Exploring Campus Area Network (CAN) and Wireless Security Protocols

Verified

Added on 2023/06/11

AI Summary

This report provides an overview of Campus Area Networks (CAN) and Wi-Fi security protocols, focusing on their architecture, implementation, and security aspects. It begins by defining CANs and their infrastructure, highlighting their use in connecting networks within limited geographical areas such as university campuses and corporate environments. The report then discusses campus Wi-Fi services, including access restrictions and manual proxy configurations. A significant portion of the report is dedicated to wireless security protocols, specifically WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access), and WPA2 (Wi-Fi Protected Access 2), detailing their encryption methods, vulnerabilities, and limitations. The analysis covers the algorithms used to secure data transmission, the weaknesses of WEP, and the improvements offered by WPA and WPA2, emphasizing the importance of using CCMP with AES for enhanced security. The report concludes by highlighting the trade-offs between security and processing speed, particularly concerning older wireless access points when implementing WPA2.

Campus Area Network –
CAN
A campus area network known as (CAN) is used to inter-connect networks in
limited geographical locality like university campus, military bases, or
organizational campuses etc. It can be taken as the metropolitan network
that has the specific settings at the small area just like a computer lab in the
university.
CAN (Campus Area Network) area is no doubt larger than a local area
network but it is still smaller then a wide area network. These networks are
designed for the particular place that hits the highest point level. For
example, multiple labs, multiple offices in the buildings etc. most of the time,
this term is referred as the university campus but when it is used at
organizational level, we call it corporate campus network.
As we have discussed above it is smaller than a wide area network and
multiple Local Area Network (LAN) combines in one organization or regions
to make a Campus Area Network (CAN). Therefore, whenever some one tells
you about the networks within the specific area, you can easily guess that it
is campus network.
Infrastructure of CAN (Campus Area Network)
In this kind of networking, the same technology along with the hardware is
used in different buildings of one campus or one corporation. They follow the
same terminologies like the local area networks but the difference is that
they are interconnected between the multiple buildings at the particular
location. Just imagine a university campus in which you have multiple
departments such as information technology, electronics, mass
communication and fine arts etc and in all these departments computer labs,
they have implemented the same infra -structure of hardware and other
technologies using the Local area network as the main tool, and one
message sent by one department can be accessed by the other department,
then we say that the network is following the techniques of Campus Area
Network (CAN) .
Same is the case with the corporation or organizations which have different
departments in one locality and these departments can communicate with
each other using the communication medium of CAN (Campus Area
Network). In Campus Area Networking (CAN) system the same type of
hardware means that routers, switches, hubs, cabling and even wireless

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

connection points are same in the multiple buildings. We can say that theses
all networking resources are owned by the same organization. If we talk
about the internet connection companies, we see that one university uses
the same connection for all of its departments. In CAN (Campus Area
Network), just like the internet connection, one company has dealings with
the entire organization.
How CAN (Campus Area Networks) Work, Uses of CAN
As we know that universities are the best example of this type of
interconnection hence, different blocks of universities such as administrative
office, educational departments, staff rooms, gymnasium, common room,
hostels and conference halls when connected with each other combine to
form the CAN (Campus Area Network). In most cases, corporate campuses
are connected through the wireless communication mediums rather than
cabling and wirings because they are more economical to use as compare to
the long wiring and cabling. Organizations do follow this strategy because
they always try to maintain the best outcome by investing less and with the
wireless communication throughout their building offices, they can manage
their budget that they may be spending on the wiring, hubs, switches etc.
they can perform the same task by only connecting one or two devices at
their main office and providing signals to other departments which they can
use without any difficulty.
Campus Area networks (CAN) are economical, beneficial and easy to
implement in the specific kilometers of locality. It is very helpful for the
universities and other corporate organizations to work from any block and
receive the same speed of data transfer.
2 CAMPUS WI-FI SERVICES
Increase in the number of students allowed the campus to provide free Wi-Fi service to the students.
This free Wi-Fi allows certain application to run for example; the student can access search sites, Moodle
and student email. On other hand certain application won’t be functional such as Facebook, What’s app,
Viber, and other messaging application. The free Wi-Fi allows students to access internet through their
mobile phones, tablet and laptops. Users have to enter manual proxy in order to access internet into
their mobile phones. They can then connect to the free Wi-Fi within the campus. Areas covered are in
the vicinity of the University canteen, ITS Labs and Library.
3 WIRELESS SECURITY PROTOCOLS
Wireless security protocols provide authentication attempts from a mobile device. The security
protocols are WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access and WPA2 (Wi-Fi Protected
Access 2) [1]. This security protocol uses different algorithms to secure the transmission of data from
point A to point B. Security is a concern as attackers use various types of hacking software and
techniques to breach security.
3.1 WEP (Wired Equivalent Privacy)

