As the two previous sections have indicated, there are ways to use additional security tools and approaches to remedy known deficiencies in Wi-Fi. But apparently, those individuals who help develop new networking standards (in this case, various task and working groups in the IEEE 802 family of networking standards) are working to address Wi-Fi's weaknesses more directly. In fact, there are two major efforts underway to address wireless security issues: 802.1x and 802.11i.
802.1x was adopted in 2001 to remedy WEP's inability to provide either authentication or confidentiality. (This latter term is often used interchangeably with privacy.) To solve user authentication issues, and to perform user authentication before network access can occur, 802.1x supports the per-port user authentication concept.
In fact, 802.1x works with standard authentication protocols such as EAP (Extensible Authentication Protocol) for both wired and wireless LAN media. It also works with various authentication methods, including token or smart cards, Kerberos, certificates, and public key authentication (Kerberos is one such implementation).
When an unauthenticated client requests access to an authenticator (an 802.11 access point, for example), the access point can respond by enabling one of its physical ports to pass only EAP packets from the client to an authentication server located elsewhere (usually, on the wired portion of a network). This blocks all other traffic, including DHCP and ARP broadcasts, and Web (HTTP) and e-mail (POP or SMTP) packets, until the access point can verify client identity. Such verification usually involves an authentication server like RADIUS. Only after the client is authenticated does the access point permit the client port to pass other kinds of network traffic (hence the notion of per-port authentication).
The 802.1x protocol delivers effective authentication no matter what kind of keys or encryption are used. Most WLAN vendors offer proprietary implementations of dynamic key management delivered using 802.1x protocols. This allows the authentication server to deliver a session key to the access point when authentication completes and other protocols are allowed to transit the user's physical port. This allows the access point to build, sign, and encrypt an EAP or other secure protocol key message, which the client uses to define encryption keys. (This solves the key exchange and key management problems that WEP failed to address without requiring IVs.) This allows clients to change keys automatically as needed (every 10,000 packets is a typical default) to minimize cracking opportunities for eavesdroppers and to eliminate eventual key duplication.
Please note that 802.1x doesn't provide authentication mechanisms; it simply supports use of other such mechanisms. When using 802.1x, authentication is handled by identifying a specific EAP type, such as TLS or TTLS (Tunneled Transport Layer Security). The software that supports an EAP type lives on the authentication server and on the client, either within the operating system or in some particular application. This means EAP authentication types can change as newer types are defined, or as requirements for security alter, without requiring upgrades to the access point itself (it uses third-party services instead).
The 802.11i Task Group is working to adapt how 802.1x is used to become part of the 802.11 wireless networking standards. The group is developing a draft supplement for 802.11 that should become part of the standards family in the relatively near future. It includes both interim and longer-term encryption fixes to solve existing WEP problems or deficiencies.
In the short term, 802.11i proposes the use of a TKIP (Temporal Key Integrity Protocol), formerly known as WEP2, to fix the key reuse problem that the 24-bit IV forced on original WEP implementations. TKIP uses a time-sensitive (temporal) 128-bit key that clients share with an access point. This key is combined with the client's MAC address and a 128-bit IV to create the key used to encrypt the data. The approach ensures that each client uses a different key stream to encrypt its data, while the larger key size avoids key reuse (the temporal key times out before reuse can occur). This approach allows WEP-based access points and wireless interfaces to upgrade to TKIP using firmware upgrades. TKIP is also backward compatible, in that WEP-only equipment can interoperate with TKIP-enabled devices that use WEP to step down to the older approach.
Longer term, it appears likely that 802.11i will use the AES (Advanced Encryption Standard) protocol, chosen by the U.S. government's NIST (National Institutes of Standards and Technology) to replace the older, less powerful DES (Data Encryption Standard). AES is a FIPS (Federal Information Processing Standard) described in FIPS Publication 197; it defines an encryption algorithm for U.S. government use specifically to protect sensitive unclassified data.
That said, AES is a bit of a question mark because it requires a hardware coprocessor to operate. This will require that existing access points and network interfaces be replaced (because they do not currently include such hardware). Most experts don't expect this hardware changeover to occur until AES becomes part of the 802.11 standards. At that point, organizations can review their security requirements to determine whether they argue for or against upgrading existing equipment and networks.
|
Printable version
