The Types Of Wireless Security

Published Date: 02 Nov 2017

Introduction: Device which is capable of communicating with each other without any physical attachments is called wireless devices, transfer of data between these two is called wireless communication and securing these devices from unauthorized access comes under wireless security. Now, let us first understand that this wireless communication can be done via different technologies like electric field, magnetic, light, sound and the most common technology among them the electromagnetic wireless telecommunication. This communication can take place within few meters or miles of distances.

At the very starting of wireless era wireless security was not this essential. As, there was not much use of this technology but, as the increase in wireless market crackers started looking forward in this technology and then started the concept of securing wireless. This deals with securing communication between two or more individuals to provided users an uninterrupted service.

In respect of networks we have some securing policies and methods by which we can avoid damages and disturbance this include WEP, WPA, WPA2, and WPS.

TYPES OF WIRELESS SECURITY:

WEP (wired equivalent privacy): This is the very first privacy that was ratified in 1999. As its name indicates that this policy provides the same security level as in wired communication but later it was discovered that this privacy has ample number of flaws in it. WEP security is done by using stream cipher RC4 for confidentiality and CRC-32 checksum for integrity.

WEP works with the help of "initializing vector" or in short we use to call it "IV". WEP came in standard 64 bit and 128 bit. If we take for example 64bit of WEP this comes with 40 bit key and 24 bit of initializing vector which makes it 64bit standard. When a client wants to connect to an access point it send those 64bit key (including 24 bit IV) to access point the access point then matches the key and provides authentication to the client.

Vulnerability: The above communication seems pretty secured but, there are several flaws in it. Let us see it in a company environment. Several numbers of employees try to connect to that network for authentication. And over here there is high number of possibilities that a 24bit key will repeat itself after some number of attempts. The key travels in the form of plain text with 24 bit of IV now a cracker takes benefit of this situation and collects that 24bit IV. At this stage cracker gather some patterns of that 24 bit key and when he gets sufficient number of those key his job is done.

TOOLS: Popular tools which are available in the market for free are

Aircrack-ng- This is a very popular tool which recovers the key when does collect enough data packets. It uses the standard FMS attack.

WEPcrack- Also a powerful and popular tool.

After the failure of WEP a new security know as WPA came into existence.

WPA comes in two Flavors first is WPA and its enhanced version WPA2

WPA: Well know association wi-fi alliance ratified WPA security as an intermediate. This enhanced technology uses 128bit dynamically generated bit key for each and every packet and is known as temporal key integrity protocol (TKIP). And thus through this it prevents the types of attack done in WEP. In addition to this WPA also uses message integrity check which ensures that if the data is altered modified or damaged. This attribute is added to overcome cyclic redundancy check (CRC) in WEP. The biggest flaw of cyclic redundancy check was that it did not provide a strong assurance of handling of data and its privacy. There were some message authentication codes which can solve the above problem but it requires too much of computation on old network card. WPA message integrity check nick named "Michael" provides strong reliability of integrity check.

As moving forward in technology, technicians made another enhancement and discovered WPA2 which is far better advanced and secured in comparison to WPA.

WPA2: Heading one more step towards the advance security in wireless technology we come in front of WPA2. WPA2 is much better than WPA is because it does not use temporal key integrity protocol which was always a loop hole in WPA security. Instead it has an option of better algorithm known as advance AES algorithm. It is assumed that the passphrase generated by AES algorithm is unbreakable but, the only disadvantage of WPA2 is that it needs much processing power. Besides this securing, WPA2 also provides two enhancements that are PMK (pair-wise master key) and Pre-authentication. PMK supports you to reconnect to the access point without re-authenticating it whereas, pre-authentication comforts the user to authenticate with the AP to which it is moving while maintaining the connection from which it is moving away.

AES vs TKPI: TKPI basically acts as a kind of wrapper which use the older WEP algorithm and modifies it by adding some extra algorithm at the start and the end. This makes key more complicated and very difficult on cracking. The other benefit of this kind of modification is that it does not require any addition hardware or firmware work. Like WEP, TKPI uses the basic algorithm but in addition provides a unique encrypted key. The four additional algorithms that TKIP uses are first, Cryptographic message integrity check for the protection of packets second, by initial vector sequence mechanism with hashing third, per packet key mixing pattern fourth, a re-keying mechanism after 10,000.

AES is a totally different cipher system can be of 128bit or 192bit or 256bit block. Considered as, perfect way of encryption these days but, it does take very large amount of process speed and is not compatible of older slow processing devices.

WPS: (Wi-fi protected setup) In 2007 WPS came into existence. By using this type of security a user presses a button either physically or by a software administrator and enters an eight digit code at the client this process allows or acts as a source to activate a function to enter into longer WPA (wi-fi protected access). This idea made it much more secure as authentication requires a physical access. This security was going good unless some of the researcher came to this research about WPS.

In every eight digit pin number the Eight and the last number represent checksum which is used to ensure that the seven digits are not corrupted. Now, we are left with 10,000,000 possibilities but this is again a pretty big amount of possibilities which will take lot of time to be cracked but, there is a flaw in checking process the pin is examined as first the 4 digit and then the remaining 3 digit which leaves us with 10,000 possibilities for first four digits and 1000 to the other three. So, in total we have only 11,000 possibilities which can be cracked in hours.

CONCLUSION: WEP is the most vulnerable security amongst all thus it should be your last choice unless you are using very old device that only use WEP. WPA is somewhat much better but it too has vulnerability demonstrated by a very popular freely used tool. WPA2 is the most advanced usable security and even much better if used with combination of really strong password AES-128 encryption. WPS can also be a better choice but only for small networks and even requires two compatible devices having same manufacturers.