Forwarded from: "eric wolbrom, CISSP" <ericat_private> http://www.secadministrator.com/Articles/Index.cfm?ArticleID=27064 Mark Joseph Edwards October 23, 2002 What wireless security measures are on the horizon? The current wireless networking standards use security technology that's far less secure than it could be. For example, most wireless network administrators are familiar with the Wired Equivalent Privacy (WEP) protocol, which uses RC4 encryption to help protect data as it travels over the airwaves. However, researchers have proven that intruders can easily crack WEP. Last year, a team of researchers published "Weakness in the Key Scheduling Algorithm of RC4," a paper that describes a series of vulnerabilities that make WEP vulnerable. In roughly the same time frame that the paper was published, someone posted Perl scripts on the Internet that helped demonstrate how vulnerabilities in WEP could be verified. You can read about the paper and the scripts in an editorial I wrote in August 2001. Because of the weaknesses in WEP security, several entities are developing stronger security technology, such as the 802.11a and 802.11b specifications, for use with wireless network technologies. If you aren't familiar with the various 802.11x network specifications, you can learn more about them by reading Mark Weitz's article. One up-and-coming 802.11x specification, 802.11i, is still involved in development and approval processes. The specification might be officially released by early 2003. After it's available, 802.11i will provide replacement technology for WEP security. Initially, 802.11i will provide Temporal Key Integrity Protocol (TKIP) security that you can add to existing hardware with a firmware upgrade. Upgraded units should be backward-compatible with hardware that still uses WEP. Sometime later, new chip-based security that uses the stronger Advanced Encryption Standard (AES) protocol will replace TKIP, and the new chips will probably be backward-compatible with TKIP. In effect, TKIP is a temporary protocol for use until manufacturers implement AES at the hardware level. TKIP is a quick-fix method to quickly overcome the inherent weaknesses in WEP security, especially the reuse of encryption keys. According to "802.11 Planet," "The TKIP [security] process begins with a 128-bit 'temporal key,' [which is] shared among clients and access points. TKIP combines the temporal key with the [client machine's] MAC address and then adds a relatively large 16-octet initialization vector to produce the key that will encrypt the data. This procedure ensures that each station uses different key streams to encrypt the data. TKIP uses RC4 to perform the encryption, which is the same as WEP. A major difference from WEP, however, is that TKIP changes temporal keys every 10,000 packets. This provides a dynamic distribution method that significantly enhances the security of the network." In relation to TKIP, some companies have implemented TKIP-like solutions called Simple Secure Networks (SSNs), which also use an encryption key that changes periodically. One company, Symbol Technologies, currently has SSN-based products on the market. In addition, vendors such as Atheros Communications and Resonext Communications are producing chips that support WEP, TKIP, and AES security technologies, and wireless network gear vendors, such as Nokia, are already shipping hardware that's ready for TKIP security, waiting for the standard to be finalized. For a more in-depth look at wireless encryption technology, especially WEP and TKIP, be sure to read two articles from Intel. The first article discusses encryption key management in both WEP and TKIP protocols, and the second article discusses TKIP in considerable detail. _______________________________________________________________________ Eric Wolbrom, CISSP Safe Harbor Technologies President & CIO 190 Goldens Bridge Ct. Voice 914.767.9090 ext. 6000 Katonah, NY 10536 Fax 914.767.3911 http://www.shtech.net _______________________________________________________________________ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Oct 28 2002 - 07:10:21 PST