Future Forecast
Introduction
As seen through recent developments on campus, wireless network technology has experienced meteoric growth both in importance and in usage. By allowing users to access the Internet without having to be attached by cumbersome wires, Wireless technology has not only cleaned up large messes of wires in homes and offices, it has freed people to take full advantage of the mobility of their laptops. On campus, you can see people connected this way not only in libraries and classrooms, but out in the open as well. In the business world, wireless technology has allowed for offices with less clutter and more flexibility. However, all of this convenience has not come without a price. As of right now, wireless technology has been fraught with various security issues. With packets of information sent over radio waves, information can be intercepted, replicated, and faked much more easily than it can be over wired networks. As of now, the popularity of wireless technology has grown faster than what it was ready for.
As mentioned in Mr. Santalesa's article, the 802.11b wireless standard's security was originally based mostly on the scarcity of the technology. Nowadays, with more people turning to wireless technology as the next level of connectivity, improvements must be made to bring it level of security closer to that of its wired counterpart.
The Present State of Wireless
Despite the name, wireless technology is not completely free of wires. In order for computers free themselves from wires, they must send and transmit packets through access points. These, in turn, are wired to the rest of the network. Computers with wireless ethernet cards interact with the APs to send and receive packets of information via mircrowaves. These packets are goverened by carrier sense multiple access / collision avoidance as opposed to the collision detection of wired networks. This makes wireless somewhat less efficient at the moment. Access points usually come equipped with two antennae, which can be adjusted to set the space in which the wireless network can work. As of right now, APs can provide service within about 300 ft of the point. For providing service to long areas, such as down hallways, leaky coax cable can be used. This is basically done by putting holes through the cable linking the access point to the network. The microwaves "leak" in and out of these holes, providing service for the areas close around the holes.
802.11
The current standard used for most wireless networks is the IEEE's 802.11b. This allows for a bandwith of 11Mbps on a 2.4 GHz band. In practice, though, the throughput is usually closer to 4-6 Mbps. Dropping prices and widespread avialability have made this the standard of choice, as most people have turned to it for their wireless needs. However, the demand for greater bandwidth has lead to the development of newer standards. 802.11g, just now being incorporated into hardware, promises a bandwidth of 54 Mbps over a band of 5.0 GHz. Not only that, but it promises to be backwards compatible with 802.11b products. Thus, people and businesses can use the new technology along with legacy hardware while upgrading in piecemeal fashion. The 802.11b will just run at its normal slower speed. (More on 802.11g)
In contrast, the 802.11a standard, which also runs at 54 Mbps over a 5.0 GHz band, has been out for over a year. This standard, however, uses orthoganol frequency division multiplexing and operates at a range of only 60 feet. This would lead to a need for many more access points to cover the same amount of area. Also, 802.11a products are not interoperable with 802.11b products, meaning that installing 802.11a networks would require the scrapping of any 802.11b technology.
Currently security on 802.11b is run through three different mechanisms. The first is the Service Set Identification, or SSID. This is a network name used by computers to gain access to a network. In order to connect through that access point, the computer would need to have the appropriate SSID. This would help to keep unwanted and unregistered users from gaining access to the Internet through that point. However, most vendors either have their products set with the SSID disabled, or with it set to broadcast. When the SSID is broadcast, any computer could receive the SSID from the AP and thus gain access. Still, as the SSID is plaintext and not encrypted, it is liable to be stolen even if not broadcasted. Also, because many people need to configure their own computers to wireless networks, SSID's are often public knowledge, and very easy to find.
The second layer of security comes from the Media Access Control address filtering. This allows administrators to set the IP addresses of those who are allowed to use a certain AP. While it provides another means of protecting the network, the work of adding and deleting addresses can be tedious and hard to manage. Also, with some sniffing and poking around, outsiders could obtain and spoof the addresses of registered users to get access to the network.
The final piece of the wireless security structure comes from Wired Equivalent Privacy encryption. This is the most controversial aspect of wireless security. Since it uses the first 24 bits as an initiation vector, WEP offers 40 or 104 base encryption protection. Still, according to some sources, both are equally flawed and easily bypassed. In the WEP system, all computers set on the access point have a key for for encrypting and reading the data. WEP uses RC4 encryption to prevent people from intercepting and reading packets sent over microwaves. However, WEP has come under attack as being easily cracked by readily obtained programs. The static nature of the WEP key makes it even worse, since cracking it once gives the attacker unfettered access until the key is manually changed everywhere.
The open nature of wireless opens it to a variety of different attacks. War driving, or war chalking, involves moving around with wireless equipment, finding open access points. This allows people to find unsecure APs and places where they people can leech off of the shared bandwidth of others. This leads to insertion attacks, where attackers can put themselves into networks that they were not intended to be a part of.
Using sniffers, attackers can also attempt to intercept and even hijack the wireless connections of others. Unlike normal sniffers, which must be attached to the network somehow, wireless sniffers need only to pick up the packets that are floating freely over microwaves within the coverage area. With the weak encryption of WEP, monitoring information is relatively easy. This information could also be used to hijack other sessions, taking control of their accounts. Also, attackers can use their own transmissions to attempt to jam wireless networks, leading to denial of service attacks.
Another security issue created by hackers has been the use of clone access points to steal information. By introducing their own access point, attackers can try to get others to mistakenly connect to their AP, and thus get access to any private information they submit. In a large number of cases, attackers can get by just by using vendor-set SSID's and default configurations. Many networks do not even have SSID or WEP enabled, and even more beyond that have not set new or sufficiently hard to guess passwords.
Possible Solutions and the Future of Wireless
From the wealth of problems noted above, it would seem that 802.11b was a standard put up more to get the ball rolling on wireless technology than to establish a lasting standard for it. Currently, the IEEE has a task force working on new standards to fix exiting problems.
Prominent among these solutions is the devlopment of 802.11i. This standard is being developed by many of the people who were first to discover and point out the flaws in WEP. The primary new feature of 802.11i is the Temporal Key Integrity Protocol, which would replace the much-maligned WEP. The key for TKIP, while also using RC4 encryption, would change for every 10 Kb of data transmitted. This would make it much harder to get a working key and keep using it in the network. Later, plans are being made to replace the RC4 encryption with the more reliable AES.
Because the 802.11i was just drafted in late January of 2003, its adoption as a standard is still a ways off. In the meantime, Wi-Fi Protected Access (WPA) has been developed as a security system that will be forward compatible with 802.11i. This incorporates the 802.1x authentication standard, which allows for key management. In this system, a user would connect with a pass phrase. This pass phrase would then lead to a TKIP-generated key, which would be specific to the user and not static. This solution has been proposed by the Wi-Fi alliance for use until 802.11i comes out later in 2003.
In conclusion, it is very likely that the IEEE and other organizations will continue to find ways to improve the security of wireless technology. Because this technology is becoming so popular and widespread, the technological community cannot afford for it to continue to be as insecure as it presently is. Though new problems may come out in 802.11i, we can be confident that security will be cotinuously improved until it is at least comparable with that of wired networks. Not only that, but it should allow for both security and the conevenience and mobility that makes wireless attrractive. The world is quite possible moving toward a wireless state. Before that happens, these serious security issues must be addressed. As this technology is too important to give up on, we can rest assured that it will be continuously improved until the securtity reaches and acceptable level.
Another good link, detailing WEP, WPA, and 802.11i