Professional Documents
Culture Documents
(IJECET)
Volume 6, Issue 9, Sep 2015, pp. 65-74, Article ID: IJECET_06_09_008
Available online at
http://www.iaeme.com/IJECETissues.asp?JType=IJECET&VType=6&IType=9
ISSN Print: 0976-6464 and ISSN Online: 0976-6472
IAEME Publication
http://www.iaeme.com/IJECET/index.asp
65
editor@iaeme.com
Cite this Article: Modesta. E. Ezema, Chidera .C. Ezema and Asumpta Uju
Ezugwu. The Importance of Cryptography Standard In Wireless Local Area
Networking, International Journal of Electronics and Communication
Engineering & Technology, 6(9), 2015, pp. 65-74.
http://www.iaeme.com/IJECET/issues.asp?JType=IJECET&VType=6&IType=
9
1. INTRODUCTION
As the Internet and the World Wide Web have exploded into our culture and are
replacing other media forms for people to find news, weather news, sports, recipes,
and a million other things, the new struggle is not only for time on the computer at
home, but for time on the Internet connection. The hardware and software vendors
have come forth with a variety of solutions allowing home users to share one Internet
connection among two or more computers. They all have one thing in common
though- the computers must somehow be networked.[1] To connect your computers
together has traditionally involved having some physical medium running between
them. It could be phone, wire, coaxial cable or the ubiquitous CAT5 cable. Recently
hardware has been introduced that even lets home users network computers through
the electrical wiring. But, one of the easiest ways to network computers throughout
your home is to use wireless technology. It is a fairly simple setup. The Internet
Service Provider comes in from of your provider and is connected to a wireless access
point or router which broadcasts the signal. You connect wireless antenna network
cards to your computers to receive that signal and talk back to the wireless access
point. The problem with having the signal broadcast is that it is difficult to contain
where that signal may travel. [2] The great flexibility of Transmission Control
Protocol/Internet Protocol (TCP/IP) has led to its worldwide acceptance as the basic
Internet and intranet communications protocol. At the same time, the fact that
Transmission Control Protocol/Internet Protocol (TCP/IP) allows information to pass
through intermediate computers makes it possible for a third party to interfere with
communications in the following ways:
Eavesdropping. Information remains intact, but its privacy is compromised. For
example, someone could learn your credit card number, record a sensitive
conversation, or intercept classified information.
Tampering. Information in transit is changed or replaced and then sent on to the
recipient. For example, someone could alter an order for goods or change a person's
resume.
Impersonation. Information passes to a person who poses as the intended recipient.
Impersonation can take two forms:
Spoofing. A person can pretend to be someone else. For example, a person can
pretend to have the email address jdoe@example.net, or a computer can identify
itself as a site called www.example.net when it is not. This type of impersonation is
known as spoofing.
Misrepresentation. A person or organization can misrepresent itself. For example,
suppose the site www.example.net pretends to be a furniture store when it is really
just a site that takes credit-card payments but never sends any goods.
Denial of Service: In this kind of attack, the intruder floods the network with either
valid or invalid messages affecting the availability of the network resources.
http://www.iaeme.com/IJECET/index.asp
66
editor@iaeme.com
Evil Twin attack: The installation of an extra wireless access point posing as a
legitimate organisation-owned access point. If legitimate clients attempt to associate
with the rogue access point, the malicious user could steal or capture any
authentication credentials utilized.
Due to the nature of the radio transmission, the WLAN are very vulnerable against
denial of service attacks. The relatively low bit rates of WLAN can easily be
overwhelmed and leave them open to denial of service attacks [3]. By using a
powerful enough transceiver, radio interference can easily be generated that would
enable WLAN to communicate using radio path. Normally, users of the many
cooperating computers that make up the Internet or other networks do not monitor or
interfere with the network traffic that continuously passes through their machines.
However, many sensitive personal and business communications over the Internet
require precautions that address the threats listed above. Fortunately, a set of wellestablished techniques and standards known as public-key cryptography make it
relatively easy to take such precautions. Cryptographic technique is a promising way
to protect our files against unauthorized access. Nowadays people have developed so
many useful cryptographic algorithms, from old DES (Data Encryption Standard) to
recent IDEA (International Data Encryption Algorithm), AES (Advanced Encryption
Standard) and etc. Some user-level tools (e.g. crypt program) based on these strong
and speedy algorithms have come out to help users do the encryption and decryption
routines, but they are not so convenient, not well integrated with the whole system
and sometimes may be vulnerable to non-crypto analytic system level
Dependability
Availability
Reliability
Safety
Security
A narrower definition of security is the possibility for a system to protect objects with
respect to confidentiality, authentication, integrity and non-repudiation.
Confidentiality: Transforming data such that only authorized parties can decode it.
Authentication: Proving or disproving someones or somethings claimed identity.
http://www.iaeme.com/IJECET/index.asp
67
editor@iaeme.com
http://www.iaeme.com/IJECET/index.asp
68
editor@iaeme.com
4.1. Infrastructure
[5] In the case of wireless networking in Infrastructure mode you are connecting your
devices using a central device, namely a wireless access point. To join the WLAN, the
AP and all wireless clients must be configured to use the same SSID. The AP is then
cabled to the wired network to allow wireless clients access to, for example, Internet
connections or printers. It is also referred to as a hosted or managed wireless
network it consists of one or more access points (known as gateways or wireless
routers) being connected to an existed network. Additional APs can be added to the
WLAN to increase the reach of the infrastructure and support any number of wireless
clients. In this case, infrastructure refers to switches, routers, firewalls, and access
points (APs). Infrastructure mode wireless networking is the mode that you most
often encounter in your work as a networking professional supporting networks for
clients or in a corporate environment.
4.2. Ad-Hoc
Also referred to as an unmanaged or peer to peer wireless network it consists of
each device connecting directly to each other. This will allow someone sitting outside
in the garden with a laptop to communicate with his desktop computer in the house
and access the Internet, for example.
http://www.iaeme.com/IJECET/index.asp
69
editor@iaeme.com
[6] Ad hoc networks are by definition temporary; they cease to exist when
members disconnect from them, or when the computer from which the network was
established moves beyond the 30-foot effective range of the others. You can share an
Internet connection through an ad hoc network, but keep in mind that the Internet
connection is then available to anyone logging on to a computer that is connected to
the network, and thus is likely not very secure.
http://www.iaeme.com/IJECET/index.asp
70
editor@iaeme.com
http://www.iaeme.com/IJECET/index.asp
71
editor@iaeme.com
have access . This is a good means of security when also used with a packet
encryption method. However, keep in mind that MAC addresses can be spoofed. This
type of security is usually used as a means of authentication, in conjunction with
something like WEP for encryption. Below is a basic image demonstrating the MAC
Address Filtering process: In a local area network (LAN) or other network, the MAC
(Media Access Control) address is your computer's unique hardware number. (On
an Ethernet LAN, it's the same as your Ethernet address.) When you're connected to
the Internet from your computer (or host as the Internet protocol thinks of it), a
correspondence table relates your IP address to your computer's physical (MAC)
address on the LAN
http://www.iaeme.com/IJECET/index.asp
72
editor@iaeme.com
For a clearer understanding of the VPN link method, see fig 8 below.
There are various levels of VPN technology, some of which are expensive and
include both hardware and software. Microsoft does however provide us with a basic
VPN technology commonly used in small to medium enterprise networks Windows 2000 Advanced Server and Windows Server 2003. These are more than
capable of handling your wireless VPN requirements.
5.8. 802.1X
[12] Today WLANs are maturing and producing security innovations and standards
that will be used across all networking mediums for years to come. They have learned
to harness flexibility, creating solutions that can be quickly modified if weaknesses
are found. An example of this is the addition of 802.1x authentication to the WLAN
security toolbox. It has provided a method to protect the network behind the access
point from intruders as well as provide for dynamic keys and strengthen WLAN
encryption. With 802.1X the authentication stage is done via a RADIUS server (IAS
on Windows Server 2003) where the user credentials are checked against the server.
When a user first attempts to connect to the network they are asked to enter their
username and password. These are checked with the RADIUS server and access is
granted accordingly. Every user has a unique key that is changed regularly to allow
for better security. Hackers can crack codes but it does take time, and with a new code
being generated automatically every few minutes, by the time the hacker cracks the
code it would have expired. 802.1X is essentially a simplified standard for passing
EAP (Extensible Authentication Protocol) over a wireless (or wired) network. See
Fig 9 below the 802.1X process.
Figure 9 the802.1X
The wireless client (laptop) is known as the Supplicant. The Access Point is
known as the Authenticator and the RADIUS server is known as the Authentication
server.
73
editor@iaeme.com
7. CONCLUSION
The diligent management of network security is essential to the operation of
networks, regardless of whether they have segments or not. It is important to note that
absolute security is an abstract concept it does not exist anywhere. All networks are
vulnerable to insider or outsider attacks, and eavesdropping. No one wants to risk
having the data exposed to the casual observer or open malicious mischief. wireless
networking , steps can and should always be taken to preserve network security and
integrity.
We have said that any secure network will have vulnerabilities that an adversary
could exploit. This is especially true for wireless ad-hoc networks. The various
method of wireless networking security discussed can help to greatly reduce the
vulnerability in wireless networks.
REFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
http://netsecurity.about.com/od/hackertools/a/aa072004b.htm
https://developer.mozilla.org/en/docs/Introduction_to_Public-Key_Cryptography
http://www.ksys.info/wlan_security_issues.htm
http://www.acm.org/crossroads/xrds2-4/intrus.html
http://www.dummies.com/how-to/content/wireless-networking-infrastructuremode.html
https://technet.microsoft.com/en-us/magazine/dd296746.aspx
http://kb.netgear.com/app/answers/detail/a_id/1141/~/what-is-wep-wirelessencryption%3F
http://compnetworking.about.com/cs/wirelesssecurity/g/bldef_wep.htm
http://compnetworking.about.com/cs/wirelesssecurity/g/bldef_wpa.htm
http://www.wikihow.com/Find-the-MAC-Address-of-Your-Computer
http://compnetworking.about.com/cs/wireless/g/bldef_ssid.htm
http://www.computerworld.com/article/2581074/mobile-wireless/how-802-1xauthentication-works.html
Sachin R. Sonawane, Sandeep Vanjale and Dr. P. B. Mane. A Survey on Evil
Twin Detection Methods for Wireless Local Area Network, International journal
of Computer Engineering & Technology , 4(2), 2013, pp. 493-499.
http://www.iaeme.com/IJECET/index.asp
74
editor@iaeme.com