One of the first major complaints that arose from wireless networking was from the security community. Quite rightly, the complaint was that with RF signals being broadcast over the air, nothing can stop someone from reaching out and grabbing them. At least with wired networking, a person had to be physically connected to the same hubs or switches to be able to eavesdrop on a network conversation.
To deal with this issue, Wired Equivalent Privacy (WEP) was introduced. The goal of WEP was to provide the same level of privacy that you would have if you were still connected to a wired network. WEP involved two sets of mechanisms:
* Authentication: You need to prove your identity before participating in the network.
* Encryption: You want everything you send over the airwaves to be encrypted.
The basis of WEP encryption is tied to an encryption key; today you typically see either 64-bit WEP or 128-bit WEP encryption keys. With 64-bit WEP, you use a 40-bit key that is joined with a 24-bit initialization vector (IV) to generate an RC4 (Rivest Cipher 4) stream cipher. A 128-bit WEP uses a 104-bit encryption key, which is then joined with the 24-bit IV to create the RC4 cipher.
While this gives you a quick and efficient way to encrypt and decrypt traffic at high speed, it has some serious flaws. Even if you cannot read the data, you can still capture data packets off a wireless network because they are just traveling over the air. One of the issues is that the IV must be unique for every packet that is sent over a time period, and because it is only 24 bits long, it can start repeating in as little as 5,000 packets, making it not as random or secure as it can be.
The goal of WEP was good, but as with a better-built mousetrap, you just end up with smarter mice. These days, WEP can be broken with readily available software in less than a minute. Given this, it is not considered reliably secure for networks. The Payment Card Industry (PCI), which sets standards for credit and debit card transactions, prohibits the use of WEP in any part of a credit card transaction.
Due to the limitations of WEP, Wi-Fi Protected Access (WPA) was developed. WPA uses most of the recommendations that are included in the IEEE 802.11i specification, which lays out security standards for wireless networks. WPA2 followed later, implementing all the IEEE 802.11i mandatory elements.
Rather than using a static encryption key, as is used with WEP, WPA uses the Temporal Key Integrity Protocol (TKIP), which can easily be implemented because it is a minor but effective upgrade to WEP. Rather than using a plain text IV, it combines the IV with a secret root key. It also implements a sequence counter, so all packets must arrive at the AP in the correct order or they are rejected. Finally, it provides a method of rekeying or updating the encryption key, neutralizing people trying to break the key.
There are still many documented attacks that can be successfully carried out on a WPA network using TKIP, and as such, it required additional updating. The implementation of AES (Advanced Encryption Standard) increased encryption to a level that is still considered to be the safest on the market.
To deal with this issue, Wired Equivalent Privacy (WEP) was introduced. The goal of WEP was to provide the same level of privacy that you would have if you were still connected to a wired network. WEP involved two sets of mechanisms:
* Authentication: You need to prove your identity before participating in the network.
* Encryption: You want everything you send over the airwaves to be encrypted.
The basis of WEP encryption is tied to an encryption key; today you typically see either 64-bit WEP or 128-bit WEP encryption keys. With 64-bit WEP, you use a 40-bit key that is joined with a 24-bit initialization vector (IV) to generate an RC4 (Rivest Cipher 4) stream cipher. A 128-bit WEP uses a 104-bit encryption key, which is then joined with the 24-bit IV to create the RC4 cipher.
While this gives you a quick and efficient way to encrypt and decrypt traffic at high speed, it has some serious flaws. Even if you cannot read the data, you can still capture data packets off a wireless network because they are just traveling over the air. One of the issues is that the IV must be unique for every packet that is sent over a time period, and because it is only 24 bits long, it can start repeating in as little as 5,000 packets, making it not as random or secure as it can be.
The goal of WEP was good, but as with a better-built mousetrap, you just end up with smarter mice. These days, WEP can be broken with readily available software in less than a minute. Given this, it is not considered reliably secure for networks. The Payment Card Industry (PCI), which sets standards for credit and debit card transactions, prohibits the use of WEP in any part of a credit card transaction.
Due to the limitations of WEP, Wi-Fi Protected Access (WPA) was developed. WPA uses most of the recommendations that are included in the IEEE 802.11i specification, which lays out security standards for wireless networks. WPA2 followed later, implementing all the IEEE 802.11i mandatory elements.
Rather than using a static encryption key, as is used with WEP, WPA uses the Temporal Key Integrity Protocol (TKIP), which can easily be implemented because it is a minor but effective upgrade to WEP. Rather than using a plain text IV, it combines the IV with a secret root key. It also implements a sequence counter, so all packets must arrive at the AP in the correct order or they are rejected. Finally, it provides a method of rekeying or updating the encryption key, neutralizing people trying to break the key.
There are still many documented attacks that can be successfully carried out on a WPA network using TKIP, and as such, it required additional updating. The implementation of AES (Advanced Encryption Standard) increased encryption to a level that is still considered to be the safest on the market.
I am reading your post from the beginning, it was so interesting to read & I feel thanks to you for posting such a good blog, keep updates regularly.
ReplyDeleteRegards,
ccna course in Chennai|ccna training institute in Chennai|ccna training in Chennai
The Evolution Of Wireless Network Security ~ Wireless Network Security >>>>> Download Now
Delete>>>>> Download Full
The Evolution Of Wireless Network Security ~ Wireless Network Security >>>>> Download LINK
>>>>> Download Now
The Evolution Of Wireless Network Security ~ Wireless Network Security >>>>> Download Full
>>>>> Download LINK Al
Very Informative article for wifi security,Thanks for sharing
ReplyDeleteNetwork Infrastructure Security Specialists
good blog..
ReplyDeleteSecurity Solutions
IMPRESSED WITH SUCH A GOOD CONTENT!!
ReplyDeleteVERY INTERESTING
GREAT WORK
wireless network solutions in dubai
Thanks for sharing like this content. I really appreciate sharing your post. and also you can go through this site and read the interesting thing Top Wireless Technology Companies
ReplyDeleteWireless Access Points
ReplyDeleteCISCO Wireless LAN
ReplyDeleteExploit WiFi security technologies to connect to the World Wide Web.
ReplyDeletewifi security
Great Article
ReplyDeleteCyber Security Projects
projects for cse
Networking Security Projects
JavaScript Training in Chennai
JavaScript Training in Chennai
The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training
good question. Cloud IT Consultants Milwaukee
ReplyDeleteThe Evolution Of Wireless Network Security ~ Wireless Network Security >>>>> Download Now
ReplyDelete>>>>> Download Full
The Evolution Of Wireless Network Security ~ Wireless Network Security >>>>> Download LINK
>>>>> Download Now
The Evolution Of Wireless Network Security ~ Wireless Network Security >>>>> Download Full
>>>>> Download LINK aA