the promise and perils of a ubiquitous wireless internet
TRANSCRIPT
The Promise and Perils of a Ubiquitous
Wireless Internet
Steven Esposito∗ Geoffrey Jacoby† Peter White‡
October 29, 2003
∗[email protected]†[email protected]‡[email protected]
1
Wireless Internet service shows great promise in allowing users to have
nation-wide, ubiquitous Internet access. Two varieties of service are forming.
In one variety, a user is given free wireless access either as advertising or as
a public service. In another, the user pays for wireless access from a com-
mercial provider, must like a wired ISP. However, the very nature of wireless
creates some additional technical problems which wired connections do not
have to consider. Because wireless connections use collision avoidance rather
than collision detection, wireless connections have additional overhead. In
addition, because wireless connections use RF signals rather than hard-to-
tap wire, they are vulnerable to eavesdropping. Also, wireless connections
are susceptible to freeloading if proper authentication is not implemented.
The current security protocol,WEP, is fatally flawed due to improper imple-
mentation and use of a weak key. Before commercial services can mature,
these problems with authentication and security must be satisfactorily dealt
with.
2
1 Introduction
At the moment, consumers are faced with the choice between mobility and
broadband. There exist national dial-up ISPs, such as Earthlink and AOL,
which offer local numbers in most areas to their subscribers. However, these
dial-up connections operate at at most 56 kbps, the maximum speed of a mo-
dem. Likewise, there exist broadband providers, who, through cable modems
or DSL, can provide broadband connections to a fixed location. These con-
nections, while still not as fast as a direct connection such as a T1 line, still
offer far more bandwidth than dial-up. However, broadband is not portable.
In recent years, wireless access using a base station, which also acts as a
NAT, has become a popular way for broadband users to extend their cable
or DSL service to their entire house, rather than merely one computer. This
concept is beginning to be extended to the creation of ISPs, both non-profit
and commercial, which are purely wireless. In theory, wireless connections
offer more bandwidth than even broadband, with a cheaper infrastructure
and easier upgradability. Thus, they are a better solution than the last mile
problem than cable or DSL. However, there are issues of security and authen-
tication which must be dealt with before wireless ISPs can become mature
and fulfill their great potential.
In this paper, we will survey some examples of existing wireless service,
and how they are dealing with the issues of authentication, service cover-
age, and security. Second, we will show the nature and flaws of the existing
3
wireless security protocol WEP, and how VPN can be used to provide au-
thentication. Lastly, we will describe some current attempts to replace WEP
with better protocols..
2 Types of Service
There are two different major types of wireless service that will soon be
available in most of the United States. While variations exist of both, the
security requirements change little from variation to variation. In the first
type, the subscription model, a consumer directly pays an ISP to receive
wireless service. In the second type, the free model, the provider allows
wireless access for free, subsidizing it by different means.
2.1 Free Model
Under this method of service, the consumer does not directly bear the cost
of his own access. The access is either subsidized by a company to attract
customers, by the government for its citizens, or by individuals to provide
access to their own neighborhood. For free model providers, authentication
is much less important than security and service coverage. After all, the
purpose of most free model networks is to provide access to whomever is in
the area and wishes to use the Internet. Since there is no billing, there might
not be a need to verify who is using the system. Therefore, authentication
4
can often, but not always, be left to the application layer.
The security of the individual computers, as well as the security of the
transmissions themselves, remains vitally important. Even users in a coffee
shop will still hesitate to use wireless connections for, say, instant messaging,
if a user at another table can eavesdrop easily.
However, the main problem which free models must grapple with is service
coverage. Aside from a state funded nation-wide or state-wide network, all
free models are hampered by their limited range. For most free providers,
this is not a problem. In fact, for those who will use wireless access as a
lure to attract customers to come to their place of business, this limited
range is in fact a feature for them. From the user’s point of view, however,
wireless networks based entirely on free models will likely be patchy. Without
the hope of income or a profit motive to invest in such an infrastructure, it
is unlikely that complete coverage can be achieved, even with community
organization.
Nevertheless, free models can provide advertising for a business, or a ser-
vice to a community. Free Internet could be a great boon for poorer neigh-
borhoods or communities, while at the same time helping to spur adoption of
wireless technologies, which would also help subscription ISPs. Two major
types of the Free Model exist at the moment-community wireless LANs such
as NYCWireless, and universities such as Duke.
5
2.2 Examples of the Free Model
2.2.1 Duke University
Duke University is a private university based in Durham, NC. Through its
Office of Information Technology, it has in recent years begun an aggressive
campaign to provide wireless access to most social and classroom spaces.
Currently, about 41 buildings, mostly classrooms and libraries, have wire-
less. Authentication is handled by refusing access to MAC addresses unreg-
istered with the university. Since the wireless network is designed to serve
the University community, which relatively stable, this system works fairly
well for students and faculty. It is unfortunate, however, that because of this
authentication method, visitors are not easily able to use wireless.
