Introduction to Wireless LAN Security

Security at the Data Link layer is not a new topic. It has gotten a lot of press recently in the context of WLANs, but the IEEE 802.11 WG is only the latest subgroup of IEEE 802.11 to address the concept of security at the Data Link layer. The IEEE LMSC (a.k.a. Project 802) created the IEEE 802.10 WG in May 1988 and tasked it to create the Standard for Interoperable LAN/MAN Security (SILS). The introduction to the IEEE 802.10-1998 standard states very clearly when^[1] and why the WG was created.^[2]

^[1] Note that this standard took 10 years to develop. Security standards are notoriously difficult to complete.

^[2] This passage is excerpted from IEEE Std. 802.10-1998 (copyright 1998). All rights reserved.

The IEEE 802.10 Working Group was formed in May of 1988 to address the security [of] LANs and MANs. It is sponsored by the IEEE LAN/MAN Standards Committee (LMSC). The working group currently has representation from vendors and users of security technology, and previously has also had representation from the government and general interest communities. The standard is an interoperability standard that is compatible with the existing IEEE 802 and OSI architectures.

Data networks, especially LANs and MANs, have become widespread. LANs and MANs are used by both industry and government for transferring vast amounts of information in the course of daily operations. Because of their ever-increasing use in the private and public sectors, the capabilities of these networks are being expanded to encompass more and more performance requirements. As a result, there is the growing need to standardize network protocols wherever feasible, to ensure that data networks will interoperate effectively.

As standardization practices evolve, several key areas will become critically important. One of these areas is network security. Many LANs and MANs require the capability to exchange data in a secure manner. This is especially important in cases where disclosure of operational information to unauthorized parties would severely undermine an organization's effectiveness. It is often as critical to protect the integrity of the data as it is to prevent disclosure of operating information.

Financial and government institutions have traditionally been most aware of the importance of security. However, recent widely publicized cases of computer fraud and related crimes have made security a goal for many other industries as well. As the need for security on LANs and MANs gains recognition, the need for a standardized approach to providing such a capability also becomes a priority. Much security standardization has already been started. Where applicable, this standard attempts to incorporate this work.

The author is not aware of any LAN products that include implementations of IEEE 802.10's security mechanisms. However, the demand for products that incorporate security is present, and seems to be growing, as evidenced by the many different ways that exist to provide security services for networks.

The IEEE 802.10 WG was created because LANs and MANs do have some unique properties that distinguish them from point-to-point or point-to-multipoint WAN technologies. The chief difference, from a security perspective, is that the LANs and MANs may operate over a shared medium (frequently, these media are referred to as being "broadcast-capable," as opposed to WAN technologies, which are either point-to-point^[3], or point-to-multipoint^[4]), and it is possible that traffic may be seen by a station even though it was not addressed to that station.

^[3] The best example of a point-to-point Data Link protocol is the IETF's Point-to-Point Protocol (PPP). Another such protocol is cisco's proprietary High-level Data Link Control (HDLC)-based serial line protocol. Various other point-to-point framing protocols have been invented over the years…it is even possible to send Ethernet frames over point-to-point WAN links.

^[4] Examples of point-to-multipoint media include X.25, frame relay, and Asynchronous Transfer Mode (ATM).

There are a number of reasons for this. First, in the case of a shared-medium LAN, such as half-duplex Ethernet ("classic Ethernet"), all stations will hear all the frames (but they only process frames that match certain filters based on a given frame's MAC Destination Address). It is a requirement of Ethernet's medium access control protocol (CSMA/CD) that a station be able to defer transmission of a frame if it detects that another station is transmitting. In effect, the protocol depends at its lowest level on the ability to eavesdrop on the medium. Moreover, a station that is transmitting must be able monitor the medium as it is transmitting, in order to determine if another station has collided with its transmission. Both of these "features" require that each station be able to detect all the traffic on the shared medium.

Moreover, in any bridged LAN, the first time a frame is sent to a MAC address, it may need to be broadcast (in the most literal interpretation of the word) across the LAN since the location of that MAC address has not yet been learned (once a bridge sees a frame from any new MAC Source Address, it remembers on which interface that MAC address was seen, so that future frames to that MAC address can be delivered only to the interface that is known to lead toward the actual location of that MAC address. Another aspect of bridged topologies is that any multicast or broadcast traffic that is sent by a station may be flooded to all the ports in the LAN.

The most popular^[5] LAN technology, Ethernet, has evolved to the point where the most common access device is a switch, to which each attached station has direct, dedicated access (i.e., a wire, patched through to a locked closet where the wire attaches to a port on an Ethernet switch). In the beginning, however, Ethernet was a shared-medium protocol in which each station attached to a broadcast-capable bus comprised of coaxial cable, or a slightly evolved version of the bus, in which the bus was buried inside a network hub, allowing the convenience of star-wiring, but logically identical to a physical coaxial cable. In the shared mode, Ethernet was equivalent to a data-oriented party line. There was no privacy. As Ethernet evolved to be switch-based, the traffic that a given station would see would be primarily only addressed to it, since the switch is a bridge, and it learned the station's MAC address.

^[5] For the moment, we will define popularity in terms of installed base, not in terms of desirability. It is clear that many people at the moment desire WLANs, but not necessarily to the exclusion of wired LANs.

An Ethernet switch isn't a perfect filter, since as mentioned previously, a station may see the occasional unknown-destination unicast frame that was broadcast (flooded) by the switch in an attempt to find the station to which the frame had been addressed. In general, though, the switch provides a weak level of privacy, in that each station cannot typically overhear the conversations between other stations. Eliminating eavesdropping is a significant advance in security, and it provides a very minimal level of privacy (the proper term is actually "confidentiality") due to physically separating the traffic.

Contrast the current state of the art in Ethernet bridging (i.e., layer-2 switching), where minimal confidentiality is an essential by-product of using the technology, with the fundamentally shared aspects of the WM, and we see a completely different situation. Within the range of its receiver, an IEEE 802.11 STA can hear everything that is transmitted by any other STA. The frame may be encrypted, which coverts the data portion of the frame into random-looking "noise" that only makes sense to someone who possesses the necessary decryption key.

However, the header of the MPDU is observable by all STAs, and the header's Duration/Identification field is used by the sending STA to indicate the amount of time it expects to use the medium, including both the time to transmit the frame and to receive the corresponding ACK, so that the other STAs can update their NAVs and know to remain quiet until that frame/ACK exchange is complete. The other STAs can remain quiet even if the data that is being sent is encrypted such that they cannot understand it. The fact that all the STAs can hear at least the headers of all frames is a basic unalterable fact of WLAN technology today.^[6] The only way to prevent unwanted eavesdropping is to perform some sort of encryption of the frame's data, preferably using keys that are only known to a given (sender, receiver) pair. Such a key is known as a pairwise key.

^[6] It is possible that a wireless equivalent to wired bridging (i.e., layer-2 switching) will be invented in the future, but no such technology exists today. However, even if there were a way to dedicate a frequency, or a time slot, to a given STA, that would still not prevent eavesdropping.

It is fair to say that the state of the art in WLANs today, with respect to eavesdropping, is equivalent to where Ethernet was before the early 1990s, when high-speed multiport bridges (i.e., layer-2 switches) began to appear.