Key to Wi-Fi security

About InfoWorld : Advertise : Subscribe : Contact Us : Awards : Events : Store

PRODUCT REVIEWS GUIDE

REVIEWS

ANALYSES

SPECIAL REPORTS

TEST CENTER

Key to Wi-Fi security

By Glenn Fleishman
January 10, 2003

CONVENTIONAL WISDOM says wireless LAN access to an enterprise adds enormous risk because the broken security model at the heart of Wi-Fi networking allows crackers to break encryption, snoop traffic, insert packets, and associate at will. WLAN access points must be outside the firewall, with VPN connections tunneling through. No exceptions.

ADVERTISEMENT

<a href="http://ad.doubleclick.net/jump/idg.us.info.testcenter/article;abr=!ie;pos=skyscraper;pkey=security;skey=;paud=;saud=;sz=160x600;tile=2;ord=170815250708?"> <img src="http://ad.doubleclick.net/ad/idg.us.info.testcenter/article;abr=!ie;pos=skyscraper;pkey=security;skey=;paud=;saud=;sz=160x600;tile=2;ord=170815250708?" border="0"> </a>

Free IT resource

Virtualization Insights from Top Experts - Learn how virtualization gets real!

TOP NEWS

IT SOLUTION SEARCH

Enter the Wi-Fi Alliance, with members that include Microsoft, Intel, Cisco, and Apple. Seeking to quell consumer and enterprise concerns about Wi-Fi security holes, the group has essentially lifted the construction engineer's drawings for the work-in-progress IEEE 802.11i security draft and started to pour and smooth the macadam that leads to the golden city on the hill: full 802.11i completion and ratification. This ad hoc engineering project comes with member approval; the move isn't as radical as it seems.

The alliance's new WPA (Wi-Fi Protected Access) standard uses most of the current 802.11i draft to repair problems in WEP (Wired Equivalent Privacy), the first line of defense for Wi-Fi networks. WEP's goal was to encrypt packets in transit at the data link layer to deter unauthorized network access.

WEP failed in its attempt, however, through several cryptographic flaws that resulted in rapid key reuse. These flaws leave the link layer unprotected by Wi-Fi, and thus banished it outside the firewall where protection is provided at higher network layers by VPN, SSH, or other tunneled encryption methods.

WPA solves the problem by abandoning WEP in favor of 802.11i's vastly improved TKIP (Temporal Key Integrity Protocol). WPA ensures that TKIP keys vary for each packet through key mixing. WPA also increases part of the keyspace and adds encrypted packet integrity to reject inserted packets. Current Wi-Fi puts weak integrity outside the encrypted payload.

WPA includes full support for server-based authentication using the 802.1x protocol and EAP (Extensible Authentication Protocol), both part of the interim 802.11i draft.

802.1x defines the roles of a client (called the supplicant), the authentication pass-through component of an access point (the authenticator), and a back-end authentication server. EAP is a generic architecture for passing messages among parties that don't necessarily need to understand the contents; in this case, the authenticator passes through some messages and interprets others.

A wireless supplicant first associates with an access point that has an integral authenticator or a connection via a LAN to a Radius-like system. The authenticator only allows access to itself via a single port; the supplicant has no access to the rest of the network. The authenticator challenges the supplicant for credentials, which could be a digital certificate or a username and password, and passes this information to an authentication server.

If access is approved, the authenticator hands over a unique per-supplicant master key from which the supplicant's network adapter derives the TKIP key, the packet integrity key, and other cryptographic necessities. After a user has been authenticated, EAP is used to frequently refresh the master key, reducing the window of opportunity for intercepting packets for cracking. This rekeying process cleverly has perhaps more to do with the cryptographic future than the present.

Although EAP lacks a built-in encryption method -- it's merely a generic messaging method -- three overlays that embed EAP inside an encrypted tunnel have emerged to solve different parts of the problem.

An early version, EAP-TLS (Transport Layer Security), required a client-side public-key certificate to be preinstalled before the first wireless session. Although this was the method that Microsoft uses for its campuswide WLAN, EAP-TLS is complicated because an enterprise must establish a PKI.

Instead, vendors are focusing on two methods: EAP-TTLS (Tunneled TLS) and PEAP (Protected EAP), both of which build a tunnel within a tunnel. The outer tunnel is entirely anonymous, allowing a second tunneled session to begin inside it, which itself encapsulates EAP or other protocols. This approach avoids client certificates but still allows for them.

Microsoft and Cisco have backed PEAP. Although virtually identical in principle to EAP-TTLS, PEAP handles only EAP and MS-CHAP V2. Microsoft has offered PEAP clients for Windows XP and 2000 for free and plans a full Win32 rollout for Windows 98, NT 4, and Me.

Neither company representatives nor industry observers can explain the necessity for both EAP-TTLS and PEAP, the main difference between the two being the latter's lack of legacy authentication support. It's easy to assume that Microsoft and Cisco's agenda was to push enterprises to upgrade to newer authentication servers, but PEAP could wind up as widely available as EAP-TTLS.