WEP is not used. However, as all official online University functions, such
as registrar and bursar accounts, are accessed using password authentication
over SSL, WEP is not needed [1].
2.2.2 NYCWireless
NYCWireless is a non-profit organization which seeks to foster grassroots
wireless networks in the New York area. It supports 802.11b. Access is
entirely free, and no authentication, even a password, is required. WEP
is not used, for technical reasons described later.[2] Therefore, any security
must come at the application layer, such as ssh, SSL, or VPN. This is not,
however, a major liability for a public wireless network. A public wireless
6
network is, by design, meant to allow as many people as possible to connect,
not to exclude users. The option for businesses to use their own VPN systems
allows for security without inconveniencing those who do not need encrypted
transmissions.
2.3 Subscription Model
The subscription model uses essentially the same business plan as traditional
wired ISPs. The service, Internet access, is the same. Only the medium of
transmission changes. However, the nature of wireless transmissions creates
complications in both service coverage and security, just as in free networks.
In addition, authenticating who may and who may not be granted access to
the network’s bandwidth becomes a key concern.
Because of the limited range of wireless base stations, multiple stations
might be necessary to cover a building. Whereas Ethernet may be at most
2500m in length, a wireless base station typically covers only a few hundred
feet.[3] For example, Apple markets its Airport Base Station, which uses the
802.11b standard, as having a range of 150 feet [4]. This is mitigated, how-
ever, by the relative cheapness of base stations. Also, one of the advantages
of wireless networks is that they are modular. One need only provide as
much infrastructure as one requires at the time, and if more is needed later,
it can be added. In contrast, to install cable to a neighborhood, one must do
so all at once, as the cost of digging repeatedly to lay cable is prohibitive.
7
In addition, upgrading wired networks such as cable or DSL lines often
must be done all at once, as it involves costly digging. Upgrading the ca-
pabilities of a wireless network can be done either by replacing inexpensive
commodity hardware, or via a firmware upgrade. Several of the 802.11 proto-
cols use the same 2.4 GHz spectrum, and so upgraded WAPs are backwards
compatible with their less capable predecessors. It is also possible to build
a WAP which can transmit on multiple protocols. This backwards com-
patibility is especially important with heterogenous coverage. Most current
subscription models foresee using networks of smaller ISPs. Not all access
points, therefore, will use the same version or brand of equipment, because
not all ISPs will have the funds to buy the most modern equipment.
In addition, because of the mobile nature of wireless access, customers
will be moving from provider to provider as they travel, even within a few
city blocks. Some of these providers will undoubtedly be either from a rival
ISP, or from a free provider. Keeping all WAPs compatible with 802.11b will
ensure that the user will not have to worry about which protocol to use.
2.4 Examples of the Subscription Model
2.4.1 Boingo
Sky Dayton, the founder of Earthlink, has created a wireless ISP known as
Boingo. The theory behind the service is similar to that of Earthlink. Much
as Earthlink achieved nationwide dial-up coverage by making alliances with
8
smaller, local ISPs, so Boingo is attempting to provide a nation-wide wireless
service by fostering the creation of local wireless hotspots.
For $799, a business may buy a WAP which provides access for Boingo
customers, and can be used to provide service for non-Boingo customers as
well. [5]. Through a revenue sharing arrangement, the business receives $1 for
each user who pays to connect through that WAP, plus $20.00 for each new
user the business recruits for Boingo. Users pay from $7.95 for one-time use
to $50.00 for unlimited national use, and are supplied with client software
from Boingo which, according to Boingo, sniffs out WAPs and takes care
of connection details transparently.[6] Having a nation-wide provider helps
to solve the problem of authentication-only one authentication is needed to
connect anywhere. In addition, VPN is available for security for an added
fee.
This system is designed to encourage small, independent ”HotSpots” to
do the work of building a nation-wide network for Boingo, and to pay for
the privilege in the hopes of eventual profit. At the same time, Boingo also
is focusing its attention on places well-traveled by business people who need
constant access to email and the Internet. Examples of this include hotels,
airports, and convention centers [7].
So far, however, Boingo has yet to meet its goals. Its coverage, even in
major metropolitan areas, is fairly sparse [8]. Its price for monthly, national
access is higher than many broadband cable and DSL packages, while at the
9
same time its one-time use fee, $7.95, seems quite steep. Should enough ISPs
sign on to the Boingo plan, the service has the potential to reach its goals.
However, if this does not happen soon, it might not happen at all. This
is because of a new venture recently announced by AT&T, IBM, and Intel
called Cometa.
2.4.2 Cometa
Details on Cometa are so far quite scarce. However, some preliminary infor-
mation about the endeavor has been released. AT&T will be providing the
infrastructure, with IBM ”handling wireless site installations and back-office
systems” [9]. Like Boingo, Cometa would allow users to use one sign-on
procedure for any Cometa wireless hotspot in the country. Unlike Boingo,
however, Cometa has only announced plans to deal with telecommunications
companies and ISPs, not individual users.
