Wireless computing devices have become ubiquitous due to their convenience and the wide availability of wireless connection points in private businesses and public places. Unfortunately, as a result of this popularity as well as due to wireless’ inherent insecurity, this means that wireless security problems have proliferated as well. There are few computing environments today that do not employ some type of wireless communication between devices, so you will need to be ready to install and secure these communications in any type of professional setting.
Wireless Security Methods:
There are a number of security methods available to encrypt and secure wireless communications.
Wired Equivalent Privacy (WEP) provides 64-bit, 128-bit, and 256-bit encryption for wireless communication that uses the 802.11a and 802.11b protocols. While WEP might sound like a good solution at ﬁrst, it ironically is not as secure as it should be. The problem stems from the way WEP produces the keys that are used to encrypt data. Because of a ﬂaw in the method, attackers could easily generate their own keys by using a wireless network capture tool to capture and analyze network data and crack WEP in a short period of time.
Wireless Transport Layer Security (WTLS) is the security layer of Wireless Application Protocol (WAP). WAP is a protocol designed to transmit data such as web pages, email, and newsgroup postings to and from wireless devices such as cell phones, PDAs, and handheld computers over very long distances. WTLS secures WAP by using public-key cryptography for mutual authentication and data encryption. In most cases, WTLS is meant to provide secure WAP communications, but if it is improperly conﬁgured or implemented, it can expose wireless devices to attacks that include email forgery and sniffing data that has been sent in plain text.
802.1x is an IEEE standard used to provide a port-based authentication mechanism for wireless communications using the 802.11a and 802.11b protocols. A client using 802.1x passes the Extensible Authentication Protocol (EAP) over a LAN to an authentication server.
Wi-Fi Protected Access (WPA) is a security protocol that was introduced to address some of the shortcomings in the WEP protocol during the pending development of the 802.11i IEEE standard. It uses strong authentication and data encryption mechanisms.
WPA2 or 802.11I:
802.11 is a complete wireless standard that adds strong encryption and authentication security to 802.11 and relies on 802.1x as the authentication mechanism. 802.11i is sometimes referred to as WPA2. Temporal Key integrity Protocol (TKIP) is a security protocol created by the IEEE 802.11i task group to replace WEP. TKIP is combined with the existing WEP encryption to provide a 128-bit encryption key that ﬁxes the key length issues of WEP.