Both EAP-TTLS and PEAP are passing through the IETF (Internet Engineering Task Force) process toward hopeful reconciliation or at least standardization. During this process, two man-in-the-middle attacks have been theorized that must be addressed before the standards can be deployed with absolute security.

One attack relies on supplicants performing authentication in the clear when asked to do so; the other attack lies in a lack of cryptographic binding between network layers, which allows a man-in-the-middle to spoof a network identity without detection.

All current support for 802.1x/EAP, tunneled or not, still relies on WEP as the link encryption method, which means that a VPN is still required for definitive link security until WPA with TKIP starts appearing in access points and clients.

As we survey the road ahead, it's clear that the arrival of WPA and eventually 802.11i will reduce the administrative burden of WLANs, integrating them with existing authentication mechanisms and making the security issue disappear.

Glenn Fleishman is author of The Wireless Networking Starter Kit. Contact him at glenn@glennf.com.

	Wi-Fi poised for enterprise integration This could be the year that the Wi-Fi industry offers the kind of enterprise-level security that would allow wireless LANs to be fully incorporated into the corporate network. However, that promise rests on a number of moving targets, any one of which could set the industry back at least a year. The Wi-Fi Alliance's decision to take a snapshot of the ongoing work of IEEE 802.11i committee's work on the ultimate standard carries inherent risk. The Alliance promises to begin interoperability testing in February but some vendors say that's not soon enough. "There is a huge need now and we have our own keycard algorithm that works well," said Yangmin Shen, director of technical marketing at Symbol Technologies in San Jose, Calif. Symbol is one of many companies anxious to put customers' security fears to rest. And if that takes a proprietary solution, vendors don't need much prodding. "Symbol and others will offer proprietary solutions until WPA," Shen said. The trick is for corporate IT managers to be sure there is a path out of the proprietary technology, he warned. Although there is no guarantee that products after February that adhere to the WPA standard will also be compatible with the final 11i security solution -- which isn't expected until the end of 2003 at the earliest -- industry analysts say any differences can be resolved through a software or firmware upgrade. If each access point must be flashed this will be time intensive but relatively simple. If companies are waiting for a higher level of encryption, such as that offered by AES technology, they may want to stay on the fence until 11i is ratified. However, if dynamic WEP key generation, as found in TKIP, is enough, then WPA is the answer, according to Chris Kozup, senior research analyst at Meta Group. Whereas WPA security was at least in part a marketing effort by major industry players, companies may merely be paying lip service. "If vendors are looking to drive their own solution as a way to lock vendors into their own hardware, watch for them to drag their feet [in support of WPA]," Krozup said. -- Ephraim Schwartz

BOTTOM LINE
	Wi-Fi Protected Access EXECUTIVE SUMMARY Waiting for large-scale WLAN deployment or expansion until the release of WPA upgrades could forestall the expense of per-seat VPN and 802.1x client licenses and enormously increase WLAN security. VPNs could disappear as part of a local WLAN roll-out. TEST CENTER PERSPECTIVE WPA makes 802.1x ready for prime time. Two speculative man-in-the-middle attacks are mild, but should be solved prior to widespread adoption. Authentication server vendors must resolve EAP-TTLS and PEAP into one standard offering legacy authentication support where appropriate.

Wi-Fi group lays out better wireless security

West Point chooses high-end Wi-Fi security

Comdex: Toshiba to put 802.11a in notebooks by December

RELATED SUBJECTS

Security

SPONSORED WHITE PAPERS

EMC - Lower costs and improve reliability-Get the EMC CLARiiON white paper!
Ciphertrust - Are you ready for Sobig.G? Learn how to protect your email systems.
CDW - Personal attention. CDW. The Right Technology. Right Away.
EMC - Explore key performance features and capabilities of EMC ControlCenter 5.1.1.
Intel - Free Intel white paper shows you how to deploy a secure wireless LAN
Cisco - FREE WHITE PAPER: BLUEPRINT to design and implement secure VPNs
Verity, Inc. - "Mass Consolidation Hits the Web-Search Market"
McDATA - Download a FREE storage consolidation white paper from McDATA(R).
Lucent Technologies - Overcoming Common Firewall Limitations
Lucent Technologies - Leverage Your Mobile High Speed Data Access. Download Free White Paper!
Nokia - Get the scoop! Mobilizing business white papers & case studies.
BMC Software - Maximize the Potential of Enterprise Data: Free white paper!
Network Associates - Free white paper - Strategies for Optimizing Network Costs and Benefits
Entrust - Manage identities across applications. Improve productivity.
Stalker Software - CommuniGate Pro - Transform your Email and Calendaring
Remedy - A NEW Gartner Research Note:Producing Quality IT Services

Search the IDG White Paper Library: