Security in wireless networks

Due to the nature of wireless communications, everyone with a wireless device present within the area covered by the network is able to participate in the network and use shared services, hence the need for security.

WEP

WEP (Wired Equivalent Privacy) adds RSA RC4-based encryption to the communication, and prevents people without the correct key to access the network.

The problem with WEP is that it has several flaws that make it vulnerable to attacks, therefore it is not able to provide basic levels of security. The main flaws in WEP is the static encryption key and the short initialization vector. Since it is easy to attack WEP with inexpensive off-the-shelf equipment, wireless networks should not rely on WEP for security.

WPA

WPA ((WiFi Protected Access) resolves the main flaws with WEP. With WPA, the key is changed for every frame transmitted using Temporal Key Integrity Protocol (TKIP). The Initialization vector length is increased from 24 to 48 bits. WPA is considered as the base level of security for wireless networks.

For even higher security WPA2 should be used. WPA2 uses Advanced Encryption Standard (AES) instead of TKIP. AES is the best encryption available for wireless networks today. WPA2 also includes 802.1x authentication (see section about 802.1x).

axisFlexSubContent