StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

IEEE 80211 Security - Research Paper Example

Cite this document
Summary
The paper "IEEE 80211 Security" highlights that the IEES standard 802.11 with its subsets has been discussed. The drawbacks of WEP enforced the development of the 802.11i standard. The development of the WPA is also an essential part of the paper that also includes the components of this standard…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.6% of users find it useful
IEEE 80211 Security
Read Text Preview

Extract of sample "IEEE 80211 Security"

?IEEE 802.11 Introduction to IEEE 802.11: Wireless communication has become one of the most popular technologies in the last several years. It becameso popular among the users and businesses. The flexibility, mobility, portability, and scalability are the most advantages that are generated from using wireless local area networks. No need for cables to connect to the network anymore which exists in the traditional wired local area networks. The Institute of Electrical and Electronics Engineers (IEEE) developed and released first wireless standards in 1997. The purpose of the wireless local area network was to provide the same communication services were provided by wired LANs but through the wireless technology. Wireless uses radio waves in the transmission. Wireless LAN deals with two lower layers of the Open System Interconnection (OSI) which are the physical and data-link layers. I will briefly discuss three physical specifications of the physical layer: 802.11b: 802.11b was released in 1999 and uses DSSS that provide higher bit rate. The transmission of the data can reach 11 Mbps. It operates in 2.4 GHz range. 802.11a: 802.11a was released in 2001 and uses OFDM. The transmission of the data can reach 54 Mbps. It operates in 5 GHz range 802.11g: 802.11g uses OFDM. The transmission of the data can reach 22 Mbps. It operates in 2.4 GHz range. (21) IEEE 802.11 Security: 7 Wired Equivalent Privacy (WEP): IEEE released Wired Equivalent Privacy protocol what is known as WEP for the security 802.11 standard in 1990 (15) .WEP was designed to make the communication through wireless safe and secured as much as it is in the wired local area network. WEP provides authentication and confidentiality to the security of the wireless network (21). WEP was developed on the base of RC4 stream cipher. In the encryption and decryption the same secret key must be used (1). The wireless device and the access point must have the same secret key (4). All stations in the network must have the same shared or secret key (15). This paragraph discusses the functionality of WEP. (13) When the wireless device first joins the network, the device should be authenticated first in order to use the network. The purpose of the authentication is to only allow certain devices to join the network which only those devices know the secret key. The process of WEP authentication is as shown in the figure: Retrieved from VoCAL (2012). The figure is taken from this website: http://www.vocal.com/secure-communication/wired-equivalent-privacy-wep/ 1. The authentication is sent from the wireless station to the access point. 2. The access point responds with challenge text sent to the wireless station. 3. The wireless station encrypts the challenge text and then sends it to the access point. 4. Finally, “If the access point can decrypt the authentication request and retrieve the original challenge text, then it responds with an authentication response that grants the client access” so the secret key in both sides should match each other. (11) The encryption of the data that are transferred between the wireless station and the access point in the WEP uses RC4 stream cipher. The process of WEP encryption is as shown in the figure: WEP uses CRC for the data integrity. WEP performs CRC (Cyclic Redundancy Check) checksum operation on the plaintext and generates CRC value. This CRC value is concatenated to the plaintext. The secret key is concatenated to the Initialization Vector (IV) and fed into the RC4. Based on the secret key and IV, RC4 generates key stream. The key stream and plain text + CRC message is XOR'ed together. The result is the cipher text. The same Initialization Vector that was used before is pre pended in clear text to the resultant cipher text. The IV + Cipher text along with the frame headers are then transmitted over the air. (13). The shared key in WEP never changes again, and it is used for authentication and encryption which is the problem (13). WEP problems: The major problem in WEP in terms of security is that the wireless transmission can be attacked. “Each attack depends upon the ability of the attacker to monitor 2.6 GHz radio frequencies and translate the 802.11 physical layers into human readable form”(1).The attacker can decrypt the information that has been transferred between the wireless device and the access point. Also, the attacker can attack the transmission and inject it with forged information. The attacker needs the right tools to crack the transmission. (21) States that the attacker can decrypt the traffic or inject traffic after being able to monitor and analyze considerable amount of traffic. (55) Said the WEP uses 40-bit key size for the encryption which is small and cannot handle the attacks. (15) States that WEP has some designing weaknesses, and “Key distribution method” was not as effective as it should be. Wi-Fi Protected Access (WPA): (54) defines WPA as “Wi-Fi Protected Access is a wireless encryption standard based on a subset of IEEE 802.11i that replaces WEP”. Wi-Fi protected access was released in 2003 (51). (3) Wi-Fi protected access was released after WEP to fix the security issues that were found in WEP by introducing two new technologies which are Temporal Key Integrity Protocol(TKIP), and Advanced Encryption Standard (AES) algorithm. (15) says “The TKIP protocol uses the original RC4 encryption algorithm that was also