The IEEE 802.11w wireless encryption standard builds on the 802.11i framework to protect against subtle attacks on wireless LAN (WLAN) management frames. It will increase the confidence of network managers that applications such as wireless VoIP can be depended upon to provide adequate call quality and availability while ensuring wireless security.
The need for strong encryption and authentication for wireless LAN data was recognized as early as 2000. The result was the IEEE 802.11i protocol, completed in 2004.
IEEE 802.11i protects data frames, but management frames are transmitted with no encryption or authentication. Recognizing this deficiency, the IEEE 802.11w committee was formed and began work in 2006. The committee is currently reviewing the proposed standard, which it expects to become final in mid-2009.
Lack of protection for management frames was not a major problem in early WLAN implementations. A hacker could send out Disassociate or Disauthentication frames to knock stations off the network, but there was little information in management frames to permit serious damage. Re-associating was a quick process as long as the original WEP security standard remained in use.
Protecting management frames becomes essential
Hacker attacks are now a more serious problem. Restoring association and authentication with 802.11i requires a more complex and time-consuming process than with WEP. Even more important, WLANs have evolved beyond simply carrying email and Web screens.
Applications such as wireless VoIP and wireless video have required additional IEEE standards. Now, management frames carry critical information governing network and application performance.
Recent WLAN standards depend upon secure management frames
IEEE 802.11e, finalized in 2005, was developed to address differing application Quality of Service (QoS) characteristics. For example, VoIP and email have very different requirements for guaranteed latency and bandwidth. The IEEE 802.11e standard defines management frames that APs use to declare supported classes of service. Stations respond with their QoS requirements.
Since management packets are currently not encrypted, a hacker can learn the parameters governing operation of the network, the identity of the stations and the requirements of each.
Without management frame authentication, a hacker can send frames masquerading as those from a legitimate station or AP, attacking a specific station by reducing its access to the network or disrupting network operation by sending packets changing network parameters.
Radio frequency information critical to WLAN operation
The recently finalized IEEE 802.11k standard defines a set of measurements of the radio frequency environment and a set of management frames used to carry this information between APs and stations.
Work continues on a companion standard, 802.11v. It will specify how measurements specified by 802.11k can be used to improve network performance. Stations can learn traffic load on nearby APs and move to a less loaded one. APs and stations can negotiate transitions to alternate channels to reduce congestion or avoid noise from portable phones or microwave ovens. Newly defined management frames enable stations to extend sleep periods and conserve battery power by reducing the frequency of AP transmissions.
Unprotected 802.11k and 802.11v frames provide multiple avenues for attack. Stations can be directed to heavily used APs, leaving other APs free to carry the hacker's traffic. Stations can be put to sleep for long periods of time. The 802.11w committee views its work as critical for the success of 802.11k and 802.11v.
IEEE 802.11w builds on the 802.11i framework
The 802.11w committee has based the proposed standard on the AES-CCMP algorithm used by 802.11i. The committee considered use of TKIP but rejected it because it does not protect the entire packet. In addition, the committee was concerned that advances in CPU speed and encryption technology would soon make TKIP vulnerable.
AES-CCMP provides encryption and authentication to unicast packets. Broadcast packets present a more difficult problem. Contents cannot be encrypted since stations that have not been upgraded to support 802.11w must still be able to receive broadcasts. Instead, the standard inserts a new information element that includes sequencing to prevent replays and a message authentication code to detect forgeries.
Limitations of the standard
802.11w will not be able to prevent all denial-of-service attacks. It is impossible to encrypt or authenticate the Associate request and response or the key exchange sequence since these packets are all exchanged prior to the establishment of the trusted relationship between the AP and station. A hacker can bog down an AP with rapid Associate and Authenticate requests, but use of 802.11i will prevent him from gaining access to the network.
IEEE 802.11w will prevent attacks such as those of a legitimate network user who would like to improve the speed of his connection. Without 802.11w, he could intercept and modify management packets sent to other stations. He could downgrade the QoS parameters of other stations or transition them away from the AP his station uses. Any of these methods would reduce competing traffic and improve his access.
While not preventing all attacks, 802.11w will prevent these more subtle attacks. It will increase the confidence of network managers that applications such as wireless VoIP can be depended upon to provide adequate call quality and availability.
About the author:
David B. Jacobs of The Jacobs Group has more than 20 years of networking industry experience. He has managed leading-edge software development projects and consulted to Fortune 500 companies, as well as software startups.
