Dynamic WEP

With the attention devoted to security, it was not long before the industry started to develop wireless LAN technologies with significantly improved security. The first step along this road was to bolster WEP by refreshing the keys dynamically. Rather than a single static WEP key for all frames on the network shared by all stations, dynamic WEP solutions use a set of different keys. All stations in a network share a key to encrypt broadcast frames, and each station has its own mapping key for unicast frames.[*]

[*] With appropriate key distribution protocols in place, you can even have multiple groups share the same infrastructure. Each station has its own mapping key for unicast frames, but there may be multiple independent broadcast groups, each with its own default key for group frames.

WEP did not specify a key management framework. Keys are generated and distributed through a system that is not written down in 802.11. The first, and easiest key management "framework" to be implemented was manual. Network administrators needed to come up with a string of bits used as a key, and then distribute that key to all stations participating in an 802.11 service set secured by WEP. To set a key, administrators needed to touch a machine to configure a new key.

Layered Security Protocols

When the first edition of this book was written, WEP was rightly viewed as an insecure security system. Classic old-school manually-distributed static-key WEP is fundamentally broken. When it became clear that the relatively minimal protection provided by WEP was insufficient for most network environments, a task group formed to develop enhancements to the security of the MAC. That work was standardized as 802.11i in June of 2004.

During the gap between the initial research that exposed WEP's flaws and the development of more secure technologies to bolster it, network administrators turned to proven security protocols at higher layers in the stack, such as IPsec (layer 3), SSL (layer 4), and SSH (layer 7). With static WEP offering only minimal security, the additional encryption strength provided by higher-layer technology was well worth it.

With the development of stronger link layer technologies, layered security protocols are no longer the magic bullet they once appeared to be. IPsec requires client software to be installed and configured. SSL-based VPNs are much simpler to set up, though they often have shortcomings when securing applications that are not web-based. SSH is well-understood and can create arbitrary TCP tunnels, but it often requires significant modifications to user procedures. (Chances are that if you are reading this book, SSH is second nature; however, it is probably not something you want your users trying to figure out.)

With the development of the improved link layer security technologies discussed in this chapter and the next two, it is finally possible to build secure networks at the link layer. One increasingly common approach to building secure wireless networks is to consider what these new technologies can do, and then determine whether additional protection at higher layer protocols is required. Balancing the trade-offs is the subject of Chapter 22, in the deployment section of the book.

Dynamic WEP uses an improved key management framework. Rather than depend on the administrator for so much manual work, dynamic WEP uses strong cryptographic protocols to generate keys and then distribute them, in encrypted form, over untrusted networks. WEP key generation typically depends on the use of a cryptographic authentication protocol, which is discussed in the next chapter.

Dynamic WEP handles frames in an identical fashion to static WEP. The only difference is that there is a much improved mechanism to generate and distribute keys on a periodic basis. The automatic key management of dynamic WEP achieves much greater security than static WEP because it dramatically shortens the lifetime of a key. Any attacks against the key must take place within a single key lifetime. Frame initialization vectors can be re-used after a key refresh because they correspond to two different WEP seeds. Key recovery attacks using Fluhrer/Mantin/Shamir must occur within a single key lifetime as well, for obvious reasons. Dynamic WEP is by no means perfect, but it is a substantial improvement over static WEP. It is widely supported by almost every card and driver.

Related

Категории