used by WEP but adds a mixing function that creates per-frame keys to avoid the weak-key attacks on WEP”. (53)WPA was designed to overcome all the vulnerabilities that were in the WEP, and to ensure no attacks to the network anymore. (54) The main purpose of the WPA is to ensure that only authorized users can have access to the wireless network and the users can transmit their data and not worry about the security which WPA provide high level of protection to the transmitted data. Organizations, which used the 802.11i standard, have become more popular, as ease of use and low cost also contributed towards the popularity of the standard. WPA authentication: WPA authentication works when the user tries to connect to the access point. The access point does not allow any user to connect to the network without the user been authenticated. “The user provides credentials which are communicated to the authentication server. The authentication process is enabled by the IEEE 802.1X/EAP framework. With EAP, IEEE 802.1X creates a framework in which client workstations and the authentication server mutually authenticate with one another via the AP”. Authentication process allows only authenticated users to access to the network. Pair wise Master Key (PMK) is generated only when authentication server check the user’s credential. Then, TKIP is established between the wireless device and the access point through the use of the 4-way handshake (51). WPA Encryption: TKIP is used to replace the WEP encryption which has many security problems. (51) In the WEP protocol a static encryption key was applied which was a small and caused some problems. In the WAP protocol, TKIP provides the network with 128 bit per-packet dynamic key for the encryption which is stronger than the one in the WEP. So the encryption key is generated dynamically. Message Integrity Check (MIC) was also another service was provided by the WPA and its main purpose is to protect the data packet from any attack. For the implementation of TKIP, only firmware or software upgrade is needed. TKIP functions as changing the temporal keys for every 10000 packets. The dynamic distribution of the temporal keys leaves room for hackers in cracking the TKIP key. TKIP is considered stronger than the WEP encryption, but most of the people also agree that this TKIP must be the interim solution as it uses the RC4 algorithm (50). After the user has been authenticated to the network a pair-wise key is generated from authentication server that uses 802.1X for the generation of the key. TKIP keeps generating a pair-wise key for “every data packet” dynamically. WPA Security: On investigating the weaknesses in the WEP, IEEE started to design and develop a new protocol for the replacement of the WEP. This standard was called as the 802.11i standard. The core reason behind the development of this new standard was the provision of a quick solution to legacy equipments including the clients and access points. This standard was based on the new software, but incorporated in the features of WLAN products. This new standard addressed the two important drawbacks of the WEP standard. The shortfall were as the weaknesses in the design of the WEP protocol, and key distribution procedure was not effective (15). (16) analyzed the Wireless network standard 802.11i, and considered the features like data integrity, availability, mutual authentication and data confidentiality. On its comparison with previous security protocols of wireless networks, the 802.11i provides key management and satisfaction. It is also studied that 802.11i protocol does not emphasize on the availability, and the possibility of Denial of Service (DoS) attack is present. Prior to development of this standard various DoS attacks in the network layer (physical layer) were vulnerable, and also appeared the DoS attacks more severe because of several reasons. However, the DoS attacks appear to be stronger as an adversary launches the 802.11i attack that is easier than physical layer attack. A network administrator cannot detect the DoS attacks very easily, and layer abstraction is not emphasized. Then again 802.11i standard is used in the way to resist the attacks of DoS. It is required in the future to strengthen the 802.11i and make it more robust against DoS attacks. WPA Benefits: WPA protocol has generated many benefits. WPA applies many security technologies that improve the wireless security such as EAP, and pre-shared keys. The access control becomes stronger through the use of authentication. Investment on such standards is minimal as compared to the benefits. WPA improved the security by using data integrity. WPA uses the 802.1x for authentication in the standard WEP 802.1x for both wireless and wire networks Mutual authentication between access points and users is viable by using WPA The way of mutual authentication using the 802.1x comprises of the different steps. (50). WPA improved data encryption through the implementation of the Temporal Key Integrity Protocol. The implementation of the WPA ensures high security level of the network. Data movement inside the network is safe, and no users can access to the network unless authenticated users. Use of WPA is both at personal as well as commercial level. It is used for small offices and domestic authentication, where it does not follow the pattern of WEP. WPA provides the mutual authentication and does not use the air as a medium for key transmission. On a commercial level, the authentication server 802.1x controls the security for the users, and data traffic over the network. Authentication in commercial network is controlled by the 802.1 xs + EAP, and it replaces WEP with an advanced encryption known as TKIP. WPA permits a very complex on the given TKIP (Temporal Key Integrity Protocol). TKIP is also assisted by the Message Integrity Check (MIC) that functions avoiding the bit flipping attack by using the hash technique (2). WPA is the enhancement of the WEP that