IEEE 80211 Security - Research Paper Example

?IEEE 802.11 Introduction to IEEE 802.11: Wireless communication has become one of the most popular technologies in the last several years. It becameso popular among the users and businesses. The flexibility, mobility, portability, and scalability are the most advantages that are generated from using wireless local area networks. No need for cables to connect to the network anymore which exists in the traditional wired local area networks. The Institute of Electrical and Electronics Engineers (IEEE) developed and released first wireless standards in 1997. The purpose of the wireless local area network was to provide the same communication services were provided by wired LANs but through the wireless technology. Wireless uses radio waves in the transmission. Wireless LAN deals with two lower layers of the Open System Interconnection (OSI) which are the physical and data-link layers. I will briefly discuss three physical specifications of the physical layer: 802.11b: 802.11b was released in 1999 and uses DSSS that provide higher bit rate. The transmission of the data can reach 11 Mbps. It operates in 2.4 GHz range. 802.11a: 802.11a was released in 2001 and uses OFDM. The transmission of the data can reach 54 Mbps. It operates in 5 GHz range 802.11g: 802.11g uses OFDM. The transmission of the data can reach 22 Mbps. It operates in 2.4 GHz range. (21) IEEE 802.11 Security: 7 Wired Equivalent Privacy (WEP): IEEE released Wired Equivalent Privacy protocol what is known as WEP for the security 802.11 standard in 1990 (15) .WEP was designed to make the communication through wireless safe and secured as much as it is in the wired local area network. WEP provides authentication and confidentiality to the security of the wireless network (21). WEP was developed on the base of RC4 stream cipher. In the encryption and decryption the same secret key must be used (1). The wireless device and the access point must have the same secret key (4). All stations in the network must have the same shared or secret key (15). This paragraph discusses the functionality of WEP. (13) When the wireless device first joins the network, the device should be authenticated first in order to use the network. The purpose of the authentication is to only allow certain devices to join the network which only those devices know the secret key. The process of WEP authentication is as shown in the figure: Retrieved from VoCAL (2012). The figure is taken from this website: http://www.vocal.com/secure-communication/wired-equivalent-privacy-wep/ 1. The authentication is sent from the wireless station to the access point. 2. The access point responds with challenge text sent to the wireless station. 3. The wireless station encrypts the challenge text and then sends it to the access point. 4. Finally, “If the access point can decrypt the authentication request and retrieve the original challenge text, then it responds with an authentication response that grants the client access” so the secret key in both sides should match each other. (11) The encryption of the data that are transferred between the wireless station and the access point in the WEP uses RC4 stream cipher. The process of WEP encryption is as shown in the figure: WEP uses CRC for the data integrity. WEP performs CRC (Cyclic Redundancy Check) checksum operation on the plaintext and generates CRC value. This CRC value is concatenated to the plaintext. The secret key is concatenated to the Initialization Vector (IV) and fed into the RC4. Based on the secret key and IV, RC4 generates key stream. The key stream and plain text + CRC message is XOR'ed together. The result is the cipher text. The same Initialization Vector that was used before is pre pended in clear text to the resultant cipher text. The IV + Cipher text along with the frame headers are then transmitted over the air. (13). The shared key in WEP never changes again, and it is used for authentication and encryption which is the problem (13). WEP problems: The major problem in WEP in terms of security is that the wireless transmission can be attacked. “Each attack depends upon the ability of the attacker to monitor 2.6 GHz radio frequencies and translate the 802.11 physical layers into human readable form”(1).The attacker can decrypt the information that has been transferred between the wireless device and the access point. Also, the attacker can attack the transmission and inject it with forged information. The attacker needs the right tools to crack the transmission. (21) States that the attacker can decrypt the traffic or inject traffic after being able to monitor and analyze considerable amount of traffic. (55) Said the WEP uses 40-bit key size for the encryption which is small and cannot handle the attacks. (15) States that WEP has some designing weaknesses, and “Key distribution method” was not as effective as it should be. Wi-Fi Protected Access (WPA): (54) defines WPA as “Wi-Fi Protected Access is a wireless encryption standard based on a subset of IEEE 802.11i that replaces WEP”. Wi-Fi protected access was released in 2003 (51). (3) Wi-Fi protected access was released after WEP to fix the security issues that were found in WEP by introducing two new technologies which are Temporal Key Integrity Protocol(TKIP), and Advanced Encryption Standard (AES) algorithm. (15) says “The TKIP protocol uses the original RC4 encryption algorithm that was also used by WEP but adds a mixing function that creates per-frame keys to avoid the weak-key attacks on WEP”. (53)WPA was designed to