Skip Links

802.11i secures wireless LANs

By Paul Funk, special to Network World
March 28, 2005 12:01 AM ET
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

Network World - The IEEE's initial attempt at wireless LAN security was Wired Equivalent Privacy . This turned out to be a quite unfortunate moniker, as WEP was quickly shown to provide very little of the privacy it advertised.

802.11i improves on WEP by using completely new encryption algorithms and key-derivation techniques. This wireless security standard, finalized in 2004, makes it possible to safeguard over-the-air communications at Layer 2.

A key called the Pairwise Master Key (PMK) is established between the wireless station and the access point. This key is typically generated using 802.1X, which is authentication of the user to a RADIUS or other authentication server using Extensible Authentication Protocol. Both the station and RADIUS server derive identical keys, and the RADIUS server returns that key to the access point.

Next, the station and access point exchange a sequence of four messages, called the "four-way handshake." In this exchange, the PMK and freshly generated random values from both station and access point are used to derive a new key, called the Pairwise Transient Key. This key is subdivided into several keys: one to sign four-way handshake messages; one to secure data packets transmitted between station and access point; and one to encrypt a "group key" to the station during the four-way handshake. The group key lets the access point broadcast one multicast packet to all stations, rather than send a separately encrypted packet to each station.

During the four-way handshake, the station and access point negotiate the type of encryption to be used for the data connection. Two encryption ciphers are negotiated: The pairwise cipher is used for unicast data between station and access point, and the group cipher is used for broadcast/multicast traffic from the access point to multiple stations.

While any encryption cipher may be negotiated, the cipher of choice for 802.11i is Advanced Encryption Standard (AES), with a 128-bit key, in Counter with CBC-MAC (CCM) mode. AES is the U.S. federal government standard for encryption. CCM is a very well designed mode of operation and recently has been approved as Federal Information Processing Standard-compliant.

In an 802.11i-only environment, AES normally will be used both as the pairwise and group cipher. In a mixed environment, access points typically will use a lowest-common-denominator cipher as the group cipher, such as WEP or Temporal Key Integrity Protocol, to let both 802.11i and pre-802.11i stations decrypt multicast traffic.

802.11i also speeds roaming from one access point to the next. Previously, it was necessary for the station to perform a complete 802.1X authentication each time it associated with a new access point. With 802.11i, when the station returns to an access point it already authenticated with, it can reuse the PMK established with that access point to omit 802.1X authentication and perform only the four-way handshake. This greatly speeds up transitions between access points. Additionally, the station may pre-authenticate to a new access point it intends to roam to, while still associated with the current access point; this lets the station only perform a four-way handshake once it roams.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News