• No results found

Chapter 1 Introduction

1.6 Why 802.11 Wireless Networks?

IEEE 802.11 standard is implemented by the IEEE LAN/MAN Standards Committee to carry out wireless local area network (WLAN) communication. Its standard defines the Media Access Control (MAC) and Physical (PHY) layers of over-the-air interface between a wireless client and a base station or between two wireless clients.

Wi-Fi specifies standards for interoperability of wireless LANs enabling the proliferation of multivendor 802.11 solutions. WLAN technology is experiencing tremendous growth due to the increased bandwidth made possible by IEEE 802.11 standard. There are a number of standards that make up 802.11 with the most popular being referred to as Wi-Fi. As Wi-Fi makes solutions economical and widely available, the 802.11 is commercially known as Wi-Fi. Thus, Wi-Fi networks are becoming available in homes, small offices, private corporations and many public Hot Spots. This widespread availability is driving a de facto acceptance of Wi-Fi for WLAN.

The devices are becoming almost standard in laptops. The coverage area of Wi-Fi certified devices is generally 100 meters. However Wi-Fi CERTIFIED n devices typically have a range of up to 200 meters [130].

Due to its popularity and availability, the number of users too is growing rapidly. A variety of users are seeking Wi-Fi services for wide range of activities such as business, pleasure, get in touch, emails etc. These users include people in different professions such as business, defence, law etc who make critical decisions and require extra level of security for their wireless communications. Since the wired signals are open to anyone, they are more vulnerable to

security attacks. The existing 802.11 standard too was found to be subject to security attacks [55], [64].

The importance of providing enhanced security to the 802.11 wireless networks has motivated this research. As the solution, the use of quantum cryptography to enhance the security of 802.11 networks has been attempted. The proposed solution has been designed in such a way that it will be open to numerous future expansions. Similar approaches have been attempted to distribute secret key in wireless networks [35].

1.6.1 Security issues in WEP

The security of initial release of 802.11 is defined by Wired Equivalent Privacy (WEP). It was intended to provide confidentiality comparable to that of a traditional wired network. WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity. However WEP was identified by cryptanalysts to have severe security weaknesses [65], [68], [73]. A wireless network is more vulnerable, because anyone can try to break into a network broadcasting a signal. Some networks only offer WEP security systems which have been found to be vulnerable to intrusion. Though WEP does block some intruders, the security problems have caused some businesses to stick with wired networks until security can be improved.

WEP was found to be subject to several attacks such as Message Injection, Authentication Spoofing, Message Decryption, IV Collisions and Message Modification [68]. AirTight Networks has found an attack known as Caffe Latte attack on WEP [74]. During Caffe Latte attack, it is not necessary for the attacker to be in the area of the network using this exploit. By using a process that targets the Windows wireless stack, it is possible to obtain the WEP key from a remote client. By sending a flood of encrypted ARP (Address Resolution Protocol) requests, the assailant takes advantage of the shared key authentication and the message modification flaws in 802.11 WEP. The attacker uses the ARP responses to obtain the WEP key in less than 6 minutes.

1.6.2 The 802.11i Standard

To address security issues of WEP, in May 2001 IEEE set up a working task group called the Task Group i (TGi). The task for TGi was to create a new, secure means of authentication and privacy that would not be vulnerable to weaknesses of WEP. As a result of this, an amendment to the IEEE 802.11 standard called IEEE 802.11i [8] was approved in 2004.

IEEE 802.11i is designed to provide enhanced security in the MAC layer for 802.11 networks.

It defines two classes of security algorithms: Robust Security Network Association (RSNA) and Transition Security Network (TSN). IEEE 802.11i describes two new confidentiality algorithms to address those two cipher suites, namely Temporal Key Integrity Protocol (TKIP) and Counter-mode/CBC-MAC Protocol (CCMP) respectively [66].

TSN, also known as Pre-RSNA, provides a method to use legacy equipment that is capable of only WEP encryption and to use RSNA capabilities in a mixed environment. In order to accomplish the task of providing backward compatibility to accommodate WEP, TGi developed the RSNA data confidentiality specification known as TKIP. TKIP provides significantly improved privacy and authentication and is composed of three items: the RC4 stream cipher, the Michael MIC function and rapid key rotation. Wi-Fi Alliance, a non-profit industry association setup to promote the growth of WLANs, has named TKIP to be Wi-Fi Protected Access (WPA).

WPA provides more security to wireless networks than a WEP security set up. The use of firewalls will help with security breaches which can help to fix security problems in some wireless networks that are more vulnerable.

The CCMP data confidentiality protocol achieves confidentiality, authenticity, message integrity and reply protection in a single transform. For confidentiality, CCMP uses the AES block cipher in counter mode. For authentication and integrity, CCMP uses Cipher Block Chaining Message Authentication Code (CBC-MAC) [72]. CCMP is mandatory in RSN. IEEE 802.11i separates the authentication and encryption key management. For authentication 802.11i uses IEEE 802.1X [2] and pre-shared key. Security improvement using CCMP of IEEE 802.11i standard is also known as Wi-Fi Protected Access 2 (WPA2). WPA2 is backward compatible with WPA. RSNA defines a protocol using IEEE 802.1X EAPOL (Extensible Authentication Protocol over LAN ) Key frames called 4-Way Handshake. This handshake protocol completes the IEEE 802.1X authentication process.

Extensible Authentication Protocol (EAP), is an authentication framework providing for the transport and usage of keying material and parameters generated by EAP methods. EAP is frequently used in wireless networks and Point-to-Point connections. The encapsulation of EAP over IEEE 802 is defined in IEEE 802.1X and known as "EAP over LANs" or EAPOL.