Chapter 28
Securing Wireless Networks
What Are the risks?

As long as all clients and Aps use the same 802.11 standards, they can
communicate – and not all devices are trustworthy.

Communication does not go direct to the intended host, but is broadcast
according to the transmitter patterns to any receiver in range
Authentication

Authentication protects your network by preventing people from accessing
confidential information.

Guests should be given different access compared to employees. So should
connect to a separate WLAN

Rogue Clients should not be given any access at all

In the simplest form this is just a Password, although this isn’t particularly
secure e.g. a stolen device might still be able to connect, or the password
could be worked out

Authentication works both ways, how do you know your device is connecting
to a genuine AP? Both client and AP should be authenticated before they share
data.
Message Privacy

To keep data private, messages should be encrypted for the journey through
free space.

The encryption method should be know by the transmitter and receiver, but
secure enough nobody else can read the data.

Each WLAN only supports one encryption scheme, with the AP and Client
sharing a unique encryption key for each association.
Message Integrity

How do you know the data you receive hasn’t been changed between the AP
and the client?

Devices get round this by using a Message Integrity Check (MIC)

This is like a stamp within the encrypted packed. The receiving device has an
idea of what this should look like, and can therefore tell if the packet has
been altered
Wireless Client Authentication Methods


Open Authentication

Like it’s name this is Open

Only requirement is that a client must submit an authentication request.

This isn’t very secure, but is very convenient.

Often this is a front for further security beyond the Authentication e.g. when you
sign up for a public wi-fi. You connect Openly but then need to provide web-based
authentication
WEP

Wired Equivalency Privacy

A Shared-Key Security Mehthod – client and AP must share the Key before they
transmit any data between them

Acts as both Encryption and Authentication (if you don’t know the WEP key you’re
not coming in)

Outdated technology now seen as unsecure
Wireless Client Authentication Methods

802.1x / EAP

A flexible alternative to WEP

Extensible Authentication Protocol – as per it’s name it’s designed to be flexible to
meet changing security needs.

Not a specific Authentication method – instead it acts as a framework of what an
authentication protocol should be.

Uses a three-party mehod

Supplicant : The Devices Requesting Access

Authenticator: Provides access to the network (usually a WLC)

Authetication Server (AS): Devices that processes client credentials and permits access
Wireless Privacy and Integrity Methods



TKIP (Temporal Key Integrity Protocol)

Incorporates MIC, Time Stamps, Sender MAC Address Checks, A algorithm to
generate Keys, and a larger minimum key length

Seen as a stop-gap solution
CCMP (Counter/CBC-MAC Protocol)

Combines two algorithms – AES Counter Mode encryption and CBC-MAC (used as a
MIC)

Open standard – used by the US Government among others
GCMP (Galois/Counter Mode Protocol)

Similar to CCMP but with a different MIC
WPA, WPA2 and WPA3

Wi-Fi alliance set this up to demystify the process. Combining different
authentication, encryption and integrity checks into single certifications
known as WPA
Feature
WPA
WPA2 WPA3
Pre-shared keys
Yes
Yes
Yes
802.1x Authentication
Yes
Yes
Yes
Encryption and MIC with TKIP
Yes
No
No
Encryption and MIC with AES & CCMP
Yes
Yes
No
Encryption and MIC with AES & GCMP
No
No
Yes