NOTE: Free essay sample provided on this page should be used for references or sample purposes only. The sample essay is available to anyone, so any direct quoting without mentioning the source will be considered plagiarism by schools, colleges and universities that use plagiarism detection software. To get a completely brand-new, plagiarism-free essay, please use our essay writing service.
One click instant price quote
Strengths and Vulnerabilities of WEP, WPA, and WPA 2 Introduction With the introduction of wireless networks, users are experiencing both benefits and setbacks of the innovation. While is it convenient tobe able to access the Internet virtually anywhere, the issue of security and privacy concerns more and more of todays users. The following essay will explore three network security options available on the market today: WEP, WPA, and WPA 2. The essay will concentrate on strengths and weaknesses of each option for the purpose of conveying as much information about network security to the users as possible. Overview of WEP WEP is an abbreviation for Wired Equivalent Privacy, a security protocol for WLANs (Wireless Local Area Networks) that are defined in the 802. 11 b standard. Although WEP was designed to provide the same level of security as a WLAN, LANs are fundamentally more secure than WLANs due to the fact that LANs are physically protected by their structure.
In other words, a part of LAN is located inside the building, which helps protect from unauthorized access. WLANs, on the other hand, are not supported by physical structure, and are therefore more vulnerable to unauthorized access. In return, Wep's aim is to provide security to WLANs by encrypting data transferred over radio waves, so that the sender and the receiver are the only authorized users of the information. However, despite the fact that WEP provide security to WLAN, it has been found that WEP is not as secure as once believed. The reason is, WEP is used at the two lowest layers of the OSI model, which include the data link and the physical layer.
As a result, since only these two layers are protected, WEP does not offer complete end-to-end security. [ web Steven J. Vaughan-Nichols states in his article Making the Most from WEP [ web that it would only take five to ten minutes in order to successfully invade a WLAN protected by WEP. And since there are fifteen million packets in a WLAN, it can be said with almost 100 % certainty that a hacker will be able to get through the network traffic. What makes the current situation even more disturbing for WEP users in the fact that most of the cracking techniques used nowadays are sufficient enough to work with any WEP key length. As a result, a 128 -bit key is now just as vulnerable as a 64 -bit key; furthermore, even if the WEP was using a 1, 204 -bit key, it would still be as easy to crack as the 64 -bit key. In order to understand how it is so easy for hackers to crack the encryption codes used by WEP, it is useful to analyze how WEP manages its encryption keys itself.
Every WEP packet is encrypted with a RC 4 cipher stream, which is generates by an encryption key. Such encryption key is made up of a 24 -bit initialization vector (IV) along with a 40 -bit or 104 -bit WEP key, which is usually set by a users wireless device. When the two keys are combined, they either have 62 or 128 bits in total. Although this process seems flawless so far, the first flaw is right in the encryption itself. Wep's security is vulnerable as soon as the packet is encrypted, because every packet sent includes the IV in plain text, which makes the job easy even for a novice hacker. Although each IV is only 24 -bits long, and a hacker can only get 16, 777, 216 different RC 4 encryption streams for every key, this number is not that large in reality.
Due to the fact that the IV plain text is constantly reused to make up packets that would make up phrases, it will not take a long time for a hacker to gather enough packets to start cracking messages sent by the user. If that was the only problem associated with WEP, it would still take a hacker a lot of power and time to break into a WLAN. However, the problems related to WEP do not end there. RC 4 is another problem that makes WEP vulnerable. Although approximately 17 million possible IV numbers are sent through the RC 4, not all of them work perfectly.
Out of those 17 million, there will be nearly 9000 IV numbers that malfunction, making it easier for a hacker to detect and collect. As a result, these damaged IV numbers give additional clues on the full encryption key to a hacker, making breaking into WEP a lot easier. In general, if such simple encryption techniques make WEP so vulnerable, should not there be a solution for this problem? Overview of WPA WPA is an abbreviation for Wi-Fi Protected Access, which is a standard specifically designed to improve upon the security feature of WEP.
