The Tech + Photo Blog

Early 20th century inventor Guglielmo Marconi sure thought he had a grip on wireless security, stating in an interview with Time Magazine that “Ordinary wireless waves spray their messages… the beam system directs them, gaining privacy…”

That was in 1927.

Today there are terms, algorythms, standards, and acronyms galore; wireless network security seems like endless string of these things.

I’m currently co-authoring a book on wireless security that is due out in the next several months. To help tout its awesomeness, I think it’s about time for some geeky wireless security goodness. To kick things off, here’s a little primer from me on wireless standards.

The Evolution of Wireless Standards and Technology

The basis of secure wireless has its roots in a technology known as spread spectrum. This technology was primarily developed and used by the U.S. Navy for secure wireless radio transmissions. The idea then was the same as it is today, that is to spread wireless traffic over a large area so that:

1. It appears as RF noise to anyone who is not looking for it and
2. Is less susceptible to signal jamming
3. Can be secured and sent in privacy using random keys or codes

Years after its initial development and use as a government tool, spread spectrum became declassified and thus publicly available. The spread spectrum Radio Frequency (RF) space eventually became standardized in 1997 through the Institute of Electrical and Electronics Engineers (IEEE) standards organization. Even after the standard is introduced, there still exists a fundamental flaw in that wireless traffic is treated the same as LAN traffic. This treatment mis-steps on the fact that, unlike wired LAN, wireless transmissions are susceptible to interception by those who are listening.

Although the spread spectrum basis for 802.11 wireless makes traffic look like white noise to those who aren’t looking, the problem is that many people are looking. The tools for wireless sniffing are not only very advanced and relatively simple to operate, they are available in force and by the plethora.

After the IEEE standardization of wireless spectrum, the 802.11a/b standard is presented as the first ratification for commercial and personal use. Along with the a/b standard comes the first encryption mechanism, Wired Equivalency Protection (WEP). Because the realization comes relatively quickly this new spread spectrum adaptation isn’t sufficiently secure on its own, WEP is seen as a quick fix and almost immediately proved to be inherently flawed at its most basic level. The weakness has to do mostly with the Initilization Vector (IV) key and its susceptibility of being quickly cracked.

The fix to WEP’s problems comes in two phases, the first of which is Wi-Fi Protected Access (WPA). The new WPA security implements a Temporal Key Integrity Protocol (TKIP) to dynamically change keys, making it statistically impossible to recover a key through the methods used in previous WEP attacks. In addition to key enhancements, the WPA standard also implements stronger packet protection through the Michael algorithm, making it more difficult to forge wireless packets. The algorithm does its job well, however the result is that it will bring the network to a momentary halt if it detects forged packet attempts. So essentially, instead of a network security breach, we ended up with a self-imposed wireless Denial of Service (DoS) attack. Nice going Michael.

Although it is more secure than the standard it replaces, WPA is meant only as a temporary upgrade to the existing WEP infrastructure.

Today, with WPA2 and the 802.11i wireless security standard comes an Advanced Encryption Standard (AES) derived security mechanism called Counter Mode with Cipher Block Chaining Message Authentication Code (CCMP). Yeah, don’t try and memorize that one. Although CCMP is the actual algorithm used, this type of wireless security is usually referred to simply as “AES”, possibly because that last term is just such a mouthful.

Completely different from the old WEP and WPA-TKIP standards, the new AES encryption is implemented as a block cipher. The new authentication technology is also completely extensible, allowing interface with virtually any backend authentication method.

It is important to note that, unlike 802.11a/b/g/n, 802.11i is a set of changing standards for wireless security that can be applied to the former. When 802.11i is mentioned in this book, and others, it is usually referring to the latest Wi-Fi security standards of the time.

As part of the newest 802.11i standard, separation of wired and wireless networks is also achieved. Wireless LANs (WLANs) are treated as a separate entity from the LAN, with security options tailored to the specific needs of the wireless medium. The movement from thinking about WLANs as just another network, to thinking about them as a compartmentalized part of the network puzzle is finally being fully realized. Now that the necessity for separate treatment is recognized by the standards organization, such changes need to be echoed just the same in your network security plan.

-PL

Popularity: 45% [?]