Locking Down WLAN Designs with 802.11i

Based largely on enterprise demands for more secure WLAN solutions, the IEEE developed the 802.11i specification, which allows for security improvements in existing WLAN products through firmware upgrades. Most available products can be upgraded to use certain features, such as temporal key integrity protocol (TKIP) and IEEE 802.1x authentication. This provides a considerable security improvement over the wired equivalent privacy (WEP) standard, which was not designed for ultimate security but rather to be "at least as secure as a wire". 802.11i also allows for backward compatibility with the original 802.11 standard. Even greater security can be gained in products available since 2003, which include new hardware supporting encryption. Products currently on the market are able to use the most advanced features of 802.11i, such as AES encryption for bulk data protection, key caching which allows mobile stations to switch from one access point to another without incurring the time overhead of a key exchange each time, and pre-authentication which allows a client to establish security state in an access point prior to associating to it..

It is best to think of 802.11i not as a single protocol but rather a security framework (Figure 1), using existing, proven security standards — like a recipe listing the ingredients to bake a cake. Just as a chef will select the best ingredients for a particular type of cake, so too can a network administrator select the best mix of encryption types, authentication mechanisms, and PKIs to address their organization's requirements.

ABCs of 802.11 Security
Customers who deploy WLAN solutions need to be confident of the system's ability to address integrity, privacy, and reliability. Solving these challenges in securing WLANs requires addressing many facets of security, including:

• Strong mutual authentication — The client and access point must cryptographically prove their identities to each other.
• Messages must have data origin protection — It must be possible to prove that sender of a message is genuine and not a man-in-the-middle.
• Messages must have data integrity protection— It must be possible to prove that messages are not altered in transit.
• Messages must have confidentiality — The contents of messages must only be viewable by the sender and receiver.

To achieve these goals, 802.11i leverages a number of security features including AAA and PKI/ Let's look at both below.

1. AAA,
Authentication, authorization, and accounting (AAA) is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security.

AAA services are often provided by a dedicated AAA server, a program that performs these functions. A commonly used standard by which network access servers interface with the AAA server is the Remote Authentication Dial-In User Service (RADIUS).

PKI
Public-key infrastructure (PKI) is a hierarchy of trust using public key cryptography. The top of the hierarchy is a root certification authority (CA), the leaves of this hierarchy are individuals identified by a certificate, and intermediate nodes of the hierarchy are individual, non-root, CAs. Each CA, both root and non-root, is an entity which is trusted to verify the identity of others and to issue certificates, a kind of online passport, to them (Figure 2).

CAs allow the establishment of trust to scale because the CA vouches for identity of other people. If the CA is trusted all people whose identities are vouched for by the CA can be proven. For example, if 50 people trust a CA it is trivial to add a 51st person to the ring of trust — merely give it a certificate signed by the CA. But if there is no CA, no trusted third party, it is necessary to introduce the 51st person to all 50 other people in order to establish the same amount of trust. That just does not scale.

Certificates issued by a CA bind identities to public keys. They are tamper-proof because the CA signs them and any alteration to the certificate after the signing could be detected. If a certificate is valid, that is it has not been altered, and the CA is trusted then the identity contained in the certificate can be authenticated.

There are two types of digital certificates that are important when building secure wireless networks: server certificates and personal certificates. Both of them must be signed by a CA to be truly effective.

Server certificates identify network entities like access points or WLAN switches. They allow clients to authenticate the network entity to which it is trying to gain access. This prevents a rogue access point from trying to attract legitimate clients and induce them to provide it with their credentials.

Personal certificates identify clients and allow network entities like access points or WLAN switches to authenticate clients. This ensures that the only people allowed onto your network are people you want to allow.

802.1x Authentication: Halt! Who Goes There?
802.1x defines port-based, network access control that is used to provide authenticated network access. While this standard is designed for wired Ethernet networks, it has been adapted for use on 802.11 WLANs. 802.1x defines the following terms that have been carried into the wireless world: