Professional Documents
Culture Documents
Service Set Identifiers: Prevents access by any client device that does
not have the SSID.
Key Management
Temporal Key Integrity Protocol (TKIP) - dynamically changes
encryption keys for each packet.
Payload Integrity
8 Byte Message integrity code( MIC)
Calculated by algorithm called Michael
MIC includes a frame counter to prevent replay attacks
Components of WPA2
802.1X Port-Based Network Access Control for authentication
Counter Mode with CBC-MAC Protocol (CCMP) for
confidentiality, integrity and origin authentication
Temporary Key Integrity Protocol (TKIP)
IEEE 802.1X
802.1X is an IEEE standard for port-based Network Access Control for
LANs
For WLANs, it is based on the EAP, Extensible Authentication Protocol
The authentication is usually done by a third-party entity, such as a
RADIUS server
TKIP - Temporal Key Integrity Protocol
CCMP uses the counter mode (CTR) for data confidentiality and
the Cipher Block Chaining Message Authentication Code (CBC-
MAC) for data integrity.
It uses the Advanced Encryption Standard (AES) algorithm with
a 128-bit key and a 128-bit block size.
CCMP uses a 48-bit Packet Number (PN) to prevent replay
attacks and construct a fresh nonce for each packet.
Smart cards
Some other solutions
Beneficial in environments requiring authentication beyond
simple username and password
User certificate and other information are stored on the cards
VPN
Provides secure data transmission across public network
infrastructures.
Use IPsec Protocol suite for ensuring private
communications.
Biometrics
For agencies needing higher levels of security, biometrics
such as fingerprint/palm-print scanners , optical scanner can
be integrated with wireless smart cards
Advantages of WLAN:
It's easier to add or move workstations.
Easier to provide connectivity in areas that are difficult to lay cable.
Installation is quick and easy.
Disadvantages of WLAN:
When the number of computers that use the network increases,
the data transfer to the computer each will be reduced.
The low bandwidth wireless.
Long-term cost benefits can be found in the static environment.
Conclusion
The optimal security solution for WLAN involves a combination of
security technologies.
A detailed threat risk assessment and analysis is essential to determine
which security measures or combination of measures are the most
effective.
References
en.wikipedia.org/wiki/Wi-Fi_Protected_Access
en.wikipedia.org/wiki/WPA2
http://en.wikipedia.org/wiki/IEEE_802.1x
en.wikipedia.org/wiki/TKIP
http://www.networkworld.com/reviews/2004/1004wirelesstkip.html
http://tldp.org/HOWTO/html_single/8021X-HOWTO/#p8021x
www.wi-fiplanet.com/tutorials/article.php/953561
www.drizzle.com/~aboba/IEEE/