Friday, February 15, 2008

What is WIFI..?? - WLAN Part 1

Recently my friend ask about getting and securing a wireless Access Point (AP). So i think i should share some of my knowledge on Wireless Local Area Network (WLAN).

802.11 Standard
Some people might be asking, "Which is more secure? 802.11a, b, g or n?", "Which stardard should your access point support?"
IEEE 802.11 is a set of standards for wireless LAN. It define protocol used in the data link layer. The difference between various standard (802.11a, b, g, n) are mainly on the Frequency, the Data rate and the Range. You should get the AP that support the latest as it will normally be backward compatible with older protocol. But be careful on those AP that uses protocol that is still under "draft". As those "draft" protocol, various vendors may implement them differently. Network card and AP from different vendors may not be compatible.

-802.11a (release on 1999)
Frequency 5 GHz
Data Rate 54 Mbit/s
Range estimated 35m

-802.11b (release on 1999)
Frequency 2.4 GHz
Data Rate 11 Mbit/s
Range estimated 38m

-802.11g (release on 2003)
Frequency 2.4 GHz
Data Rate 54 Mbit/s
Range estimated 38m

- 802.11n (draft)
Frequency 2.4 GHz or 5 GHz
Data Rate 300 Mbit/s
Range estimated 70m

WIFI Encryption
So what are the different encryption type (WEP, WPA, WPA2, Dynamic WEP)? Which is more secured?
It is always recommended to use the latest encryption method (WPA2). But if not possible (latest method not supported), you should never leave your WLAN running without any encryption. Even weak WEP is better than nothing.

-Wired Equivalent Privacy (WEP)
WEP uses the stream cipher RC4 for confidentiality (encryption) and the CRC-32 checksum for integrity. It can be configured to use between 64 to 128bit. It can be easily cracked within minutes and was replaced by Wi-Fi Protected Access.

-Dynamic WEP
WEP keys change dynamically. It could change a user’s WEP key every few minutes. But with new wireless hacking technique, hacker can actively inject packets into a wireless LAN and cracked Dynamic WEP keys in minutes.

-Wi-Fi Protected Access (WPA)
It comes with two flavors of WPA: enterprise and personal. Enterprise is meant for use with an IEEE 802.1X authentication server, which distributes different keys to each user. Personal WPA utilizes less scalable "pre-shared key" (PSK) mode, where every allowed computer is given the same passphrase. In PSK mode, security depends on the strength and secrecy of the passphrase

Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used. When combined with the much larger initialization vector, this provides greatly improved protection against, and effectively defeats, the well-known key recovery attacks on WEP

-Wi-Fi Protected Access 2 (WPA2)
WPA2 support CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) encryption mechanism based on the Advanced Encryption Standard (AES). It is the implementation of the full 802.11i standard.

After sharing on the basic of WLAN, i will discuss more on the basic in securing WLAN setup in the next blog (part 2) and demostrate how easily WEP and WPA can be cracked in my future blog.

No comments: