Wireless Security
Guide on New Trends
Ysabel C. Bravo
Department of Computer Science
Montclair State University
Montclair, New Jersey
Email:
Introduction
Wireless communication has developed enormously over the last past years allowing instant and fast communication from point to point(s). It has been adopted by businesses and professional users who depend on “up to the minute information” to conduct daily business activities. The evolution and great demand of wireless communication permitted end users to afford and utilize this emerging technology. Both groups due to the sensitive content of data being transmitted over this media are concerned of its reliability and security.
This document attempts to describe the available standards for encryption in wireless communication; define the technologies and protocols used in today’s wireless communication.
This document attempts to provide a new wireless user with enough information on deciding and implementing the use of wireless access. Due to rapid changes of our society, it seems that wireless communication is on higher demand. Raising the questions: What, How, Where wireless communication works? And most importantly, how secure is this medium? how is encryption for wireless communication implemented, its current effects, performance, strength and limitations of available encryption methods?
Wireless Security Requirements
Security for wireless communication became an emergency topic to discuss and plan for a solution with the report of data loss and identity theft. Both topics go hand in hand. A wireless user want to keep the information transmitted and received over this new fascinating and modern medium consistent, integral and especially private. Information and data value is dependant of the user perspective. It is clearly presented that all data transmissions need not to be secret or protected the same way.
Any secure mobile solution must follow this functionality to give the sender and receiver of data a better sense and understanding of the wireless security requirement.
Authentication - Once the wireless connection is established, the first and immediate security need is to authenticate the user. We have available different authentication protocols. The authentication process must have the following categories:
§ Something you know (i.e. user name and password/pin)
§ Something you are (i.e. finger prints)
§ Something you have (i.e. smart card/employee ID card)
To make sure this approach is successful, the user have to keep password secret even though users have the tendency to choose passwords easy to remember, these passwords should never be at display and should at least contain a combination of letters, numbers and special characters.
Encryption – The second requirement to keep wireless communication secure is the encryption algorithm used. No encryption will allow for any transmission of data to be done in clear meaning that an interceptor or intruder can read such data with no problem. This is the requirement that make the communication secure if implemented.
Secret key (Symmetric) and Public key (Asymmetric) are the most widely used authentication protocols today. The difference between secret key and public key is that the number of keys used for the process.
Secret key uses one key to encrypt and decrypt the message. Leading to the problem of distributing key to two users who have not met or who are very distant. Also, adding the factor of trustworthiness between them.
Public key solves this problem by allowing the use of two keys (public and secret) so that encryption and decryption could be separated. Many users can encrypt messages that only one user can decrypt using secret key.
Secret Key / Public KeySpeed / Fast / Slow
Key Used / One / Two
Table 1- Secret and Public Key compared.
There are some solutions that could help a user establish a better communication method, if there is none in place.
§ Unencrypted solutions: The user can opt for MAC registration. This would verify that the card used to establish communication. This would not verify the user. Also, the implementation of firewalls using HTTP, HTTPs. These solutions do not provide encryption but they provide more secure communication equipment wise.
§ Encrypted solutions: The use of WEP (Wire Equivalence Privacy). This was not intended for security and encryption. It was only for casual eavesdropping or unauthorized data modification. WEP has been found to be a faulty algorithm allowing for key reusability. It uses RC4 40 bit stream cipher to encrypt. This is an alternative to no security implementation. Recommended encryption is 128 bit, the use of AES (Advanced Encryption Standard) and PKI (public Key Infrastructure).
Access and Accountability – the accountability of a system is the last requirement needed to be implemented to make the communication secure. Only authorized user should be allow to access data and/or information once the two above mention have been satisfied. Tracking or logging use of services is another way to keep a clear view of possible unauthorized intrusions to a wireless medium. Accounting and accessibility to ensuring the principals of Confidentiality: protecting information from unauthorized users; Integrity: protecting information from modification; and Availability: making system ready when is needed.
Know Wireless Security Risks
The attacks for wireless communications have increased because security measures were not in place or implemented due to either lack of knowledge or overwhelming wireless communication demand. Many of the securities weaknesses are created by the user itself as a result of lack of knowledge and/or disregard for security. A few of these attacks are listed below:
Insertion Attacks are based on unauthorized wireless devices crating connection to a network without going through the security process explain above. An attacker can establish a handshake with an access point that have not been configure with a password request for every attempt to access the network.
Rogue Access Points are not secure if no security measure has been implemented. A simple solution is to register your MAC address to the network. Another solution is to use IDS (Intrusion Detection System to detect any unauthorized activity and manage your network. The home user who has deployed capabilities to access the network wirelessly might not be aware of that he/she has created a Rogue Access Point vulnerable to this attack. If so, anyone can read your traffic and access your network.
Chatty Laptops vulnerability rely on the fact that once a laptop or wireless device is turned on it looks for an access point to talk to. This is done automatically unless configured otherwise. Such devices have no brains. They do what they are designed to do. A solution is to configure these devices. Each vendor has configurations guidelines a user can apply to the network and make it more secure.
Misconfiguration and Ignoring Standards remains as a high risk for wireless communications. Ignoring standards make your information vulnerable as if you leave the door of a bank open with a sign reading “Come in, take anything you want.”
Jamming is apply to a wireless network by denial of service attacks where overwhelming amount of traffic blocks transmission frequencies and does not allow information to be received by clients. This attack can arrive without notice through an access point. The device is flooded with false packets. Duplicating IP and MAC addresses can create disturbance of the system.
Recommended Wireless Protocol
The use of an adequate wireless protocol will make a network less susceptible to attacks.
WAP (Wireless Application Protocol) is increasing amount businesses and end users. WAP has many capabilities to offer and establish a better wireless communication.
§ Developed to implement a standard for communication between wireless devices and the Internet.
§ Improve productivity, service, installation speed, cost.
§ WAP capabilities coexist with Bluetooth and WLANs
§ Currently allows authentication, privacy and secure connections; non-repudiation and integrity checks.
§ WAP provides PKI services via supporting services.
Wired Equivalent Privacy (WEP) is based on the RC4 algorithm, which is a symmetric key stream cipher. The encryption keys must match on both the client and the access point. The Wi-Fi Alliance members have been about the vulnerabilities of WEP.
Wi-Fi Protected Access (WPA) is a specification of standards-based, interoperable security enhancements that strongly increase the level of data protection and access control for existing and future wireless LAN systems.
§ Derived from the upcoming IEEE 802.11i standard.
§ It is forward-compatible.
§ Provide wireless LAN users with a high level of assurance that their data will remain protected and that only authorized network users can access the network.
§ Designed to meet these different requirements by running in two different modes – enterprise and home mode.
§ Encryption process uses the Temporal Key Integrity Protocol (TKIP).
§ TKIP then regularly changes and rotates the encryption keys so that the same encryption key is never used twice.
§ “Our network now supports the IEEE 802.1x security standard with WiFi Protected Access (WPA). This provides robust encryption of data transfer over the air between devices connected via WPA”.
o Quote from www.t-mobile.com
Security requirements vary depending on the amount of network traffic and the level of secrecy required for the information being exchanged and the applications being used.
WLAN Standards
Available Software and Tools to Protect your Network
Commonly known as hacking tools, I found this information useful for any user who wants to try and experiment with the capabilities of your wireless network. These software is freeware and available for download. Use them and you will find a vast number of information regarding yours and others’ networks.
Tool / Website / DescriptionKismet / www.kismetwireless.net / Wireless sniffer and monitor network traffic
SMAC / www.klcconsulting.net/smac / MAC modification tool
NetStumbler / www.netstumbler.com / Access point identifier
Ethereal / www.ethereal.com / Observe wireless traffic
Table 3 – Freeware Hacker’s Tools.
Implementation – Detecting Access Points
To implement accessing access points that are vulnerable to attack I used a freeware version of software called NetStumbler. This software allowed me to identified access points and listens to SSIDs and identifies MAC addresses, connections speeds.
What can this software do for you?
§ NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
§ Verify that your network is set up the way you intended.
§ Find locations with poor coverage in your WLAN.
§ Detect other networks that might be causing interferencewith your network.
§ Detect unauthorized "rogue" access points in your workplace.
§ Helpaim directional antennas for long-haul WLAN links.
§ Use it recreationally for WarDriving.
I chose NetStumbler because it was the easiest to install and gave me immediate results once I turned on my system. Other software have more detailed information but this help me produce a few screen I want to share with you.
Figure 1- NetStumbler – For my first attempt. (No wireless adapter detected) Check website for a list of adapters compatible with this software. My first attempt was not successful.
Figure 2 – Sample Results provided at website. Use this as a comparison screen one you get NetStumbler up and running.
Figure 3 – Actual Results at MSU computer Science Building. You can see there were two channels identified. One of them was located at RI-36W. Notice that you also have the MAC address on display. These two SSIDs did not show signs of encryption applied.
Conclusion
Wireless Network show challenges for the compatibility and security. There must be a conscientious decision on how and when to deploy a wireless network. More information and education is needed to establish and implement these networks.
The combination of available technologies, encryption methods and education of user would in short time give us a better understanding of our networks and a sense of peace for information and privacy. When a company’s network is exposed because of insecure devices it represents loss of data, investments and trust from clients. This impacts the company’s reputation. When the exposure is a home network the loss it represents may not be compared to a company’s loss but as stated before the value of information kept for a user can only be estimated by the user only. We have identity theft as a major crime. This represents the user’s only thing to keep private.
This document intended to provide necessary tools and guidance for the implementation of better wireless networks. It describes the basic requirement for a wireless security as well as the available protocols. More information and demos are available on my website.
References and Resources
§ Wireless Security – Models, Threats and Solutions, Randal Nichols, McGraw Hill Telecom 2002
§ Internet Security Handbook, Williams Stallings, IDG Books, 1995
§ Web Security and Commerce, Simson Garfinkle, O;Reilly, 1997
§ Connection magazine, Fall 2004
§ RED Herring circular, Nov 2004
§ Security of WEP algorithm
o www.isaac.cs.berkerley.edu/isaac/wep-faq.html
§ Security Vulnerabilities
o www.cs.umd.edu/`waa/wireless.html
§ Wireless World
o www.microsoft.com
§ CSAM – Through MSU Library subscription
o www.montclair.edu/library
§ The Internet
o www.google.com