overcome all the vulnerabilities that were in the WEP, and to ensure no attacks to the network anymore. (54) The main purpose of the WPA is to ensure that only authorized users can have access to the wireless network and the users can transmit their data and not worry about the security which WPA provide high level of protection to the transmitted data. Organizations, which used the 802.11i standard, have become more popular, as ease of use and low cost also contributed towards the popularity of the standard. WPA authentication: WPA authentication works when the user tries to connect to the access point. The access point does not allow any user to connect to the network without the user been authenticated. “The user provides credentials which are communicated to the authentication server. The authentication process is enabled by the IEEE 802.1X/EAP framework. With EAP, IEEE 802.1X creates a framework in which client workstations and the authentication server mutually authenticate with one another via the AP”. Authentication process allows only authenticated users to access to the network. Pair wise Master Key (PMK) is generated only when authentication server check the user’s credential. Then, TKIP is established between the wireless device and the access point through the use of the 4-way handshake (51). WPA Encryption: TKIP is used to replace the WEP encryption which has many security problems. (51) In the WEP protocol a static encryption key was applied which was a small and caused some problems. In the WAP protocol, TKIP provides the network with 128 bit per-packet dynamic key for the encryption which is stronger than the one in the WEP. So the encryption key is generated dynamically. Message Integrity Check (MIC) was also another service was provided by the WPA and its main purpose is to protect the data packet from any attack. For the implementation of TKIP, only firmware or software upgrade is needed. TKIP functions as changing the temporal keys for every 10000 packets. The dynamic distribution of the temporal keys leaves room for hackers in cracking the TKIP key. TKIP is considered stronger than the WEP encryption, but most of the people also agree that this TKIP must be the interim solution as it uses the RC4 algorithm (50). After the user has been authenticated to the network a pair-wise key is generated from authentication server that uses 802.1X for the generation of the key. TKIP keeps generating a pair-wise key for “every data packet” dynamically. WPA Security: On investigating the weaknesses in the WEP, IEEE started to design and develop a new protocol for the replacement of the WEP. This standard was called as the 802.11i standard. The core reason behind the development of this new standard was the provision of a quick solution to legacy equipments including the clients and access points. This standard was based on the new software, but incorporated in the features of WLAN products. This new standard addressed the two important drawbacks of the WEP standard. The shortfall were as the weaknesses in the design of the WEP protocol, and key distribution procedure was not effective (15). (16) analyzed the Wireless network standard 802.11i, and considered the features like data integrity, availability, mutual authentication and data confidentiality. On its comparison with previous security protocols of wireless networks, the 802.11i provides key management and satisfaction. It is also studied that 802.11i protocol does not emphasize on the availability, and the possibility of Denial of Service (DoS) attack is present. Prior to development of this standard various DoS attacks in the network layer (physical layer) were vulnerable, and also appeared the DoS attacks more severe because of several reasons. However, the DoS attacks appear to be stronger as an adversary launches the 802.11i attack that is easier than physical layer attack. A network administrator cannot detect the DoS attacks very easily, and layer abstraction is not emphasized. Then again 802.11i standard is used in the way to resist the attacks of DoS. It is required in the future to strengthen the 802.11i and make it more robust against DoS attacks. WPA Benefits: WPA protocol has generated many benefits. WPA applies many security technologies that improve the wireless security such as EAP, and pre-shared keys. The access control becomes stronger through the use of authentication. Investment on such standards is minimal as compared to the benefits. WPA improved the security by using data integrity. WPA uses the 802.1x for authentication in the standard WEP 802.1x for both wireless and wire networks Mutual authentication between access points and users is viable by using WPA The way of mutual authentication using the 802.1x comprises of the different steps. (50). WPA improved data encryption through the implementation of the Temporal Key Integrity Protocol. The implementation of the WPA ensures high security level of the network. Data movement inside the network is safe, and no users can access to the network unless authenticated users. Use of WPA is both at personal as well as commercial level. It is used for small offices and domestic authentication, where it does not follow the pattern of WEP. WPA provides the mutual authentication and does not use the air as a medium for key transmission. On a commercial level, the authentication server 802.1x controls the security for the users, and data traffic over the network. Authentication in commercial network is controlled by the 802.1 xs + EAP, and it replaces WEP with an advanced