The technology works with existing Wi-fi products, however, it has two improvements that differentiate WPA from WEP: WPA provides improved data encryption achieved through the temporal key integrity protocol (TKIP). TKIP assembles encryption key using a hashing algorithm, and with an added integrity-checking feature, ensures that the keys are encrypted securely. WPA also offers user authentication, not offered in WEP, through the extensible authentication protocol (EAP). Unlike WEP, which regulated access to a wireless network through a computers hardware MAC address, EAP is built on a more secure public-key encryption system, which ensures that only authorized network uses have access to the network. [ web WPA is based on special security enhancements that increase the level of data protection and network access control for an existing WLAN. WPA can be viewed as a software upgrade on an existing hardware, and, when properly installed, will provide enhanced level of wireless network security for WLAN users. In fact, the Wi-Fi Alliance has launched an interoperability certification testing on WPA in February 2003.
Unlike WEP, WPA can be used effectively at homes, as well as within enterprises and wireless networks with public access. WPA successfully addresses WLAN requirements set for enterprises by providing a fundamentally secure encryption and authentication solution prior to the ratification of the IEEE 802. 11 I standard. Enterprises that work with IT resources should consider investing not only in a WPA, but also in an authentication server such as RADIUS in order to achieve centralized control and management of incoming and outgoing information. Small Offices/Home Offices doe not have central authentication servers, and, as a result, require a WPA to run in a special home mode. Such mode is also known as Pre-Shared Key (PSK) more, and it allows the user to either manually enter keys or personalized passwords for security purposes. The user enters a password, also known as a master key, into the access point of the wireless gateway, and the WPA takes over wireless security from that point.
The benefit of a password protected Wi-Fi lies in the fact that only devices with a corresponding password are allowed to enter the network. Furthermore, a password automatically starts the TKIP encryption process for the IV packets to ensure enhanced network security. Last, but not least, WPA also offers great benefits for wireless networks with public access. Wpa's are useful for Wireless Internet Service Providers (WISPs), who offer public access to hot spots. Secure information transmission and authentication is particularly important to users who share a hot spot, since the users are unknown to each other. In this case, authentication offered by a WPA enables secure access control for the service providers and for wireless network users who do not utilize VPN connections. [ web Overview of WPA 2 Eric Griffith discusses an innovation in wireless network protection called WPA 2 in his article called A Warm Welcome to WPA 2 published on September 2, 2004.
WPA 2 was coined by the Institute of Electrical and Electronics Engineers (IEEE) in June of 2004, and is a new name for the 802. 11 I specification. The Wi-Fi Alliance confirms that WPA 2, unlike WPA, is not introduced to address any flaws in WPA that still remains secure. Moreover, the original WPA possesses the same attributes as the final WPA 2. The main difference between WPA and WPA lies in the fact that WPA uses Advanced Encryption Standard (AES) in order to encrypt the data packets, while the original WPA uses Temporal Key Integrity Protocol (TKIP) for data encryption. AES used by WPA 2 provides sufficient amount of security to meet the Federal Information Processing Standard (FIPS) 140 - 2 requirement, specified by many government agencies. On the other side, in order to support the AES additional hardware installation might be required for the existing WLAN, due to the fact that an AES needs a separate chip to handle data encryption and decryption.
In addition, any WPA products can be easily upgraded to WPA 2, as long as they are capable of supporting an AES. On the contrary, products running WPA 2 cannot support older products running in WEP security still found in some original Wi-Fi products. Advanced Encryption Standard (AES) uses the Counter Mode-Cipher Block Chaining (CBC) -Message Authentication Code (MAC) Protocol (CCMP). AES Counter Mode is a block cipher that encrypts 128 -bit blocks of data at a time with a 128 -bit encryption key.
The CBC-MAC algorithm produces a message integrity code (MIC), which, in return, provides data origin authentication and data integrity for the wireless frame. A Packet Number is included in the WPA 2 -protected wireless frame and is incorporated into the encryption and MIC calculations to provide replay protection. [ web Conclusion In todays world, everyone is seeking privacy and security, especially when it comes to personal information. For that reason, more and more network security options are introduced on the market in order to meet each users specific needs. Whether it is WEP, WPA, or WPA 2, these three options offer wireless network security features that are guaranteed to protect the users personal information and online activity from unwanted attention and publicity.
Bibliography: Webopedia, The # 1 Online Encyclopedia Dedicated to Computer Technology, web Wi-Fi Alliance, Wi-Fi Protected Access, web Webopedia, The # 1 Online Encyclopedia Dedicated to Computer Technology, web Wi-Fi Planet, The Source for Wi-Fi Business & Technology, web
Free research essays on topics related to: data encryption, unauthorized access, wireless network, network security, public access
Research essay sample on Wireless Network Network Security