WEP was the first generation of wireless security protocol which incorporated both encryption and
authentication in the IEEE 802.11 standard. It is now considered obsolete due to flaws found in the
802.11 security. WEP uses the standard feature of all 802.11b, 802.11g and 802.11a network equipment
[2]. WEP offers Open and Shared key security, and both are weak security protocols. Majority of the
smart phones doesn’t use the WEP protocol as it is not a reliable security protocol. This is because the
WEP key length can be cracked using various tools such as ―AirCrack‖. Also, WEP security protocol uses
default values which intruders can attack by using cryptanalysis [3]. This default values can be encrypted
using the same IV/WEP combination. IV is the Initialization vector which use combination of secret key
to encrypt data. The WEP is also very vulnerable to use in the large organization, since WEP uses short
IV’s and keys remain static. WEP only uses 24bit key and it uses the same IV for different data packets. If
the reoccurrence of the IV increase then the hacker will collect all the frames created using the same IV
and the hacker will determine the shared values (KeyStream or Shared secret key) and decrypt any
802.11 frames [1], [4].
3.2 WPA (Wi-Fi Protected Access)
WPA was implemented as a new protocol which was more secure than WEP, this protocol uses 802.1x +
EAP (Extensible Authentication Protocol) authentication which is more advance compared to WEP. As
seen in Fig.1, WPA uses the two variant methods, namely WPA-PSK (CCMP), and WPA-PSK (TKIP). The
authentication method used in this protocol is either CCMP (Counter Mode with Cipher Block Chaining
Message Authentication Code Protocol) or TKIP (Temporal Key Integrity Protocol). Only CCMP uses
Advance Encryption Standard (AES) protocol for data encryption [1], [6], and should be the choice of
use. WPA consist of two methods in the authentication part TKIP and MIC (Message Integrity Check)
which avoids hackers from accessing the access point in comprise with the hashing method [1]. In TKIP
the key dynamically changes (rekeyed) not in the WEP where it has a fixed key, this will make difficult for
the hackers to decrypt a packet. The limitations of WPA is that it has compatibility issue regarding the
hardware and operating system use and also the using of 256 bit key to generate a string hence it will
allow attackers to use brute-force and dictionary attacks [1], [5]. Wireless devices use WPA as the
security protocol in order to connect to a Wi-Fi access point. In WPA, users enter password of at least 8
characters which include upper case, lower case, symbols and numbers. However, this password can be
cracked using brute-force method.
3.3 WPA2-PSK (Wi-Fi Protected Access Version 2- PreShared Key)
WPA2-PSK protocol is the latest Wi-Fi encryption standard which is implemented to improve security of
WPA. WPA2 uses the 802.11i standard feature which consists of data encryption algorithm. As seen in
Fig.1, WPA2 also uses the two variant methods, namely WPA2-PSK (CCMP), and WPA2-PSK (CCMP/TKIP).
The authentication method used in this protocol is either CCMP or TKIP. However, as in the case of WPA,
in WPA2-PSK only CCMP should be the choice of implementation, as it uses AES [1], [6]. Today, most of
the mobile devices have WPA2 security feature for connecting to another Wi-Fi device. This security
protocol was designed in a way that hackers find it hard to break the encryption. A limitation for using
WPA2 is the processing speed. Some researchers mention that using WPA2 requires more powerful
hardware to view to maximum network performance for heavy used networks. The issue was regarding
using of older wireless access point (WAP) or router [7]. The chances of a hacker to break into WPA2
security using conventional hardware are nil.