 It's no secret to most of us that wireless networks are insecure. Crackers and other snoops can easily pilfer unprotected networks, and even more alarming is their ability to tear through security methods considered relatively unbreakable just a few years ago. But a recently released security protocol seeks to erase past security flaws and shore up wireless networks of all sizes.
WPA (Wi-Fi Protected Access) addresses the immediate need for increased wireless security using technology significantly more advanced than its predecessors. Because it's part of a larger future project, WPA isn't necessarily a long-term security solution, but its impressive slate of lockdown features makes it the current wireless security champ. Let's examine the technology behind WPA and what it can do to secure your
wireless network.
 A Need For Concern
Wireless networks deliver the ultimate in freedom and convenience, but because they deliver data over airwaves, they also include security risks that aren't present in wired networks. Data traveling over wireless network airwaves is intended to reach only its network members, but it can also reach unintended parties who intercept the data using easily obtainable tools. This type of security breach can allow complete and unauthorized access to your network, and if you're not aware of the intrusion, the consequences can be devastating.
Security risks such as these aren't new. In 1999, the IEEE (Institute of Electrical and Electronics Engineers) proposed a new encryption-based security protocol intended to fend off wireless intruders. Called WEP (Wired Equivalent Privacy), the protocol encrypted data to protect it as it flowed back and forth over airwaves, and initially the technology proved successful. WEP works by encrypting packets of data through a combination of a 24-bit IV (initialization vector) and a secret key composed of either 40 or 104 bits. This secret key, or WEP key, is stored in both the access point and the client and allows client access to the wireless network upon successful authorization. However, the 24-bit IV is transmitted using plain text, and its 24-bit architecture generates only 224 possible combinations.
Researchers and wireless enthusiasts soon discovered (and publicized) how easily someone could break into WEP-protected networks using tools that scan the algorithm for a correct key match. The news soon led to worldwide "war driving," in which drivers equip their cars with antennas and wireless equipment and scout cities for unprotected access points. Software utilities like Airsnort and Network Stumbler quickly grew in popularity and helped war drivers identify potential targets.
Although WEP is better than no protection at all, today it's generally considered an unreliable form of wireless security. WEP was part of the IEEE's original 802.11 wireless standard, and now the IEEE is working on the 802.11i standard, which will feature vastly improved security features including TKIP (Temporal Key Integrity Protocol) and AES (Advanced Encryption Standard). A subset of the 802.11i standard, WPA, is now available thanks to the Wi-Fi Alliance, a nonprofit trade organization that encourages manufacturers to use 802.11 technology in their wireless products. WPA is intended to bridge the gap between now and the expected release of 802.11i in late 2003 or early 2004, and the technology is forward compatible to comply with 802.11i.
Inside WPA
To secure wireless networks, WPA employs TKIP and user authentication via IEEE 802.1x and the EAP (Extensible Authentication Protocol). This combination attacks vulnerabilities from several angles and represents a significant security upgrade over WEP. Let's examine the ingredients that make WPA a must-have protocol for today's wireless networks.
TKIP. Originally known as WEP2, TKIP enhances the original structure of WEP, improving some of that protocol's technologies and adding some of its own. WEP's 24-bit IV is replaced with a 48-bit IV, thereby boosting security by increasing the number of potential shared keys. Also, the key size in TKIP is 128 bits (a substantial upgrade over today's commonly used 40-bit keys), and keys are dynamically generated and distributed by the authentication server.
On small home and work networks, WPA uses a simple yet highly
secure password method that authenticates data between the access point and clients. (Diagram courtesy of Wi-Fi Alliance) | Not only does TKIP do away with WEP's sole static key, but it provides roughly 500 trillion possible keys available for use with any given data packet. Also included is an MIC (Message Integrity Check), which uses a mathematical structure to verify data between the client and server, preventing rogue access to data packets.
802.1x and EAP. Under WEP protection, the access point and wireless network cards in a network all use the same encryption key. Although it's intended to secure information flowing across the network, this scheme can become dangerous if the key isn't regularly updated, since snoopers using sniffing software could theoretically crack the encryption key in less than a day. Changing the key can lessen the security risk, but the process isn't terribly efficient because the key must be manually changed on every access point and network card.
On small networks, the process of regularly changing WEP keys is a hassle. On larger networks, this process isn't a hassle but an outright challenge, because there isn't an easy way to make network-wide key changes. WPA addresses this challenge through its inclusion of 802.1x and EAP, which combine to create a much stronger user authentication model.
This new authentication process begins when a client with a wireless network card attempts to access an access point. The access point responds to the client by opening a port intended only for EAP packets and through which the client sends identification information. Using an algorithm based on a digital certificate or another EAP-based authentication method, the access point either allows or denies access to the client based on whether the client's identity is approved. During this approval process, only EAP-based information is transferred, preventing unauthorized access through HTTP, DHCP (Dynamic Host Configuration Protocol), or other types of packets. If the client's identity is approved, the access point will grant access to other types of information.
In this model, 802.1x serves as the vehicle for EAP's authentication methods. Several authentication methods are available, and the selected method depends on several factors, including which wireless network software is used (because certain programs might support only certain authentication methods). In a sense, EAP also provides a framework for the transport of authentication, since a network still needs an actual EAP-based authentication method, whether it's based on a certificate or password architecture.
Certificate methods. Certificate authorities issue digital certificates, which let users establish and prove their identity. These certificates contain information that includes the certificate holder's public key, which verifies whether users are really who they claim to be.
