Cryptography Reference
In-Depth Information
be precisely established or measured. However, the notion is useful because it
provides a security 'target' that helps to influence certain design decisions. As
an example, WLAN security mechanisms are not intended to prevent denial-of-
service attacks, since a wired network is not inherently protected against these;
returning to our scenario of a home network, an external attacker who is located
outside a building with a wired home network could potentially cut a wire that
supplied communications or power to the building. In Section 12.3 we will see
that a similar notion of security has been used to define the scope of security
requirements for mobile telecommunications.
With this scope in mind, the security requirements for a WLAN are:
Confidentiality
. Data transferred over theWLAN should be kept confidential. As
we remarked earlier, tapping a wired network takes a bit of effort, so a wireless
network should also offer suitable protection.
Mutual entity authentication
. Communicating entities can identify one another
when setting up a WLAN connection. This is motivated by the fact that a
degree of inherent (very weak) 'entity authentication' is provided by physical
wires, but there are no such guarantees once we are in a wireless environment.
Data origin authentication
. The source of all data transferred over the WLAN
should be assured. This is because an attacker could easily modify data
transmitted during a WLAN session after the initial entity authentication has
been conducted. The original WLAN security standard WEP only provides a
weak level of data integrity, which is not good enough.
12.2.3
WEP
There are three cryptographic design decisions that are common to all of the
WLAN security mechanisms that we discuss:
• Since WLANs may be comprised of many different types of device, from
different manufacturers, it is important that the cryptography used in a
WLAN is widely available. Hence it would not be wise to deploy proprietary
cryptographic algorithms.
• Since thesemechanisms are dedicated toWLAN security and do not require the
full flexibility of the likes of SSL, it makes sense to decide which cryptographic
algorithms to use in advance and then deploy them universally, rather than
require an expensive equivalent of the SSL Handshake Protocol to negotiate
them.
• Since speed and efficiency are important, andWLANs are usually linked to some
sort of fixed infrastructure, symmetric cryptography is a natural choice.
However, the cryptographic details of each of the proposed mechanisms vary
considerably. We start by looking at the original proposal of WEP, which uses:
1. The stream cipher RC4 for encryption. A stream cipher is a reasonable choice,
since a wireless communication channel is prone to errors (see Section 4.2.4).
