Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
2Activity
0 of .
Results for:
No results containing your search query
P. 1
Issues in WiFi Networks

Issues in WiFi Networks

Ratings: (0)|Views: 147|Likes:
The paper has four sections. First section is intro in WiFi technology and terminology. The second section shows the security architectures and algorithms used in WiFi networks. Both important mechnisms: encryption/decryption as well as authentication is analyzed within simple IEEE 802.11 aproach in section three and four. The architectures such as WPA or WPA2 are not subject of this paper.
The paper has four sections. First section is intro in WiFi technology and terminology. The second section shows the security architectures and algorithms used in WiFi networks. Both important mechnisms: encryption/decryption as well as authentication is analyzed within simple IEEE 802.11 aproach in section three and four. The architectures such as WPA or WPA2 are not subject of this paper.

More info:

Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

01/27/2013

pdf

text

original

 
Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009
 
ISSN 2067
 – 
4074
Page 3
Issues in WiFi Networks
Nicolae TOMAI
Faculty of Economic InformaticsDepartment of IT&C TechnologiesBabes Bolyai Cluj-Napoca University, Romaniatomai@econ.ubbcluj.ro
 Abstract 
The paper has four sections. First section is intro in WiFi technology and terminology. The secondsection shows the security architectures and algorithms used in WiFi networks. Both important mechnisms:encryption/decryption as well as authentication is analyzed within simple IEEE 802.11 aproach in section threeand four. The architectures such as WPA or WPA2 are not subject of this paper.
Key-Words 
m-application security, WiFi, IEEE 802.11, WEP.
1. WiFi Introduction
The WiFi is common name for wireless local area networks technology compling withIEEE 802.11 standards and owned by WiFi Alliance. The WiFi Alliance promotesstandards with the aim of improving the interoperability of wireless local area networkproducts based on the IEEE 802.11 standards. The Wi-Fi Alliance is a consortium of separate and independent companies and it agrees on a set of common interoperableproducts based on the family of IEEE 802.11 standards. The figure 1 describes theoverview architecture of a WiFi LAN.Fig. 1 Overview of a WiFi LANA WiFI LAN consists from these components:
 
The end-user device with IEEE 802.11 board
radio network interfacecards - NICs
it could be PDA, smart-phone or laptop;
 
BS/AP
Base Station or Access Point
a device with antenna wich sendand receive radio packets over wireless environment from the end-userdevices;
 
Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009
 
ISSN 2067
 – 
4074
Page 4
 
BSS
Basic Service Set
is the cell coverage formed by radio antenna of the Access Point device;
 
DS
Distribution System
is the items that provide Internet to the APs. Itis possible to have in the office or home an Intranet without having adistribution system. There is only one AP and all devices communicate andinterconnect each other like through a network router.
 
ESS
Extended Service Set
contains all the BSSs, APs and Dss from anWiFi LAN and it is seen as a single IEEE 802.11 layer to all the upper layerfrom OSI Network Model.An IEEE 802.11 local area network is based on a cellular architecture. Each cell - BSS -Basic Service Set is controlled by a BS - Base Station
called also AP
Access Point.Most of the installations of an IEEE 802.11 LAN are formed from one or more cells andtheir respective access points. The access points can be connected with Ethernet or insome cases wireless itself in order to provide a DS - Distribution System.
2. WiFi Authentication Mechanisms
In order to supervise a Wireless LAN it is better to use an 802.11 packet analyzer suchas OmniPeek or nGenius Sniffer Wireless. The understanding of different 802.11 frametypes is a basis for deciphering what the network is or isn't doing. The 802.11 standardprovides various frame types that, stations
NICs and access points. Each frame has acontrol field that shows the 802.11 protocol version, frame type, and various indicators
 WEP is on/off, power management is active, and so on. In addition all frames containMAC addresses of the source and destination station including access point; a framesequence number; frame body and frame check sequence for error detection.The 802.11 data frames contain protocols rules and data from the higher layers withinthe frame body. A data frame, for instance, could be carrying the XML code from a Webpage (complete with TCP/IP headers) that the user is viewing. Other frames that stationsuse for management and control carry specific information regarding the wireless link inthe frame body. For instance, a beacon's frame body contains the service set identifier(SSID), timestamp, and other pertinent information regarding the access point.For more details regarding 802.11 frame structure and usage, 802.11 standards are agood start. The standards for WiFi are free for download from the 802.11 Working GroupWeb site [WIMT08].For protecting data in WiFi LAN, there are many developed security architectures such asones from figure 2:
 
Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009
 
ISSN 2067
 – 
4074
Page 5
 AuthenticationTypeDisableWEPWPAWPA2
Open System AuthShared Key AuthPSK 
 –
Pre-SharedKeyEAP
 –
Extensible Authentication
 Protocol
PSK 
 –
Pre-SharedKeyEAP
 –
Extensible Authentication
 Protocol
Fig. 2 Wireless LAN authentication typeTable 1 presents the security architectures from figure 2 with various features includingthe algorithms and techniques that are used:Table 1 WiFI Security ArchitecturesSecurityArchitectureIEEE 802.11 WPA IEEE 802.1x orIEEE 802.11i-WPA2AuthenticationProtocolWEP
OpenSystem orShared KeyPSK or EAP PSK or EAPwith CCMPEncryption method RC4 TKIP-RC4 or AES TKIP-RC4 orAESThe Length of thekey40 bits 128 bits forencryption64 bits forauthentication128 bitsThe length of theInitialization Vector(IV)24 bits 48 bits 48 bitsKey Management NONE IEEE 802.1x/EAP IEEE802.1x/EAPThe key per packet Theconcatenationof the IVThe Mixing of thefunctionNONEData Integrity CRC-32 Michael CCMThe encryption, authentication and confidentiality in WiFi networks are ensured usingone of the following security archtectures: WEP, WPA or WPA2.The WEP
Wired Equivalency Policy consists into three main parts: WEPencryption/decryption, WEP authentication and WEP Integrity. WEP Integrity is ensuredusing CRC-32 algorithm. WEP Authentication use Shared Key and WEP Encryption uses acrypto scheme based on RC4 algorithm. WPA and WPA2 are similar with WEP but a littlemore complicated.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->