Sophisticated tools like Network Stumbler include a host of configurable options geared directly for discovering unprotected wireless networks. | One EAP authentication method using certificates is EAP-TLS (Transport Layer Security), a system that assigns a digital certificate to both the client and the server. This model uses mutual authentication, in which the server authenticates the client and the client authenticates the server. This ensures both that clients are authenticated and that rogue access points can't hijack legitimate wireless sessions. Depending on the certificate size, EAP-TLS can fragment and reassemble EAP messages if necessary.
Another certificate-based method, EAP-TTLS (Tunneled TLS), also provides mutual authentication, but client authentication is "tunneled" securely within the TLS architecture using an encapsulation and decapsulation process. With EAP-TTLS, a server can authenticate a client without requiring the client to have a certificate. Another method, PEAP (Protected EAP), builds upon EAP-TTLS by using TLS to authenticate the server to the client, but it doesn't authenticate the client to the server. This allows the server to hold the certificate, and EAP-based, encapsulated authentication messages are exchanged between the client and server within TLS messages. Microsoft and Cisco offer their own versions of PEAP (conveniently called Microsoft PEAP and Cisco PEAP, respectively).
Certificate-based EAP authentication delivers effective security, but it does have some down sides. Certificates can be costly, and because methods such as EAP-TLS require certificates on all devices on the network, purchase fees can quickly mount. Depending on the network's size, administration can also be expensive, as all devices might need to have certificates or be configured to recognize certificates. Another potential problem is the authentication process itself, which can be time-consuming due to the lengthy back-and-forth information exchange to confirm or deny users.
On enterprise-level networks, WPA implements 802.1x and EAP technologies that work in tandem with an authentication server to prevent rogue access. (Diagram courtesy of Wi-Fi Alliance) | Password methods. Certificate-based authentication methods require a certificate stored on the client device, which means that if the client is stolen, the security method is stolen along with it. But password methods allow more flexibility because a stored certificate isn't necessary.
Like EAP-TLS, a password method called LEAP (Lightweight EAP) delivers mutual authentication between the client and access point. Developed by Cisco Systems, LEAP verifies usernames and passwords using a LEAP-compatible RADIUS (Remote Authentication Dial-In User Service) authentication server and dynamically generates a unique WEP session key when authentication is successful. This process directly targets the static key flaw in traditional WEP-based configuration.
Another password-based method is called SPEKE (Simple Password-authenticated Exponential Key Exchange). SPEKE trades cryptic messages between the client and server to confirm a password. When the password is confirmed, SPEKE provides a shared key for each device.
Implementing WPA
Because WPA's user authentication technology is intended for use with a RADIUS server for access control, the complete WPA protocol is overkill for most home and SOHO wireless networks. Instead, a slimmer version of WPA called WPA-PSK (Pre-Shared Key) can be used on smaller networks that need tight security but not extra hardware cost and potentially complex configuration. WPA-PSK works by using a preshared key on the access point, and each wireless client user need only enter the pre-shared key to gain entry to the access point. WPA-PSK and WPA use the same key encryption methods, and keys are automatically changed periodically.
Although WPA and the pared-down WPA-PSK are designed to fill the current wireless security gap before the 802.11i standard arrives, they're not
necessarily quick fixes. Whether you can use these new technologies on your wireless network depends on the structure of your hardware and software environment, and if it's not up to par with WPA's requirements, you might need to do some upgrading.
If you already have wireless hardware, the first step is to see if the devices are WPA compatible. Start with your access point or wireless router and work down to your wireless network adapters. Recent hardware might mention WPA in its documentation, but if you can't find any evidence of WPA in the manual, check the manufacturer's Web site. In general, many older wireless hardware devices don't include WPA support, while several new devices do—particularly 802.11g-based products.
Don't fret if your hardware didn't ship with WPA compatibility, because it's possible the manufacturer‘s Web site now offers a firmware update as a free download. If WPA-compatible updates aren't available now for your devices, they might be available in the near future, so continue to check with the manufacturer for details.
Even if your hardware is currently compatible or compatible via a firmware upgrade, melding WPA with an existing wireless network can still be a bit difficult. Hardware compatibility doesn't necessarily mean that the hardware knows how to run WPA—it means it can run it. You'll probably still need what's called a "supplicant," a software program that tells a wireless adapter how to run WPA. Some hardware manufacturers include, or have plans to include, a supplicant with their wireless adapters. If your hardware doesn't include a supplicant and needs one to run WPA, you have a few options.
If you use Windows XP with Service Pack 1 or later, you can download Microsoft's WPA update from support.microsoft.com/?kbid=815485. This update installs a WPA client within WinXP. Unfortunately, WinXP is the only Windows version that directly supports WPA via a Microsoft patch. If you use an earlier Windows version (such as Windows 98/Me/2000), you can use Funk Software's Odyssey client (about $50 per client after a 30-day trial, www.funk.com) or Meetinghouse Data Communications' AEGIS client ($39.99 per client after a 15-day trial, www.mtghouse.com). These third-party clients also work with WinXP and feature quantity pricing discounts.
When your WPA hardware and software bases are covered, configure the devices according the instructions included with the hardware and supplicant. You'll find that WPA configuration isn't much more difficult than configuring other types of wireless security. 
By Christian Perry
|
Email This
Print This
It's no secret to most of us that wireless networks are insecure. Crackers and other snoops can easily pilfer unprotected networks, and even more alarming is their ability to tear through security methods considered relatively unbreakable just a few years ago. But a recently released security protocol seeks to erase past security flaws and shore up wireless networks of all sizes. 
