- Tech know how online

WLAN security

The security standard defined by the 802.11iworking group for WLANs had some gaps and was therefore completely revised and redefined. With the redefinition, cross-vendor WLAN security solutions are possible in all network configurations, regardless of the products used.

In general, WLAN security as part of WLAN management refers to the access protection of subscribers through authentication and protection against dial-in to unauthorized access points (AP). In addition, the security solutions must ensure that unauthorized persons cannot evaluate the data streams received via radio. Since the reception of radio signals at an appropriate distance cannot be prevented, suitable measures in the form of encryption must be used to ensure that the encrypted data packets cannot be decrypted and evaluated. Furthermore, WLAN security must also be able to detect and prevent the manipulation of data streams. This can be done by means of cyclic block checking (CRC) as in the WEP protocol, by the Micheal hash as in WiFi Protected Architecture (WPA) or by Counter Mode with CBC-MAC (CCM) as in 802.11i.

Key exchange over the WLAN is another issue that poses problems, especially with symmetric encryption where the sender and receiver use the same key. Therefore, WLANs often work with asymmetric encryption in key exchange and symmetric encryption in transmission. In this context, the WEP protocol (Wired Equivalent Privacy), which was defined in 802.11, should be mentioned. Furthermore, the Counter Mode with CBC-MAC Protocol (CCMP) and the Wireless Robust Authentication Protocol (WRAP).

Since the WEP protocol has some weaknesses, other protocols with dynamic key assignment are used in addition to this security protocol with static keys. For example, the Extensible Authentication Protocol (EAP) and the WiFi Protected Architecture (WPA) defined by the WiFi Alliance.

802.11i has a sophisticated security concept with a comprehensive key hierarchy that recognizes a master key (MK), pairwise master key (PMK), pairwise transient key (PTK) and other derived keys.

Informationen zum Artikel
Englisch: WLAN security
Updated at: 31.01.2019
#Words: 546