WPA plugs holes in WEP

New wireless security standard could drive hot spot, academic installations.

The wireless LAN industry's first crack at security - 802.11 Wired Equivalent Privacy - has been discredited and rightly so. WEP is so easy to break that it's like having a plastic lock on your office door.

Although WEP can keep casual snoopers from accessing a wireless LAN, companies need and can do much better.


Buyer's Guide: Wireless LANs


Effective wireless LAN security solutions, such as Cisco's Lightweight Extensible Authentication Protocol (LEAP), have been in use over the past year, but they provide limited interoperability. In most cases, client radio cards and access points must be from the same vendor, something that doesn't fare very well in public hot spots and many companies that don't enforce a standard desktop.

Late last year, the Wireless Fidelity (Wi-Fi) Alliance announced Wi-Fi Protected Access (WPA), a standards-based security mechanism that eliminates most 802.11 security issues.

WPA basics

WPA is based on the current state of the 802.11i standard, which is still under development. Ratification by the IEEE isn't expected until late this year. The Wi-Fi Alliance, realizing that the long wait is stalling the market, launched WPA, which is expected in vendor products this spring.

One advantage of WPA is that it enables the implementation of open wireless LAN security in public areas and universities. These hot spots and academic sites haven't been able to use basic WEP.

A key flaw in WEP is that its encryption keys are static rather than dynamic. That means to update the keys, an IT staffer has to visit each machine, which isn't feasible in an academic setting or even possible in a hot spot. The alternative is to leave the keys unchanged, which makes you vulnerable to hackers.

These public sites haven't been able to use the stronger proprietary mechanisms, such as LEAP, because of the interoperability issue.

But WPA provides effective key distribution and enables use across the often different vendor radio cards.

To ensure that WPA is taken seriously, the Wi-Fi Alliance has mandated that by year-end the security mechanism will be required for all new Wi-Fi certifications. It's likely that WPA also will become the default out-of-the-box configuration, which would help the majority of small office/ home office (SOHO) users. Older products will not need to comply, but vendors surely will supply applicable upgrades.

How WPA works

WPA includes both the Temporal Key Integrity Protocol (TKIP) and 802.1x mechanisms, which together provide dynamic key encryption and mutual authentication for mobile clients. WPA thwarts hackers by periodically generating a unique encryption key for each client.

TKIP introduces new algorithms to WEP, which includes extended 48-bit initialization vectors and associated sequencing rules, per-packet key construction, key derivation and distribution function, and a message integrity code (referred to as "Michael").

In companies, WPA can interface with an authentication server, such as Remote Authentication Dial-In User Service, using 802.1x with EAP. The authentication server is a storehouse for user credentials. This function enables effective authentication control and integration into existing information systems.

WPA implementations in SOHOs, however, don't require an authentication server because of the ability to operate in "preshared key mode." Similar to WEP, a client's preshared key (often called a "pass phrase") must match the one stored in the access point. An access point uses the pass phrase for authentication. If the phrase matches, the client is given access to the wired side of the access point.

WPA fixes all known problems with WEP, except denial-of-service (DoS) attacks.

Potential DoS attacks are a significant risk for any application where loss of wireless LAN access affects life, profits or reputation. A hacker easily can bring down a WPA-protected network by sending at least two packets using the wrong key each second.

When this occurs, the access point assumes that a hacker is trying to gain access to the network. The access point shuts off all connections for 1 minute to avoid the possible compromise of resources on the network. Thus, a continuous string of unauthorized data can keep the network from operating indefinitely, which means you should have a back-up process ready for critical applications.

Implementation considerations

WPA is primarily a solution for legacy equipment because you can install WPA via simple software upgrades to your Wi-Fi-certified access points. This enables effective security among clients having different radio cards, assuming the radio cards also implement WPA. Access points that implement WPA will support a mixed environment of client devices, ones implementing WPA and others that don't.

WPA will maintain forward compatibility with the 802.11i standard. The eventual 802.11i standard will include Advanced Encryption Standard (AES) as an option, which is stronger than RC4. But an issue is that AES will likely require the replacement of a legacy access point because of the need for higher performing processors. As a result, 802.11i will be targeted for new equipment.

Is WPA an interim step or a long-lasting solution?

WPA can provide excellent security. The demand for compliance from the Wi-Fi Alliance assures users of plug-and-play security that has been a real roadblock to wireless LAN proliferation.

Customers should implement WPA through upgrades to existing equipment and should insist on it in new equipment. Because of new hardware requirements of 802.11i, WPA will likely be a security solution that lasts until you move to the next generation of hardware.

Evolution of wireless LAN security

WEP goes the way of the dodo bird, WPA emerges as missing link to 802.11i
NameWired Equivalent PrivacyWi-Fi Protected Access 802.11i or Wi-Fi Protected Access Version 2  
AcronymWEPWPAWPA2
A.K.A.Won't Even ProtectWill Protect AlrightWill prove airtight
Features

Weak encryption keys based on RC4 algorithm (typically 40-bit keys).

Static keys that make easy targets for hackers

Same underlying RC4-based encryption as WEP

TKIP (temporal key integrity protocol) added so that keys are rotated  and encryption is strengthened.

Strong AES encryption based on Rijndael algorithm (128, 192 or 256 bit key sizes).

Adds two strong authentication features: wireless robust authentication protocol or WRAP; counter with cipher block chaining message authentication code protocol or CCMP.

Life span1997-20032003-20042004-??????

Learn more about this topic

Geier provides independent consulting services to companies developing and deploying wireless network solutions. He is the author of the book, Wireless LANs. He can be reached at jimgeier@wireless-nets.com.

1 2 Page 1
Page 1 of 2