Encryption Boost

By Francis Chu  |  Posted 2003-02-03 Print this article Print

Encryption Boost

Although 802.1x will help fix the static WEP key security issues, it is strictly an authentication standard and does not address the encryption weaknesses found in WEP. The Wi-Fi Alliance, working with the IEEE, has devised a security standard called WPA (Wi-Fi Protected Access) that will reach the product certification stage this year.

WPA uses 802.1x for authentication but adds a stronger encryption element from the 802.11i draft called TKIP (Temporal Key Integrity Protocol). TKIP addresses all the known deficiencies in the WEP algorithms but maintains backward compatibility with legacy 802.11 hardware.

TKIP works like a "wrapper" around WEP, adding multiple enhancements to the WEP cipher engine. TKIP ex-tends the IV (initialization vector) from 24 bits in WEP to 48 bits to address replay attacks. The IV is used to encrypt the data in a packet.

Extending the IV to 48 bits greatly increases the number of possible shared keys, to protect against replay attacks. Some vendor implementations of WEP use the same IV for all packets for the lifetime of the connection or rotate the IV in a predictable manner. TKIP uses better sequencing rules to ensure that the IV cannot be reused even if intruders got hold of it.

WPA also adds Message Integrity Code, a cryptographic checksum that protects against forgery attacks.

The transmitter of a packet adds about 30 bits (the MIC) to the packet before encrypting and transmitting it. The recipient decrypts the packet and verifies the MIC (based on a value derived from the MIC function) before accepting the packet. If the MIC doesnt match, the packet is dropped.

Having the MIC ensures that modified packets will be dropped and attackers wont be able to forge messages to fool network devices into authenticating them.

Per-packet key mixing of the IV prevents weak key attacks. A new key derivation scheme helps to minimize the amount of information gained on a successful forgery attempt.

With TKIP implemented on both the access point and all client devices, a different key is generated to encrypt each new packet. This will ensure that hackers with exploited IVs cannot predict the base WEP key.

Although WPA brings a welcome boost to WLAN security, many view it as a temporary fix because future 802.11 equipment will likely use the Counter Mode with CBC-MAC Protocol, or CCMP, which is also a part of the 802.11i draft. CCMP uses AES (Advanced Encryption Standard) to provide even stronger encryption. However, AES requires a good amount of processing power—which likely means upgrading hardware to see optimal performance—and is not designed for backward compatibility.

Certification of the new security enhancements in the 802.11i standard is just starting, and Wi-Fi products supporting WPA will make their way slowly to market this year.

Technical Analyst Francis Chu can be reached at francis_chu@ziffdavis.com.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel