Main Page

Real 802.11 Security: Wi-Fi Protected Access and 802.11i
By Jon Edney, William A. Arbaugh
Publisher: Addison Wesley
Pub Date: July 15, 2003
ISBN: 0-321-13620-9
Pages: 480

"Real 802.11 Security provides clear descriptions of current and emerging security techniques. The authors handle complex topics nicely, and offer significant clarification of IEEE draft standards."
-Russ Housley, IETF Security Area Director and founder of Vigil Security, LLC

"This is certainly the definitive text on the internals of 802.11 security!"
-John Viega, founder and chief scientist, Secure Software, Inc.

"This book keeps the exposition as straightforward as possible and enables you to cut through the maze of acronyms, hacking tools, rumored weaknesses, and vague vendor security claims to make educated security decisions when purchasing or deploying WLAN."
-Simon Blake-Wilson, Director of Information Security, BCI

Business professionals and advanced home users are captivated by the convenience of working on wireless networks. But how can privacy and security be maintained effectively? Real 802.11 Security describes an entirely new approach to wireless LAN security based on the latest developments in Wi-Fi technology. This is the book that will show you how to establish real security within your Wi-Fi LAN.

Recent developments in Wi-Fi security achieve what no amount of reconfiguration can do: They solve the problem at the source. Wi-Fi Protected Access (WPA) repairs weaknesses in existing Wi-Fi systems and is designed to allow software upgrades. The upcoming 802.11i standard will offer a much higher level of security than previously offered and will provide flexible, extremely secure solutions for future products.

Real 802.11 Security addresses the theory, implementations, and reality of Wi-Fi security. It provides an overview of security issues, explains how security works in Wi-Fi networks, and explores various security and authentication protocols. The book concludes with an in-depth discussion of real-world security issues and attack tools.

Written by two experts in wireless security, Jon Edney and William Arbaugh, this book shows you how to stay informed and aware when making security decisions, and what steps you can take to implement the most effective, proactive wireless security now and in the future.

• Table of Contents
Real 802.11 Security: Wi-Fi Protected Access and 802.11i
By Jon Edney, William A. Arbaugh
Publisher: Addison Wesley
Pub Date: July 15, 2003
ISBN: 0-321-13620-9
Pages: 480
   Praise for Real 802.11 Security: Wi-Fi Protected Access and 802.11i
      Why This Book Now?
   Part I.  What Everyone Should Know
      Chapter 1.  Introduction
      Setting the Scene
      Roadmap to the Book
      Notes on the Book
      Chapter 2.  Security Principles
      What Is Security?
      Good Security Thinking
      Security Terms
      Chapter 3.  Why Is Wi-Fi Vulnerable to Attack?
      Changing the Security Model
      What Are the Enemies Like?
      Traditional Security Architecture
      Danger of Passive Monitoring
      Chapter 4.  Different Types of Attack
      Classification of Attacks
      Attacks Without Keys
      Attacks on the Keys
   Part II.  The Design of Wi-Fi Security
      Chapter 5.  IEEE 802.11 Protocol Primer
      Wireless LAN Organization
      Basics of Operation in Infrastructure Mode
      Protocol Details
      Radio Bits
      Chapter 6.  How IEEE 802.11 WEP Works and Why It Doesn't
      Mechanics of WEP
      Why WEP Is Not Secure
      Chapter 7.  WPA, RSN, and IEEE 802.11i
      Relationship Between Wi-Fi and IEEE 802.11
      What Is IEEE 802.11i?
      What Is WPA?
      Differences Between RSN and WPA
      Security Context
      Security Layers
      Relationship of the Standards
      Chapter 8.  Access Control: IEEE 802.1X, EAP, and RADIUS
      Importance of Access Control
      Authentication for Dial-in Users
      IEEE 802.1X
      EAP Principles
      Messages Used in IEEE 802.1X
      Implementation Considerations
      RADIUS—Remote Access Dial-In User Service
      Chapter 9.  Upper-Layer Authentication
      Who Decides Which Authentication Method to Use?
      Use of Keys in Upper-Layer Authentication
      A Detailed Look at Upper-Level Authentication Methods
      Transport Layer Security (TLS)
      Cisco Light EAP (LEAP)
      Protected EAP Protocol (PEAP)
      Authentication in the Cellular Phone World: EAP-SIM
      Chapter 10.  WPA and RSN Key Hierarchy
      Pairwise and Group Keys
      Pairwise Key Hierarchy
      Group Key Hierarchy
      Key Hierarchy Using AES–CCMP
      Mixed Environments
      Summary of Key Hierarchies
      Details of Key Derivation for WPA
      Nonce Selection
      Computing the Temporal Keys
      Chapter 11.  TKIP
      What Is TKIP and Why Was It Created?
      TKIP Overview
      Per-Packet Key Mixing
      TKIP Implementation Details
      Message Integrity—Michael
      Per-Packet Key Mixing
      Chapter 12.  AES–CCMP
      Why AES?
      AES Overview
      How CCMP Is Used in RSN
      Chapter 13.  Wi-Fi LAN Coordination: ESS and IBSS
      Network Coordination
      WPA/RSN Information Element
      Preauthentication Using IEEE 802.1X
      IBSS Ad-Hoc Networks
   Part III.  Wi-Fi Security in the Real World
      Chapter 14.  Public Wireless Hotspots
      Development of Hotspots
      Security Issues in Public Hotspots
      How Hotspots Are Organized
      Different Types of Hotspots
      How to Protect Yourself When Using a Hotspot
      Chapter 15.  Known Attacks: Technical Review
      Review of Basic Security Mechanisms
      Review of Previous IEEE 802.11 Security Mechanisms
      Attacks Against the Previous IEEE 802.11 Security Mechanisms
      Man-in-the-Middle Attacks
      Problems Created by Man-in-the-Middle Attacks
      Denial-of-Service Attacks
      Chapter 16.  Actual Attack Tools
      Attacker Goals
      Example Scenarios
      Other Tools of Interest
      Chapter 17.  Open Source Implementation Example
      General Architecture Design Guidelines
      Protecting a Deployed Network
      Planning to Deploy a WPA Network
      Deploying the Infrastructure
      Practical Example Based on Open Source Projects
      References and More Information
      Appendix A.  Overview of the AES Block Cipher
      Finite Field Arithmetic
      Steps in the AES Encryption Process
      Appendix B.  Example Message Modification
      Example Message Modification
      Appendix C.  Verifying the Integrity of Downloaded Files
      Checking the MD5 Digest
      Checking the GPG Signature