Home: www.packetnexus.com
Wireless security riddled with flaws P.J. Connolly THE INTERCEPTION OF wireless traffic has gone on for decades, initially proving its value during World War I. In the years since, anxiety about wireless security has shifted but is no less valid. Now it has less to do with the movements of armies and fleets and more to do with data and privacy concerns. Although security is a concern for companies implementing wireless networking, it appears to be taking a back seat to bread-and-butter issues such as making the stuff work and keeping overall cost down, according to the 2001 InfoWorld Wireless Survey. Of the 500 InfoWorld readers polled, almost twice as many cited cost rather than security, 31.2 percent vs. 16 percent, as the greatest roadblock to implementing wireless networking. Very few, 2.6 percent, indicated that security enhancements were necessary for their company to effectively implement wireless technologies. Most survey participants prefer to bang the drum for better applications -- 71 percent of combined responses -- and improved training -- 73 percent of combined responses You can't argue with the frustration expressed by those whose expectations for wireless remain unmet. After all, without applications and training, what you have left isn't good for much more than placing calls and receiving stock quotes. But IT leaders everywhere are placing too much faith in the built-in security of wireless technologies, when wireless security is in fact a contradiction in terms. By their nature, radio technologies are an insecure medium. In most cases, transmission to client devices is an omnidirectional broadcast, so that anyone within range of the transmitter can intercept the signal with a properly equipped receiver. If that weren't bad enough, the basic encryption technologies used in many of the emerging wireless standards are generally not worth the CPU cycles they consume; they're weak and easily cracked because of poor implementation. Whither WEP? It is one thing to have weak, 40-bit encryption in a Bluetooth-enabled device with an effective range of about 30 feet. But fundamental problems with the WEP (Wired Equivalent Privacy) protocol, which is at the heart of the 802.11 wireless networking standard, are another thing. Three separate teams of researchers -- one at Intel, another at the University of California at Berkeley, and yet another at the University of Maryland at College Park -- have raised questions about WEP's capability to provide secure communications. This first came to light last October when Intel's Jesse Walker told the IEEE that WEP was "unsafe at any key size" because the basic cryptographic structure was unsound. Walker refuted the notion that the only thing wrong with WEP was its use of a 40-bit key. He demonstrated that the practice of using an easily determined "initialization vector" renders the encrypted traffic vulnerable because keys are reused when they shouldn't be. He also pointed out that the RC4 "stream cipher" method used by WEP isn't well-suited to wireless networks that can and will drop packets because the lost packets foul up the encryption and decryption engines, like vapor lock does to a car on a hot day. Since then, more evidence of the problems with WEP has surfaced, and WEP2, the proposed next generation of 802.11 security, is also at risk. For example, in January, the Berkeley team went beyond the math, outlined how one might go about collecting the necessary data for breaking the encryption, and