IEEE specifications. You can surely assume that other networking device producers have their own solutions. At present, I am unsure what has become universal standards, but most of these are likely to have already become modified and propagated. To be honest, much of what I am writing is quite "borrowed" from Cisco's website. EAP - Extensible Authentication Protocol does what you'd likely expect the next likeliest improvements to be over WEP. EAP provides dynamically changing WEP keys to wireless devices. This way someone is not nearly as capable of breaking in and discovering particular WEP keys that don't change. From Cisco's website.
So, this at least makes the hurdles for a cracker considerably more involved! This sort of approach seems to have been built into some of the IEEE 802 specifications which we will discuss in another section. But, this doesn't get around the fact that people have purchased devices based on WEP and want to make sure they can still use them. One approach, again taken from Cisco's website is
Obviously, other approaches exist, but this should give you some sense that wireless device developers aren't pretending there are not difficulties with wireless security. Something else that can be selected an has impact on the quality of encryption and keys is the number of bits that need to be decoded/encoded within WEP security. For example, some have 40 bit encryption, others have 128 bit encryption. 802.1x Framework. The IEEE 802.1x control protocol makes use of a number of authentication algorithms based on EAP. We have actually only illustrated one implementation supported by Cisco on its wireless devices. EAP was originally developed for authenticating dial up PPP - Point to Point connections. It has been extended and upgraded to deal with more situations. Cisco's terminology is actually quite limited in comparison to what the acronym means within the IEEE specs. In general, EAP has been developed as a fairly flexible framework to support authentication, negotitate security parameters and deliver session keys for things like
Some authors characterize EAP as providing an envelope for a sender and receiver to handle authentication. How the envelope is created depends on the methods selected. Generally, EAP messages are sent to a back-end authentication server, maybe even a RADIUS server. This authentication server chooses the appropriate authentication method and requests/requires a client to transmit the appropriate credentials to greatly increase the chances the client is who they claim. For example, Cisco's Aironet devices, support a variety of 802.1x authentication algorithms including the following.
|