introduces the AES and TKIP. There are three main components of the WPA as 802.1 xs, MIC and TKIP. WPA does not use the main key for encryption purposes and replaces the group keys or session keys. Why WPA does reuse the WEP protocol? The cryptographic job is hard coded in the interface of the Hardware, which is not upgraded. Due to this limitation, TKIP uses the Stream cipher of the RC4 by making changes in the way of shared secret key. This technique minimizes the exposure from the use of secret key (4). Lack of budget and IT staff is a major issue for homes and small offices’ networks. WPA recognized this issue, and offered the advantages of the WPA security by using passwords or Pre shared keys (PSK). PSK is similar to TKIP encryption for key management and key distribution per packet. PSK is useful for small home based, or office networks where password is entered manually for customers or clients’ devices, and access points. However, home based or office network can be upgraded only purchasing the WPA-enabled equipments. They need to upgrade their APs with new WPA software, and also interfaces of the WLANs with WPA software (53). WPA technology is more accessible by municipalities, because WPA is inexpensive for operations and deployment. WPA Challenges and Issues: While WPA has many benefits in terms of security, it has other challenges that we should be aware of. (54) States in his research that titled by “WPA™ Deployment Guidelines for Public Access Wi-Fi® Networks” some access point needs to be upgraded through the firmware or even to be replaces in order to have WPA supported especially in the access points that are installed in public spots. There are some issues have been found in WPA protocol. (50) States that networks using WPA protocol can be attacked with expensive cost because TKIP has some encryption weaknesses. Because the encryption and authentication that are involves in the WPA protocol are complex, the performance of the network may be affected. The Challenges and issues of WPA are numerous, which include as it does not cover the peer to peer relationship of RSN. For mobile users, WPA is not appropriate to guarantee for the security of network performance. They move from one Basic Service Set (BSS) to another BSS frequently. There was no support applied for AES-CCMP in the 802.11i portion when WPA was formulated (12). Again, the encryption weaknesses in TKIP may cause a huge and expensive loss for the network as a successful crack is expected there. Intensive authentication due to a computation and complex protocols of encryption may cause the performance sacrifice. The WPA’s strength is an issue until the attack is not proofed (50). Configuration of the access points and workstations for WPA based services is not trivial. Users of WPA based network need proper training and education to accomplish their account and maintain their profiles. Connection attempts are seamless when a user sets up a profile. This issue is overcome by using appropriate software (54). A significant improvement in the WPA is essential to overcome the cracking issue of the TKIP (55). Cost and Profit: Cost balance is only achieved when 802.1x is used with conjunction of the 802.11i, and also use the EAP as framework for authentication (2). Implementation of the decentralized solution with support of WPA is allowable at a lower cost. Cost for maintenance of passwords method is lower than EAP methods. 802.11 a offers a better capacity systems with fewer access points at a lower cost. Deployment cost for the 802.11i reduces the adoption cost, as it accommodates the older hardware of WEP (55). Profit from the modification of the 802.1x is appearing worth. This standard is also profitable as it does not require the client software for recognition and parsing of the BSSIDs (54). ESN provides only security for the networks and WEP is preferred for the minimum cost. Usage of WPA is profitable as it replaces both WEP and RSN (56). Conclusion: In this paper, the IEES standard 802.11 with its subsets has been discussed. The drawbacks of WEP enforced the development of the 802.11i standard. The development of the WPA is also essential part of the paper that also includes the components of this standard. Security concerns for the data integrity and confidentiality is ensured by using this standard. Issues and challenges of the WPA are also pointed to make further improvements in the future. References [50]. Wong, S. (2003). “The evolution of wireless security in 802.11 networks: WEP, WPA and 802.11 standards”, SANS Institute. [53]. Wi-Fi Alliance (2003). “Wi-Fi Protected Access: Strong, standards-based, interoperable security for today’s Wi-Fi networks”, Wi-Fi Alliance. [54]. Wi-Fi Alliance (2004). “WPA™ Deployment Guidelines for Public Access Wi-Fi® Networks”, Wi-Fi Alliance [55]. Katz, H.F. “WPA vs. WPA2: Is WPA2 Really an Improvement on WPA?” Armstrong Atlantic State University [56] BulBul, I.H., Batmaz, I., and Ozel, M. (2008). Wireless Network Security : Comparison of WEP (Wired Equivalent Privacy) Mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) Security Protocols.” Available from http://www.ecst.csuchico.edu/~juliano/csci693/Presentations/2008w/Materials/Wagh/DOCS/Wireless%20Network%20Security.pdf Accessed on 03/12/2012 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“IEEE 802.11 Research Paper Example | Topics and Well Written Essays - 1000 words”, n.d.)
IEEE 802.11 Research Paper Example | Topics and Well Written Essays - 1000 words. Retrieved from https://studentshare.org/information-technology/1463827-ieee
(IEEE 802.11 Research Paper Example | Topics and Well Written Essays - 1000 Words)
IEEE 802.11 Research Paper Example | Topics and Well Written Essays - 1000 Words. https://studentshare.org/information-technology/1463827-ieee.
“IEEE 802.11 Research Paper Example | Topics and Well Written Essays - 1000 Words”, n.d. https://studentshare.org/information-technology/1463827-ieee.
  • Cited: 0 times