encryption known as TKIP. WPA permits a very complex on the given TKIP (Temporal Key Integrity Protocol). TKIP is also assisted by the Message Integrity Check (MIC) that functions avoiding the bit flipping attack by using the hash technique (2). WPA is the enhancement of the WEP that introduces the AES and TKIP. There are three main components of the WPA as 802.1 xs, MIC and TKIP. WPA does not use the main key for encryption purposes and replaces the group keys or session keys. Why WPA does reuse the WEP protocol? The cryptographic job is hard coded in the interface of the Hardware, which is not upgraded. Due to this limitation, TKIP uses the Stream cipher of the RC4 by making changes in the way of shared secret key. This technique minimizes the exposure from the use of secret key (4). Lack of budget and IT staff is a major issue for homes and small offices’ networks. WPA recognized this issue, and offered the advantages of the WPA security by using passwords or Pre shared keys (PSK). PSK is similar to TKIP encryption for key management and key distribution per packet. PSK is useful for small home based, or office networks where password is entered manually for customers or clients’ devices, and access points. However, home based or office network can be upgraded only purchasing the WPA-enabled equipments. They need to upgrade their APs with new WPA software, and also interfaces of the WLANs with WPA software (53). WPA technology is more accessible by municipalities, because WPA is inexpensive for operations and deployment. WPA Challenges and Issues: While WPA has many benefits in terms of security, it has other challenges that we should be aware of. (54) States in his research that titled by “WPA™ Deployment Guidelines for Public Access Wi-Fi® Networks” some access point needs to be upgraded through the firmware or even to be replaces in order to have WPA supported especially in the access points that are installed in public spots. There are some issues have been found in WPA protocol. (50) States that networks using WPA protocol can be attacked with expensive cost because TKIP has some encryption weaknesses. Because the encryption and authentication that are involves in the WPA protocol are complex, the performance of the network may be affected. The Challenges and issues of WPA are numerous, which include as it does not cover the peer to peer relationship of RSN. For mobile users, WPA is not appropriate to guarantee for the security of network performance. They move from one Basic Service Set (BSS) to another BSS frequently. There was no support applied for AES-CCMP in the 802.11i portion when WPA was formulated (12). Again, the encryption weaknesses in TKIP may cause a huge and expensive loss for the network as a successful crack is expected there. Intensive authentication due to a computation and complex protocols of encryption may cause the performance sacrifice. The WPA’s strength is an issue until the attack is not proofed (50). Configuration of the access points and workstations for WPA based services is not trivial. Users of WPA based network need proper training and education to accomplish their account and maintain their profiles. Connection attempts are seamless when a user sets up a profile. This issue is overcome by using appropriate software (54). A significant improvement in the WPA is essential to overcome the cracking issue of the TKIP (55). Cost and Profit: Cost balance is only achieved when 802.1x is used with conjunction of the 802.11i, and also use the EAP as framework for authentication (2). Implementation of the decentralized solution with support of WPA is allowable at a lower cost. Cost for maintenance of passwords method is lower than EAP methods. 802.11 a offers a better capacity systems with fewer access points at a lower cost. Deployment cost for the 802.11i reduces the adoption cost, as it accommodates the older hardware of WEP (55). Profit from the modification of the 802.1x is appearing worth. This standard is also profitable as it does not require the client software for recognition and parsing of the BSSIDs (54). ESN provides only security for the networks and WEP is preferred for the minimum cost. Usage of WPA is profitable as it replaces both WEP and RSN (56). Conclusion: In this paper, the IEES standard 802.11 with its subsets has been discussed. The drawbacks of WEP enforced the development of the 802.11i standard. The development of the WPA is also essential part of the paper that also includes the components of this standard. Security concerns for the data integrity and confidentiality is ensured by using this standard. Issues and challenges of the WPA are also pointed to make further improvements in the future. References [50]. Wong, S. (2003). “The evolution of wireless security in 802.11 networks: WEP, WPA and 802.11 standards”, SANS Institute. [53]. Wi-Fi Alliance (2003). “Wi-Fi Protected Access: Strong, standards-based, interoperable security for today’s Wi-Fi networks”, Wi-Fi Alliance. [54]. Wi-Fi Alliance (2004). “WPA™ Deployment Guidelines for Public Access Wi-Fi® Networks”, Wi-Fi Alliance [55]. Katz, H.F. “WPA vs. WPA2: Is WPA2 Really an Improvement on WPA?” Armstrong Atlantic State University [56] BulBul, I.H., Batmaz, I., and Ozel, M. (2008). Wireless Network Security : Comparison of WEP (Wired Equivalent Privacy) Mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) Security Protocols.” Available from http://www.ecst.csuchico.edu/~juliano/csci693/Presentations/2008w/Materials/Wagh/DOCS/Wireless%20Network%20Security.pdf Accessed on 03/12/2012 Read More