WPA: Is Wi-Fi's Security Bandage Going to Win Over Network Admins?

by Jacqueline Emigh

Faced with widespread concern over WEP's problems as a security standard, the Wi-Fi Alliance introduced WPA as an interim fix. Are administrators going to adopt it or wait for next years's 802.11i? Jacqueline Emight reports.

Administrators concerned over wireless security are now sitting down to an alphabet soup of security protocols, with a few numbers thrown in to add more complexity to the broth. The Wi-Fi Alliance standards group recently introduced an interim standard called WPA (Wi-Fi Protected Access), to replace the highly crackable WEP (Wired Equivalent Privacy). WPA, though, will then be superceded by the full-blown 802.11i protocol, probably by the end of next year.

Still being finalized by the IEEE , 802.11i is an extension to the 802.11 ESN (Enhanced Security Network). WPA, on the other hand, is a "subset of the 802.11 draft standard, and will maintain forward compatibility," according to Wi-Fi Alliance Chairman Dennis Eaton.

WEP's security flaws have been widely known ever since January of 2001, when the University of California at Berkeley issued a highly publicized paper. Since then, WEP has been roundly criticized for flaws that include weak encryption, characterized by keys that are no longer than 40 bits; static encryption keys; and lack of a key distribution method.

"Not long after its development, WEP's cryptographic weaknesses began to be exposed. A series of independent studies from various academic and commercial institutions showed that even with WEP enabled, third parties can breach WLAN security," acknowledged the Wi-Fi Alliance, in a recent white paper. "Although such security breaches might take days on a home or small business WLAN where traffic is light, it can be accomplished in a matter of hours on a busy corporate network."

WPA is intended to fix these problems through technologies that include TKIP (Temporal Key Integrity Protocol) - a set of algorithms meant to augment WEP - as well as 802.1x. 802.1x is a "mechanism for enhanced mutual authentication and dynamic key distribution - two shortfalls in the current WEP standard," according to Brian Grimm, a Wi-Fi Alliance spokesperson.

"WPA will be mandatory for Wi-Fi certification before the end of 2003, and eventually products will have to ship with WPA turned on," predicted the Gartner Group, in a recent report. "Gartner recommends that enterprises install WPA as soon as it's available if they use only the WEP security solution."

Leading vendors of wireless access points (APs) and chip sets have already announced support for WPA. WPA will also be delivered as software and firmware upgrades to existing Wi-Fi products. The first WPA-compliant products are slated for shipment in the first quarter of 2003.

Meanwhile, though, about a year from now, vendors are expected to release products complying with 802,11i, a protocol that will fold in AES (Advanced Encryption Standard).

For their part, many administrators are still learning about WEP, let alone newer technologies like AES and TKIP.

Some network managers remain unconvinced that WEP presents problems on actual enterprise nets. "Most of us know that the WEP encryption has been broken and a practice attack has been mounted. In fact there is even free software such as Airsnort and Wepcrak that supposedly recovers RC4 keys. My question is: How effective are thee attacks in the real world? Has anyone found any data to show that weak keys are really numerous enough to be used practically (for recovering) keys reliably, in the real world?" asked one administrator in an Internet newsgroup.

"WEP is still a good deterrent for 'casual' snoopers," maintained Grimm. "You are more secure with WEP on than with WEP off!" WEP, though, "can be comprised with the appropriate tools and expertise."

The Wi-Fi Alliance's current recommendations for large companies call for implementing end-to-end security through mechanisms such as 802.1x encryption, RADIUS authentication, and VPNs (virtual private networks).

Wi-Fi Protected Access is not to be confused with Windows Privacy Activation - another protocol that uses the WPA acronym. Ironically, though, like the controversial Windows Privacy Activation, the Wi-Fi-supported 802.1x is built into Windows XP. The 802.1x protocol is also supported on many Wi-Fi APs now on the market.

In contrast, TKIP is a protocol based on RC4, and "targeted for legacy equipment," according to Grimm. In conjunction with 802.1x, TKIP will provide for dynamic rekeying, generating a new encryption key every 10K packets.

TKIP surrounds the WEP cipher engine with four new algorithms: extended 48- bit IV and IV sequencing rules; new per-packet key construction; a key derivation and distribution method; and an MIC (message integrity code) dubbed Michael.

The IEEE 802.11 committee adopted the final elements of TKIP at a meeting on November 21. "The document is now being edited," said Grimm. WPA certification began is November, and WPA certification is set to start in February of next year.

In enterprises, WPA will be used in conjunction with both wireless APs and an authentication server, for centralized access control and management. Homes and small offices, though, will be able to use a "pre-shared key mode" in place of the authentication server, according to Grimm.

Under pre-shared key mode, access to the wireless network and the Internet will be allowed only if the "pre-shared key" of the computer matches that of the AP.

AES, the third "major new element in 802.11i," is a block cipher which will replace both WEP and RC4. Targeted at "future Wi-Fi equipment," it will be hardware-accelerated for faster performance.

Unlike WPA, though, AES looks likely to require hardware replacement, according to many 802.11i experts. "It won't be possible to upgrade to 802.11i simply through a software or firmware upgrade," said Ronald P. Sperano, program director, Mobile Market Development, in IBM's Personal Systems Group.

Will companies be willing to invest in new 802.11 equipment, so soon after upgrading to the WPA protocol? Alternatively, will customers decide to 'pass' on WPA, in favor of waiting for the full-blown 802.11i? The jury is still out on these questions, waiting for the alphabet soup to settle.

» See All Articles by Columnist Jacqueline Emigh

This article was originally published on Tuesday Dec 3rd 2002