CHECK THESE SAMPLES OF IEEE 80211 Security

Wireless Security

Wireless security.... However, despite its popularity, there are many security threats that are associated with the wireless technology, thereby preventing them from being widely spread.... Because the earlier mechanisms used in wireless security did not adequately provide defense against such attacks, WLANs provided an avenue for attackers to access an organization's network and take away important information (Us-cert.... The Institute of Electrical and Electronic Engineers (ieee) is the most influential and widely known organization for wireless communications and computer networking....
7 Pages (1750 words) Research Paper

Wired Equivalent Privacy

During the setting up of a wireless network for business or home establishments, most people overlook the configuration of prerequisite wireless security feature.... Wired Equivalent Privacy, WEP is one of the options of providing security in such circumstances.... uring the setting up of a wireless network for business or home establishments, most people overlook the configuration of prerequisite wireless security feature.... Wired Equivalent Privacy, WEP is one of the options of providing security in such circumstances....
4 Pages (1000 words) Essay

Secure Wireless Networking

1 as effective principles that ensure to conserve the reliability and compatibility of the products used within a particular WLAN infrastructure that ensures wireless security for each computing device connected with the developed WLAN.... the report also emphasizes developing a strong shield that can protect users from external threats such as hacking and build strong security protocols for the wireless network.... In order to increase the security efficiency of wireless connectivity, the report would also provide an effective Bluetooth standard for Personal Area Networks (PAN) and on the IEEE 802....
7 Pages (1750 words) Term Paper

The Security Mechanism for IEEE 802.11 Wireless Networks

This case study "The security Mechanism for IEEE 802.... 1 Wireless LAN's security mechanisms.... They have recently become so popular due to their ability to provide mobility, flexibility and security.... 1 architecture can be used to employ security to the wireless networks.... 1 security mechanisms are the first and most effective and reliable ways to secure wireless networking.... 1 Wireless LAN's security mechanisms....
10 Pages (2500 words) Case Study

Authenticating iOS Devices to Join the Active Directory Domain

The technology offers invaluable tools with which we can establish network systems that deliver services to its users with unparalleled convenience and security.... Fortunately, technology offers invaluable tools with which we can establish network systems that deliver services to its users with unparalleled convenience and security.... Closely associated with this is the Lightweight Directory Access Protocol (LDAP) which will be employed to utilize its security and access features....
10 Pages (2500 words) Literature review

Wireless Network Security Issues

The paper "Wireless Network security" is a great example of a report on information technology.... The paper "Wireless Network security" is a great example of a report on information technology.... The exportation of encryption technology using keys longer than 40 bits was prohibited, placing an upper limit on the security of WEP networks....
13 Pages (3250 words) Report

Information Systems: Networking Fundamentals

Other tanks that are completed by the link manager include power mode, security, and connection states of devices.... ieee 802.... ieee 802.... IS and ieee 802.... These two layers complement four sub-layers of the ieee 802.... he ieee 802 is a name that is given to standards that deal with metropolitan area networks and local area networks.... The number 802 originates from the three next free numbers that could be assigned by ieee; it is also associated with the first meeting, which took place in February 1980....
9 Pages (2250 words) Assignment

Wireless Networks - Applications of Bluetooth and IEEE 802.11

The paper "Wireless Networks - Applications of Bluetooth and ieee 802.... The paper "Wireless Networks - Applications of Bluetooth and ieee 802.... The paper "Wireless Networks - Applications of Bluetooth and ieee 802.... In particular, this paper examines the arguments surrounding Bluetooth, and evaluates its potentials and possible applications with ieee 802.... omparison in the applications of Bluetooth and ieee 802....
12 Pages (3000 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us