Forwarded from: "eric wolbrom, CISSP", sa ISN-a...
Mark Joseph Edwards
October 23, 2002
What wireless security measures are on the horizon?
The current wireless networking standards use security technology
that's far less secure than it could be. For example, most wireless
network administrators are familiar with the Wired Equivalent Privacy
(WEP) protocol, which uses RC4 encryption to help protect data as it
travels over the airwaves.
However, researchers have proven that intruders can easily crack WEP.
Last year, a team of researchers published "Weakness in the Key
Scheduling Algorithm of RC4," a paper that describes a series of
vulnerabilities that make WEP vulnerable. In roughly the same time
frame that the paper was published, someone posted Perl scripts on the
Internet that helped demonstrate how vulnerabilities in WEP could be
verified. You can read about the paper and the scripts in an editorial
I wrote in August 2001.
Because of the weaknesses in WEP security, several entities are
developing stronger security technology, such as the 802.11a and
802.11b specifications, for use with wireless network technologies.
If you aren't familiar with the various 802.11x network
specifications, you can learn more about them by reading Mark Weitz's
One up-and-coming 802.11x specification, 802.11i, is still involved in
development and approval processes. The specification might be
officially released by early 2003. After it's available, 802.11i will
provide replacement technology for WEP security. Initially, 802.11i
will provide Temporal Key Integrity Protocol (TKIP) security that you
can add to existing hardware with a firmware upgrade. Upgraded units
should be backward-compatible with hardware that still uses WEP.
Sometime later, new chip-based security that uses the stronger
Advanced Encryption Standard (AES) protocol will replace TKIP, and the
new chips will probably be backward-compatible with TKIP. In effect,
TKIP is a temporary protocol for use until manufacturers implement AES
at the hardware level.
TKIP is a quick-fix method to quickly overcome the inherent weaknesses
in WEP security, especially the reuse of encryption keys. According
to "802.11 Planet," "The TKIP [security] process begins with a 128-bit
'temporal key,' [which is] shared among clients and access points.
TKIP combines the temporal key with the [client machine's] MAC address
and then adds a relatively large 16-octet initialization vector to
produce the key that will encrypt the data. This procedure ensures
that each station uses different key streams to encrypt the data. TKIP
uses RC4 to perform the encryption, which is the same as WEP. A major
difference from WEP, however, is that TKIP changes temporal keys every
10,000 packets. This provides a dynamic distribution method that
significantly enhances the security of the network."
In relation to TKIP, some companies have implemented TKIP-like
solutions called Simple Secure Networks (SSNs), which also use an
encryption key that changes periodically. One company, Symbol
Technologies, currently has SSN-based products on the market. In
addition, vendors such as Atheros Communications and Resonext
Communications are producing chips that support WEP, TKIP, and AES
security technologies, and wireless network gear vendors, such as
Nokia, are already shipping hardware that's ready for TKIP security,
waiting for the standard to be finalized.
For a more in-depth look at wireless encryption technology, especially
WEP and TKIP, be sure to read two articles from Intel. The first
article discusses encryption key management in both WEP and TKIP
protocols, and the second article discusses TKIP in considerable
Evo dodatnih linkova o TKIP protokolu: