Cryptography Reference
In-Depth Information
It is extremely important to provide security for wireless networks, since these net-
works are particularly vulnerable to some types of external attack. However, one
of the most interesting aspects of wireless network security is the cryptographic
design errors that were made when developing certain wireless network security
standards. In this sectionwe look at the example of wireless local area networks and
discuss the problems that have arisen in their underlying cryptographic design.
12.2.1
WLAN background
Many users of computers are accustomed to the inherent network 'security'
provided by the use of physical wires to communicate between different devices.
Although a determined attacker can 'tap' a wired communication, this requires
physical access to the wires themselves. Hence many attacks on wired networks
tend to focus on the machines at the ends of the wires; for example, by installing
malicious software on a machine that monitors traffic being sent and received on
the network by that machine.
The advent of wireless communication has brought numerous benefits,
perhaps the most significant being convenience. An office or home can easily
establish a network without messy wiring being installed. Also, networks can be
established in places where they were once awkward to install, such as railway
stations, restaurants and conference venues.
However, without the security provided by physical wires, wireless networks
are much more vulnerable to attack. Without built-in security, the information
exchanged over them can be monitored (and potentially modified) by anyone
geographically close enough to access them. For example, access to a wired home
network is, by and large, restricted to someone who can enter the building and
physically access either the machines or the wires. In contrast, a wireless network
is potentially accessible to someone located outside the building.
The type of wireless network that is typically deployed between devices in an
office or home environment is known as a
wireless local area network
(WLAN).
The international standards for WLAN communications are governed by the
Institute of Electrical and Electronics Engineers
(IEEE) and are collectively referred
to as IEEE 802.11. The original version of the IEEE 802.11 standard was released
in 1997, but there have been many amendments since then. Some devices that are
certified to be compliant with IEEE 802.11 are labelled by the trademark
Wi-Fi
,
which is an indicator of interoperability.
A simple WLAN architecture is shown in Figure 12.2. A
wireless access point
is
a piece of hardware that acts as a bridge between the wireless network and a wired
network (for example, the wired network that delivers a connection to the Internet
from a home). The access point consists of a radio, an interface with the wired
network and bridging software. A
device
is any computer (for example, a desktop
