Some people think that the term wireless security is an oxymoron, but in fact, wireless security isn't very different from wired security. To protect data going out from an organization, whether over radio waves that anyone can listen in on or over phone lines or network cabling that can be wiretapped or sniffed, you need the same basic controls as with any other connection.
There are two basic steps:
- A host system needs to authenticate the user or device that it's communicating with.
- The data must be protected as it travels from the user device to the destination host, whether to preserve confidentiality or to ensure that the message isn't changed or destroyed en route.
This discussion centers around security for wireless Ethernet networks using IEEE standard 802.11b (also called Wi-Fi), which offers speeds of up to 11M bit/sec. There are other standards and protocols for wireless communications, but most of the same security principles will apply to them. The vast majority of wireless networks now in operation are based on the 802.11b standard.
The first security mechanism built into Wi-Fi was Wired Equivalent Privacy (WEP), which allowed the encryption of wireless traffic. However, encryption is turned off by default in wireless devices and software, and in many cases, it's never turned on. But even when WEP is used, it isn't terribly secure.
WEP relies on a secret key to encrypt packets transmitted between a mobile station (a device with a wireless Ethernet card) and an access point (a base station connecting to a wired network). An integrity check ensures that packets aren't modified in transit. In the real world, most installations use a single key that's shared by all mobile stations and access points.
A 40-bit key is standard, but even the 128-bit version is vulnerable to attacks from crackers who can analyze traffic statistics; send messages of known content through networks from their own, unauthorized mobile stations; trick access points and reconfigure them; or build dictionaries of initialization vectors based on traffic analysis.
Last year, Ian Goldberg, a cryptologist at security and privacy software developer Zero-Knowledge Systems, working with researchers at the University of California, Berkeley, broke WEP. Researchers at Rice University in Houston and AT&T Labs, later discovered an even easier method for breaking WEP.
Help is on the way. Task Group I (TGi) of the IEEE 802.11 Working Group has been busy trying to fill in the cracks of wireless network security. TGi is looking for a WEP replacement that can be implemented without making the current generation of wireless network equipment obsolete. Last year, TGi approved a measure to ensure a backward-compatible interim security improvement.
The long-term goal is to develop a system of great complexity that's efficient enough to embed in low-power, inexpensive devices. This ultimate standard will most likely use the federal government's Advanced Encryption Standard instead of WEP's weaker RC4 algorithm as the basis for its encryption, and it will almost certainly involve rotating through many different keys over short periods of time.
But that's a year or more in the future. For now, there's an interim solution, called the Temporal Key Integrity Protocol (TKIP), that strengthens WEP without revising it radically. TKIP uses a larger number of starting keys (initialization vectors) and dynamically generates new encryption keys every 10,000 packets. An integrity-checking mechanism helps determine whether an unauthorized user has modified packets by injecting traffic to enable key-cracking.
TKIP will be backward-compatible with current 802.11b products, and those products' firmware should be software-upgradable. TKIP is expected to be incorporated in new products soon.
To complicate matters, TGi also has to deal with the more general 802.1x security protocol, a method for securely authenticating users with a back-end system. Weaknesses in this approach have already been discovered, leaving it open to what's called a "man-in-the-middle" interception.
Given the weaknesses in 802.1x, it may be next year before an entirely new encryption-key standard is approved by the Institute of Electrical and Electronics Engineers Inc. and incorporated in devices. Until then, there's a good chance that TKIP will be upgraded in firmware through the end of this year.