WEP, Wired Equivalent Privacy, is an older security protocol that is specified in 802.11b Wi-Fi IEEE standard. This protocol is an encryption algorithm designed to provide security and privacy to the wireless LAN in comparing with what is expected from a wired LAN. WEP is using a security code called WEP key, this security code is using a sequence of hexadecimal digits. Those digits must match on all devices that are trying to communicate on the wireless network. Here are Some of the WEP operations:
- Confidentiality: it is the term that used to describe data that is protected against unauthorized users.
- Integrity: which ensure that data has not been changed or modified.
- Authentication: it is the main Idea in any security strategy, because the credibility of the data is based on its origin.
WEP’s first limitation is using 24bit initialization vector, which have just 224 possible values, this will make the keys start repeating themselves. The second weakness is, not all those possible values are good, like the number 1, it is easy for the attacker to figure it out if he used a tool to generate those keys, he will crack the WLAN from the first try! Another limitation for WEP is the deference between 64bit and 128bit, those two have the same 24bit level, which producing weakness. There are some solutions for these problems like:
- Layering the security by putting the wireless network behind its own routed interface, that will shut off the access to a single choke point if it is necessary.
- We can change SSDs by picking a random SSID that gives no information about your company or your network.
- Disable active SSID broadcasts.
- We can rotate the broadcast keys about every ten minutes.
- Discovering rogue access points.
- Adding physical or logical access point securities which ensure that someone cannot alter an access point configuration without a knowledge.
The state of art technology in wireless LANs security
There is a new WPAN technology called THREAD. this technology is using an open protocol that carries ipv6 natively. Its standard is 802.15.4 radio hardware. This technology has an ability to connect 250+ devices in a single network. THREAD network and applications are using layers with AES public-key encryption.
There is also a technique called 802.1X authentication. There are many organizations turning to this technology. This authentication system is supporting both 802.11 WLANs and Wired Ethernet networks. 802.1X is compatible with both WPA and WPA2, it even supports WEP keys. It uses EAP (extensible authentication protocol) which is sent from the endpoint to the access point. The access point returns the EAP message that is asking for the user’s ID which forwards the message after that to the authentication server. 802.1X is making the Endpoint client and authentication server do all the work instead of the wireless access point, that for sure will tend to limit memory and processing. 802.1X authentication ensures the highest level of security on WLAN.
References:
- Atlantic Computing Technology Corporation Inc.( June 20, 2014) The Evolution of WLAN Security, Part 2 Available from: link (accessed 12/2/2014).
- Thomas M. Thomas.( Jul 16, 2004) Wireless Security Available from: link (accessed 12/2/2014).
- Eli Misel.( 7/19/2010) Advantages/Disadvantages: WEP/WPA Network Security Available from: link (accessed 12/2/2014).
- Matthew S. Gast.( May 2, 2005) 802.11 Wireless Networks: The Definitive Guide, Second Edition Available from: link (accessed 12/2/2014).
- Margaret Rouse.( July 2006) Wired Equivalent Privacy (WEP) Available from: link (accessed 12/2/2014).
- Michael Kassner.( August 12, 2014) Thread Group creating new, more-secure wireless standard for Internet of Things devices Available from: link (accessed 12/2/2014).
Comments