Wireless LANs (WLANs) have been plagued by security problems ever since Fluhrer, Mantin Shamir published their...
paper illustrating how wireless security could be broken. I would like to ask about the problems with WLAN security at a general level and what developments are taking place to remove them? Fluhrer et al found that poor initialization vector (IV) implementations and key sequencing algorithms significantly reduced the traffic required for WEP cracking. Many products (particularly those sold to enterprises) have long since patched around that particular problem. Attackers can still crack WEP if the same WEP key is used long enough, but cracking now takes longer.
The next step was to eliminate static WEP keys. Products that implement proprietary methods for dynamic WEP key delivery have been available for quite some time. Those products are increasingly taking a back seat to implementations of the IEEE 802.1X standard for port access control with session key delivery. 802.1X shipped with Windows XP and is available for most Win32 operating systems. (To learn more, read this SearchNetworking article.) Attackers can still crack a long-running association that uses dynamic keys, but damage is limited to just that session, and refreshing the key can further reduce risk.
An underlying problem with WEP is that it uses an IV that's just too short to prevent keystream reuse, and keystream reuse leads to key cracking. Fixing the IV requires a new encapsulation - that's where the Temporal Key Integrity Protocol (TKIP) comes in. TKIP uses the same RC4 cipher as WEP, but derives per-packet encryption keys by mixing base keys with much longer IVs and the sender's MAC address. TKIP can receive its base key via 802.1X or by deriving it from a secret passphrase. By getting rid of the worst WEP flaw, TKIP makes key cracking much, much harder. Proprietary implementations of TKIP are available today (for example, from Cisco) and implementations certified by the Wi-Fi Alliance will be available around mid-year.
Additional security improvements are yet to come. The IEEE 802.11i standard will include a much stronger privacy protocol based on the Advanced Encryption Standard (AES), in addition to a final version of TKIP and 802.1X for key delivery and refresh. But don't expect to see 802.11i products until next year, in next-generation hardware.
Dig Deeper on Wireless LAN Implementation
Related Q&A from Lisa Phifer
Understanding the functions of a wireless access point vs. wireless router will help you deploy the right device for the right circumstance.continue reading
Learn the difference between a site-to-site VPN and a remote-access VPN, as well as the protocols used for each one.continue reading
Need to send an email, check your flight's status or get ready for a presentation? You can do it all on your smartwatch, thanks to a slew of Apple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.