11.7 802.11i and WiFi Protected Access

11.7 802.11i and WiFi Protected Access

The IEEE 802.11i standard [22] for WLAN security is still in draft format as of this writing, but wireless vendors have released key components under the name Wireless-Fidelity, or WiFi, Protected Access (WPA). Some features of 802.11i will require a hardware upgrade, so they are not considered urgent, specified in detail, or included in WPA. These features are as follows :

• The Advanced Encryption Standard (AES) has been defined as a replacement for WEP encryption by the WPA. Because of increased speed and processing requirements, AES will require a hardware upgrade.

• The Counter with Cipher Block Message Authentication Code Protocol (CCMP) and Wireless Robust Authenticated Protocol (WRAP) are AES-based replacements for TKIP. As discussed earlier in the book, both CCMP and WRAP were specifically designed for 802.11i and are a significant improvement over TKIP. TKIP has been a temporary fix for WEP until 802.11i is released and supported by industry. Both of these protocols are based on AES and will require hardware upgrades.

• Independent Basic Service Sets (IBSSs), also known as ad hoc or peer-to-peer wireless networks, have no APs. In contrast, Extended Service Sets (ESSs) are part of WPA and are formed around wireless APs.

• Preauthentication will be provided through 802.11i to reduce latency during hand-off between BSSs for applications that require minimal latency such as Voice over IP (VoIP). BSS is a network of wireless devices sharing the same AP. The time necessary for communications to resume when a client moves between APs (roams) will be reduced through preauthentication.

The introduction of WPA by the WiFi Alliance has made important features of 802.11i that only require software upgrades available now. When 802.11i is ready to be released, it will be marketed as WPA-2 with WPA backward compatibility. As discussed previously, additional features requiring hardware upgrades will become available over time to include the stronger AES cipher, IBSS, and preauthentication support.

WPA [23] was codeveloped by the WiFi Alliance and the IEEE 802.11 Task Group I as an interim security solution while the 802.11i Task Group addresses the details involved with securing WLANs. The WiFi Alliance has begun WPA compliance testing as part of the WiFi certification process, but compliance will not be mandatory until the fourth quarter of 2003. WPA has the following features:

1. Backward compatibility. WPA backward compatibility with 802.11 hardware.

2. Upgrades. It is designed to run on existing hardware as a security upgrade firmware patch. Firmware upgrades are already being rolled out, according to the WiFi Alliance.

3. TKIP. Although WEP encryption is optional in the 802.11 standard, TKIP encryption is mandatory for WPA. TKIP is a much stronger algorithm than WEP and can verify the security configuration after the encryption keys are determined, synchronize the changing of unicast encryption key for each frame, and determine a unique starting unicast encryption key for each Preshared Key (PSK) authentication. PSK allows the use of manually entered keys or passwords and is designed to be easy for the home user or worker to configure because there are no central authentication servers and no EAP framework in a home or Small Office/Home Office (SOHO) environment. All a home user needs to do is enter a plaintext password in the AP or home wireless gateway for each PC that is associated to the WiFi wireless network. WPA takes over automatically from that point. The password allows only devices with a matching password to join the network, keeping out eavesdroppers and other unauthorized users. The password automatically starts the TKIP encryption process.

4. MIC. In 802.11 and WEP, a 32-bit Integrity Check Value (ICV) is appended to the payload and encrypted with WEP for data integrity. Even though the ICV is encrypted, you can use crypt analysis to change the bits in the encrypted payload and update the encrypted ICV without being detected by the receiver. The Michael algorithm calculates an 8-byte MIC using the calculation facilities available on existing wireless devices and is placed between the data portion of the IEEE 802.11 frame and the 4-byte ICV. The MIC field is encrypted with the frame data and the ICV to eliminate the vulnerability found in 802.11 and WEP.

5. WPA authentication. WPA requires 802.1 x authentication. In 802.11, 802.1 x was optional. If the network is using a RADIUS infrastructure, both EAP and RADIUS are supported. For a network without a RADIUS infrastructure, WPA supports the use of PSKs.

6. WPA key management. WPA requires rekeying both unicast and global encryption keys. The rekeying of unicast encryption keys is optional in 802.1 x , and neither 802.11 or 802.1 x provides a mechanism to change the global encryption key used for multicast and broadcast traffic. TKIP changes the unicast encryption key for every frame, and the change is synchronized between the wireless client and the wireless AP. In regard to the global encryption key, WPA includes a facility for the wireless AP to advertise the changed key to the connected wireless clients .

7. Mixed-mode deployment. In a large network with many clients, WiFi APs may need to be upgraded before all of the WiFi clients. To support the gradual transition of WEP-based wireless networks to WPA, some APs may operate in a mixed mode, supporting clients running WPA and clients running WEP at the same time. During the association process, the wireless AP will determine the clients that are using WEP and those that are using WPA. A security issue results from running the mixed mode in that the global encryption key will not be dynamic because WEP-based clients cannot support it; however, other benefits of WPA will be retained. Because security will operate at the less secure level in this mode, organizations will benefit by accelerating the move to an all-WPA environment or other security solutions for all WiFi clients and APs.