Wireless security at the basic level is traditionally implemented using WEP or
WPA. WEP as is common knowledge now, is very easy to crack and is not a
preferred mechanism for production-class wireless networks. WPA uses TKIP for
encryption and TKIP is not considered strong enough to be FIPS 140-2 compliant
and hence cannot be used readily by governmental deployments. While the second
generation WPA (known as WPA2 or 802.11i) is not designed to replace either WEP
or WPA, it is considered the strongest security mechanism thus far. This is
because besides TKIP, it can also use AES for encryption. AES encrypted data is
considered FIPS
140-2 compliant.
|
The 802.11i spec (WPA2)
The 802.11i specification for wireless LAN security was ratified by the IEEE
in June 2004 in a Standards Committee meeting at
Piscataway
,
NJ
. This specification
formally replaces WEP and other security features of the original IEEE 802.11
standard. It is also known as WPA2. Both WPA and WPA2 are secure methods of
communication using Wi-Fi. If you have equipment that supports only WPA, but not
WPA2, it's safe to continue using WPA. However, if you're buying new
equipment, you should buy products that support WPA2 with
Enterprise
mode. In March, Wi-Fi Alliance announced that the WPA2 security certification
program, the second generation of WPA, is now a mandatory feature for all new
Wi-Fi certified products.
Feature | WPA | WPA2 |
Encryption | TKIO only | TKIP and AES |
Handshakes | Four-way | Four-way |
FIPS 140-2 Compliant |
No | Yes |
Backward compatibility | With WEP | Initially with WPA |
Versions | Personal, Enterprise |
Personal, Enterprise |
Standard | 802.11i partial | 802.11i Full |
Centrino wireless |
Intel PRO/Wireless 2200BG |
Intel PRO/Wireless 2915ABG and 3945 ABG |
Enhancements | None | Fast roaming (PMK), Pre-authentication |
New security features
Unlike older security standards, all of which define the physical layer
issues, WPA2 defines security mechanism that operates between the MAC (Media
Access Control) sub layer and the network layer. It has a better 128-bit
encryption with TKIP and AES.
TKIP:Unlike WEP, which uses a single key for
unicast data encryption and typically a separate key for multicast and broadcast
data encryption, WPA2 uses a set of four different keys for each client—AP
pair and a set of two different keys for multicast and broadcast traffic.
It derives TKIP using a four-way handshake process that is
the same as with WPA. This protocol is perfectly adequate to protect ordinary
Wi-Fi transmissions in a
SOHO
network.
AES: WPA2 equipment can also require AES (Advanced
Encryption Standards) for
encryption of data. AES was added to WPA to meet the needs of customers who
communicate with the
US
government and others which require this specific algorithm. This is the
feature that takes WPA2 a step further than WPA. The downside is that AES
support may require new hardware for many existing WLANs, as it needs a
dedicated chip to handle the encryption and decryption. But, the good news is
that AES meets FIPS (Federal Information Processing Standard) 140-2 requirement,
which is a government security criterion and provides stronger
encryption than WPA and TKIP.
Authentication process
Like WPA, WPA2 can be enabled in both
Enterprise
and Personal modes of
operation. For
Enterprise
mode, WPA2
requires authentication in two phases; the first is IEEE 802.1X authentication,
which is an open system authentication, and the second uses EAP (Extensible
Authentication Protocol). For home or small office networks, WPA2 Personal mode
supports the use of PSK (Pre-Shared Key). Based on the EAP or PSK authentication
process, WPA2 requires the determination of mutual PMK (Pairwise Master Key) for
key management. Personal mode requires only an access point and client device
while
Enterprise
mode typically requires RADIUS (Remote Authentication Dial-In User Service)
based authentication or other authentication server on the network.
Tip: If your WiFi usage
is in a
SOHO
network, PSK method of authentication may be adequate for your needs. It is
recommended that while using PSK authentication process mode, you should set a
password of at least 20 characters and make sure it doesn't
contain any names or dictionary words.
Why WPA2? |
WPA2 is not a release aimed at addressing problems with the original WPA. WPA was at best only a partial implementation of the 802.11i standard and because it allowed use of TKIP (with a vendor-specific option for AES), was not considered to be secure for government use. WPA2 adds AES encryption to address this issue as well as add a couple of enhancements in the form of Fast Roaming and Pre-authentication. Enterprises using WPA currently need not consider a switch to WPA2 unless FIPS 140-2 compliance is mandatory for their business. |
Robust Secure Network
Another element of WPA2 standard is RSN (Robust Secure Network). By default,
RSN uses AES and CCMP (Countermode CBC MAC Protocol) and it is this, which
provides a stronger and scalable solution. CCMP uses Cipher Block Chaining
Message Authentication Code (CBC-MAC). This algorithm produces a Message
Integrity Code (MIC) that provides data origin authentication and data integrity
for wireless frame. Changing even one bit in a message produces a totally
different result. Messages are encrypted using a secret key (128 bits) and a 128
bit block of data. The end result is the encryption that is much harder to break
than even WPA.
Fast roaming
During a session, a series of messages are sent between wireless client and
wireless access point. While the wireless client roams between wireless access
points, there is a noticeable delay to perform authentication, which leads to
network interruptions and low connectivity. To minimize the delay of
authentication and reduce network interruptions, WPA2 equipment can optionally
support PMK caching and preauthentication for fast handoff. Therefore, access is
much faster when a wireless client roams back to the wireless access point to
which the client has already authenticated. This feature is helpful when there
are more than one access points in a network.
PMK caching
PMK caching is a feature through which a user can get re-authenticated quickly
to a wireless access point, authenticated to previously. It only needs to
perform the four-way handshake and determine new pairwise transient keys. In the
request frame, wireless client includes a PMK identifier that was determined
during the initial authentication and stored with both the wireless client and
wireless AP's PMK cache entries. These entries are stored for a finite amount
of time, which are then used for re-authentication process.
Preauthentication
Preauthentication is a process through which a wireless client has an option to
perform 802.1X authentication with another wireless AP in its range, while
itself already connected to its current AP. Through the existing wireless AP
connection, the wireless client sends a preauthentication request to another AP.
After that, PMK and its associated information is stored in PMK cache. Now, the
wireless client when connecting with the wireless AP to which it has already
preauthenticated, only needs to perform a four-way handshake.
In a nutshell
Despite the potential cost of implementing it, the new WPA2 is by far the
strongest security system for wireless networks. It's the most robust,
scalable and secure solution and will appeal particularly to enterprise users,
where key management and administration has been a major headache. WPA2 standard
has been specially designed to overcome the major security issues, which were
present in the older encryption standards. So WPA2 is the wireless security
standard that you can depend on.
Apurva Kothari, MD, Reckon Network