Wireless LAN
Security
The transmission of data over the air has some intrinsic security problems. In particular:- Confidentiality: data over the air must remain confidential.
- Access control: non authorized user accesses must be denied.
- Data integrity: data over the air must remain intact.
Standards
WEP encryption
The first IEEE 802.11 standard included the
WEP ("Wired Equivalent Privacy") mechanism.
WEP requires that every packets exchanged among
'access point and clients must be encrypted using
the RC4 algorithm, with a secret key of of 40 or 104 bits,
prefixed by a random sequence of 24 bits (Initialization
Vector) different for each packet.
The secret key must be known to all the clients
associating to the
access point.
In 2001 some researchers demonstrated that the RC4 implementation inside
WEP had some critical flaws. So the IEEE founded a task group, the
"Task Group i", for defining a new security standard,
the IEEE 802.11i.
From WEP to 802.11i: WPA
IEEE e Wi-Fi Alliance,
the commercial organization which promotes the diffusion of wireless networks,
defined a new standard, that can be used on existing equipments, without
the flaws of WEP.
The new mechanism, named WPA (Wireless Protected Access),
was designed as a temporary replacement of WEP, waiting for the definitive
802.11i.
WPA included a new protocol, named TKIP
(Temporal Key Integrity Protocol), still based on RC4,
that add a software algorithm for each packets
before the WEP (hardware implemented).
WPA uses TKIP for the encryption, while uses a new user authentication
mechanism based on 802.1x.
WPA2 (802.11i)
802.11i, defined in July, 2004, is now commonly known as WPA2.
WPA2 employs again 802.1x for authentication, while defines a
new protocol for encryption,
CCMP (Counter Mode with CBC-MAC Protocol),
that replaces RC4 with
AES.
The more reliability of AES (and CCMP) has a price: the more
CPU speed needed to calculate the algorithm, requiring thus
some changing in the hardware of equipments.
- WPA = TKIP + 802.1x
- WPA2 = CCMP + 802.1x
Authentication
802.1x
IEEE 802.1x is a port-based authentication protocol, which requires that each client must authenticate at the first access, and at periodic interval of time. For the real authentication the standard usually requires a remote RADIUS (Remote Authentication Dial-In User Service) server.
The 802.1x architecture is composed by the following objects:
- Supplicant = client which need to access the network.
- Authenticator = the network access point.
- Authentication Server = an external server which receives the authentication requests from the supplicant.
The following picture shows the 802.1x architecture.
EAP
The authentication system employs the transport protocol EAP (Extensible Authentication Protocol), which does not define an authentication protocol, but defines an extensible platform that makes possible to employ different authentication protocols, avoiding the problem of the discover of flaws on a protocol.
Authentication methods
EAP defines over 40 methods for the authentication. The main ones are:
- EAP-MD5: (MD5-Challenge), it is equivalent to PPP and requires username/password. It does not require mutual authentication or key exchange, so it is less feasible for wireless networks.
- LEAP: (Lightweight EAP) developed by Cisco, requires username/password and a Radius server. It is discontinued.
- EAP-TLS: creates a TLS (encrypted tunnel) between the supplicant and the Authentication Server. Both the supplicant and the server need a x509 certificate. This method implies a mutual authentication.
- EAP-TTLS: creates a tunnelled TLS session, which inside can carry any authentication method.
- PEAP: (Protected EAP) creates a TLS encrypted session. Either in PEAP or in TTLS the supplicant certificate is optional, while the Authentication Server certificate is necessary.
- EAP-MSCHAPv2: requires username/password, and is mainly an encapsulation of MS-CHAP-v2 in EAP.
