A Survey on Security Aspects of Wi-Fi Technology and Protocols

Verified

Added on 2022/09/28

AI Summary

This report provides a comprehensive survey of Wi-Fi security, examining the evolution of security protocols from Wired Equivalent Privacy (WEP) to Wi-Fi Protected Access (WPA and WPA2). It highlights the vulnerabilities associated with wireless networks and the importance of security goals such as authentication, integrity, secrecy, and non-repudiation. The paper details the mechanisms of WEP, WPA (including WPA-PSK and WPA-Enterprise), and WPA2, emphasizing the improvements in WPA2, which utilizes the Cipher Block Chaining Message Authentication Code Protocol (CCMP) with Advanced Encryption Standard (AES) for enhanced data encryption. The analysis concludes that despite its limitations, WPA2 offers the most robust security compared to its predecessors. The report references key sources in computer networking and wireless security, providing a solid foundation for understanding the current state of Wi-Fi security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

SECURITY ASPECT OF WI-FI TECHNOLOGY: A SURVEY PAPER
Abstract
With the increase in network connections in homes and Businesses, educational institutions and
streets wireless networks remains to be the most used. This is due to the need of flexibility of
communication in the world of computing without reliance of communication cables. The wide
usage and easy access poses a great security threat to private information. This paper illustrates
the security aspects of Wi-Fi: 802.11 (BEHROUZ A. FOROUZAN, 2017)
Introduction
Development of wireless networks started in 1990s but IEEE 802.11 wireless network LAN (Wi-
Fi) remains to be most used in all areas ranging from homes to businesses. There are several
standards of 802.11 which share several characteristics. These characteristics are:
 They all use the same link-layer frame structure.
 They can all reduce their transmission rate to enable them cover a greater distance.
 Latest standard are capable to still interact with older standards while the older standards
can still interact with newer versions.
However, all the standards have major differences majorly in the frequencies that the devices
operate in that they operate in 2.4 GHz frequency range (2.4–2.485 GHz) and 5 GHz frequency
range (5.1 – 5.8 GHz). Older standards used one standard, either 2.4 GHz or 5 GHz range while
the latest versions (802.11n and 802.11ac) utilizes multiple input multiple-output (MIMO)
antennas transmitting/receiving both frequency ranges. (JAMES F. KUROSE, 2017)
Wi-Fi Standard Data Rate Frequency Range
802.11b ~ 11 Mbps 2.4 Gigahertz
802.11a ~ 54 Mbps 5 Gigahertz
802.11g ~ 54 Mbps 2.4 Gigahertz
802.11n ~ 450 Mbps 2.5 Gigahertz and 5 Gigahertz
802.11ac ~ 1300 Mbps 5 Gigahertz
Table 1.1
Security aspects

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Wide usage of wireless networks make them vulnerable to all forms of security attacks. These
attacks include passive attacks where networks communication are monitored and active attacks
where network is exploited by insiders or through service providers.
Security Goals
To avert these exploits and threats, the systems must have measures to guarantee the secrecy of
information passing through the network. To achieve network security the Wi-Fi system
following goals should be attained: (JAMES F. KUROSE, 2017)
1. Authentication- Before sending or receiving data using Wi-Fi, the sender and receiver
must be identified and their identity verified.
2. Integrity - the content of data sent through the system must be authentic and unmodified
between the sender endpoint and receiver endpoint.
3. Secrecy - the data sent through the system can only be interpreted by the sender and the
receiver and no one in between.
4. Non-Repudiation –this means that there is no possibility that the sender can deny sending
a message.
To ensure security of data transmitted through the network, security mechanisms have been put
in place and standardized in 802.11 standards. These security techniques are known as wired
equivalent privacy (WEP), Wi-Fi Protected Access (WPA and WPA2). (S. D. Kanawat, 2011)
Wired equivalent privacy (WEP).
This protocol was designed in 1999 to give provision of authentication and data encryption
between the host and wireless access points using a symmetric shared key approach. It utilizes
40-bit and 128-bit encryption key. There is no key management algorithm in WEP and therefore
it uses an out-band key to authenticate the host and access point. The authentication process is as
follows:
1. Host makes a request to the access point for its authentication.
2. The access point transmits a reply with a 128-bit key to the host.
3. The host creates an encrypted key and sends it to the access point.
4. The received host-encrypted key is decrypted by the access point.

Figure 1: WEP authentication process.
If the key matches the key sent originally, then the access point host is authenticated by the
access point. Since its development, systems and computers have changed making them
powerful enough to break the encryption in 5 hours. This urged developers to update it to WEP2
and now the latest Wi-Fi Protected Access (WPA and WPA2). (L. SANG 2012)
Wi-Fi Protected Access (WPA and WPA2)
WPA was designed to patch the holes in WEP. In a lot of ways, WPA is very similar with WEP.
The main difference is that the encryption key regularly changes in intervals thus hindering
efforts of breaking the encryption key. WPA utilizes TKIP (Temporal Key Integrity Protocol) for
data encryption which eliminated the need of using the same key in encryption, it generates a
128-bit encryption key different for every data packet. This makes WPA more secure than WEP.
(J. C. CHEN, 2005)
In WPA Authentication Mechanisms WPA-Pre-Shared Key (WPA-PSK) mechanisms are used.
A static WPA Pre-Shared key is used to initiate communication between users. This makes a

PMK (Pairwise Master Key) that is static in TKIP to be ready before a connection is made
between the two users. (L. BLUNK 2003)
WPA-Enterprise: which is an advanced WPA designed for enterprise networks, gives a stronger
authentication method using RADIUS (Remote Authentication Dial in User Service). WPA2
which is improvement of WPA which has CCMP (Cipher block Chaining Message
Authentication Code Protocol) that uses AES (Advance Encryption Standard) to encrypt data.
CONCLUSION
In systems and security, data can be altered or stolen for personal gains. This paper has
highlighted the Wi-Fi security processes and methods WEP, WPA, and WPA2 and found that
despite all its shortcomings, WPA2 is the most secure in Wi-Fi security compared to latter
protocols.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

References
JAMES F. KUROSE, K. R. (2017). Computer Networking: A Top-Down Approach. Pearson
Education Limited.
S. D. Kanawat and P. S. Parihar, Editors (2011). “Attacks in Wireless Networks”, International
Journal of Smart Sensors and Adhoc Networks.
L. Sang and A. Arora, (2012), “A Shared Secret Free Security Infrastructure for Wireless
Networks”, ACM Transactions on Autonomous and Adaptive Systems (TAAS).
G. RUPINDE, S. JASON, C. ANDREW (2006). Specification Based Intrusion Detection in
WLANs. 22nd Annual Computer Security Applications Conference, Miami Beach,
Florida.
J. C. CHEN, M. C. JIANG, Y. W. LIU (2005). Wireless LAN security and IEEE 802.11i. IEEE
Wireless Communications.
L. BLUNK, J. VOLLBRECHT, B. ABOBA, J. CARLSON, H. LEVKOWETZ (2003),
Extensible Authentication Protocol (EAP). Internet Draft draft-ietf-eap-rfc2284bis06.txt.
Behrouz A. Forouzan, Sophia Chung Fegan (2017). DATA COMMUNICATIONS AND
NETWORKING. McGraw-Hill