Wireless Security – CompTIA Network+ N10-006 – 3.3

We rely on wireless security technologies to keep our network communication secure. In this video, you’ll learn about WEP, WPA, WPA2, and MAC filtering.
<< Previous: Access ListsNext: User Authentication >>

When you’re using a wireless network, everything you send is going across the air in radio waves which means that everybody who’s in your local area can hear everything that you happen to be sending. Obviously we need to be able to encrypt data then going over these wireless networks. We don’t want somebody pulling our information out of the air and seeing the information that we’re sending. Fortunately our wireless standards allow us methods to be able to encrypt everything going over these wireless networks.

And the only way you’d be able to know what is in that data is if you also are part of that wireless network. Only the people that have the right password would be able to transmit information on that wireless network and be able to listen to the information that was sent. There have been a number of different encryption methodologies used on wireless networks through the years. The only one you should really be using these days is WPA2, but let’s talk about all of the different wireless encryption that’s been in use through the years and really get an understanding of the ones you should use and the ones that you should not use.

When our 802.11 technologies were first introduced, they included an encryption mechanism called WEP. WEP stands for Wired Equivalent Privacy and it provided a couple of different types of encryption. We could enable 64-bit keys for our encryption or 128-bit keys. With a name like Wired Equivalent Privacy, it sounds like we’d have exactly the same privacy on our wireless network as we would on a wired network. Well, unfortunately, that was in name only.

We found some cryptographic vulnerabilities in WEP in 2001. As it turns out, some of the data that was being sent over the WEP network was “strongly non-random.” That is definitely not what you want if you want to keep information private. This means that if you were able to collect enough information from the wireless network, you’d be able to piece this together and understand what the key actually was. And of course, once you had the key, you had access to everything on that particular wireless network.

The rule these days is not to use WEP. You can find a WEP key in a matter of minutes with today’s technology, and generally, the devices that you would purchase and put into your network these days don’t even give you the option to run WEP because of these cryptographic vulnerabilities. When these problems with WEP were discovered, we had to come up with a different way of encrypting and protecting the data over our wireless networks. And so we came up with a standard called WPA, this stands for Wi-Fi Protected Access.

WPA used something called RC4 with TKIP. This is the Temporal Key Integrity Protocol. RC4 is the hashing method to use to encrypt the information and TKIP was the way that we kept the keys and sent information over the network. This uses a larger initialization vector, had an encrypted hash associated with it. A lot of this that was normally in the clear or easily determined on a WEP network was much more difficult to see with WPA.

Every packet got a unique encryption key and we were able to keep all of the data on our wireless networks encrypted now using WPA. But this was a methodology for encrypting that we could make even stronger. This was more of a short term workaround. We came up with an update to WPA called WPA2. The certification for this began in about 2004.

The RC4 cipher was replaced with AES, that stands for Advanced Encryption Standard, and we added CCMP instead of TKIP. CCMP is the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol. By combining this update to the protocol, we were able to create a much more secure method. And even today, WPA2 is the standard encryption that we use on our wireless networks. When you’re configuring an access point, especially one you might use at home, you’re probably configuring it with WPA2 or something called WPA2 PSK for pre-shared key.

But you might also see an option for WPA2 Enterprise. This is when you’re adding 802.1X network access control where you might have some access control mechanisms or authentication servers in your environment. And you’re allowing people access to the network if they log in with their normal username and password. Another method of wireless network security is something called MAC filtering. This is referring to the Media Access Control address that’s the hardware address that we have in our wireless devices.

MAC filtering provides us with a way to allow or disallow access to the wireless network based on the hardware address of these devices. We can make a big list and have only the devices in our list gain access to the wireless network. This might be very useful to keep neighbors out of your network or to make sure that only people that are authorized to be on the network are on the wireless network. And maybe we keep visitors out of our corporate wireless network. Unfortunately, it’s very easy to determine what MAC addresses are in use in a particular area.

A simple network analysis scan of the area can show you every one using the wireless network. And these MAC addresses can then be spoofed using the capabilities that are either built into the driver that you’re using. There’s also even free open-source software available to craft packets however you would like. This is a security mechanism we often refer to as security through obscurity. We think by making something more difficult to do that it’s somehow more secure.

And of course, that’s not true at all. Security through obscurity is no type of security. MAC filtering itself is only a very limited access control mechanism and we should not rely on it to provide any type of wireless security.