Q

WLAN security developments

Wireless LANs (WLANs) have been plagued by security problems ever since Fluhrer, Mantin Shamir published their paper illustrating how wireless security could be broken. I would like to ask about the problems with WLAN security at a general level and what developments are taking place to remove them? Fluhrer et al found that poor initialization vector (IV) implementations and key sequencing algorithms significantly reduced the traffic...

required for WEP cracking. Many products (particularly those sold to enterprises) have long since patched around that particular problem. Attackers can still crack WEP if the same WEP key is used long enough, but cracking now takes longer.

The next step was to eliminate static WEP keys. Products that implement proprietary methods for dynamic WEP key delivery have been available for quite some time. Those products are increasingly taking a back seat to implementations of the IEEE 802.1X standard for port access control with session key delivery. 802.1X shipped with Windows XP and is available for most Win32 operating systems. (To learn more, read this SearchNetworking article.) Attackers can still crack a long-running association that uses dynamic keys, but damage is limited to just that session, and refreshing the key can further reduce risk.

An underlying problem with WEP is that it uses an IV that's just too short to prevent keystream reuse, and keystream reuse leads to key cracking. Fixing the IV requires a new encapsulation - that's where the Temporal Key Integrity Protocol (TKIP) comes in. TKIP uses the same RC4 cipher as WEP, but derives per-packet encryption keys by mixing base keys with much longer IVs and the sender's MAC address. TKIP can receive its base key via 802.1X or by deriving it from a secret passphrase. By getting rid of the worst WEP flaw, TKIP makes key cracking much, much harder. Proprietary implementations of TKIP are available today (for example, from Cisco) and implementations certified by the Wi-Fi Alliance will be available around mid-year.

Additional security improvements are yet to come. The IEEE 802.11i standard will include a much stronger privacy protocol based on the Advanced Encryption Standard (AES), in addition to a final version of TKIP and 802.1X for key delivery and refresh. But don't expect to see 802.11i products until next year, in next-generation hardware.

This was first published in April 2003

Dig deeper on Wireless LAN Implementation

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close