Cometa’s goals are quite lofty. Support for both 802.11b and 802.11a is
planned. It hopes to add 20,000 WAPs, so that by 2004 there will be nearby
coverage-within five minutes travel-of most users in major metropolitan areas
in the United States..
Cometa has not yet announced what technologies it will be using for
authentication or security. Both will be key to its success or failure, as
broken authentication will allow consumers to use the service without paying,
and broken security will make businesses reluctant to use the service. [9] In
10
particular, it is important that they not rely upon WEP for effective security.
3 The Wireless Protocol: 802.11, and why
WEP is not effective
Before 802.11, each company or ISP network was a WAN that ran on cables
behind walls and linking to each other and the external internet at a rack
of switches behind a locked closet door. 802.11 introduced the ability for
network traffic to be carried over radio waves so that people would not be
restricted by wires. Unfortunately, by moving it outside the walls and locked
cabinets, it became much easier for people to secretly listen in to all WAN
traffic, or at least the components going back and forth between wireless
clients.
The IETF 802.11 standard describes the use of radio transmission of
ethernet packet data for LAN’s and WAN’s. It outlines the transmission
of packet data between Wireless Access Points (WAP’s) and users across
unrestricted frequencies. It also optimizes support for ad hoc connectivity,
users switching connections between WAP’s, and users not being able to
detect all the other users sharing the WAP. 802.11 also outlined a security
and authentication scheme based on secret key encryption called the Wired
Equivalent Protocol (WEP). While the transmission standards of 802.11 were
a raging success, WEP turned out to be rather easy to crack, forcing other
11
authentication and security methods to be used, methods which were not as
scalable as WEP would have been
3.1 CSMA/CA: How different users can use a WAP
without colliding
The IETF wireless protocol is mostly interested in treating wireless connec-
tions like wired connections. Since Wireless users and WAPs are not actu-
ally connected physically, there are many different orientations that different
senders and receivers (and different signal strenghts) can be in relation to
each other. This means that two users might be in range of a WAP, but not
in range with each other. Thus, if they both tried to communicate at the
same time, the collision would only be detected at the WAP. So, collision
detection would be impossible without some sort of strict orientation.
In addition, wireless hardware is only half duplex,[10] because receiving
and sending at the same time from two different antennae in the space of a
PCMCIA card is relatively impossible. Thus, wireless radios are not able to
detect someone else transmitting if they are transmitting.
Therefore, The wireless protocol uses a collision avoidence scheme that
equates to each wireless object asking permission and listening for acknowl-
edgement before sending a packet. This creates much more overhead and
permission/acknowledgement packets being sent
12
3.2 802.11... Which standard is right for you?
802.11a and 802.11b are the two main wireless standards. 802.11b is the most
prolific, but 802.11a has more bandwidth capacity. They are also in com-
pletely different bands of the radio spectrum (802.11a being at 5GHz, and
802.11b transmitting at 2.4 GHz) and use different methods to span data
across channels of those bands (802.11a uses Orthogonal Frequency Divi-
sion Multiplexing OFDM, and 802.11b uses direct sequence spread spectrum
modulation). Thus, they cannot interoperate without completely different
hardware at the link state.
Jim Grier describes the perks of the two different options as follows [11]:
1. 802.11b - More prevalent and therefore cheaper to get infrastructure
for. It has broadcast ranges of about 300 feet from a base station, and
averages about 5 MBits per second.
2. 802.11a - Newer, but also carries 5 times the bandwidth. This is use-
ful for applications that create much more network traffic (streaming
video, x-tunneling). Unfortunately, it cycles much faster and has more
complex data storage, so it can only transmit about 60 feet from a base
station.
Grier[11] also points out that there are more WAPS coming out that
operate with both standards, allowing both protocols to be used within the
same network.
13
3.3 WEP: It was such a good idea
WEP (Wired Equivalent Protocol) is the IETF wireless security protocol
that was concocted to handle three things in link state [12]:
1. Access Control - Allow only those with the correct key the ability to
communicate effectively with the WAP
2. Data Integrity - Make sure that wireless datagrams cannot be inter-
cepted, modified, and passed on undetected.
3. Confidentiality - Prevent casual eavesdropping of wireless traffic going
across the network.
These would all be done transparently at link state, requiring only the
input of a WEP key by the user. Using this, all packets going between
sers and a WAP would be secure, authentic, and not tampered with. This
standard was created with the knowledge that it would be much easier for an
attacker to be able to access network traffic because it was being transmitted
openly in various high gigahertz ranges.
A summary of the encryption scheme seen in [12] is as follows:
1. Checksum - Use this to check the packet for data integrity, and con-
catenate the checksum onto the packet.
2. Encrypt - The checksum and packet combination using an RC4 gener-
ated keystream: to do this, generate a keystream (a sequence of pesudo-
14
random bytes) using the RC4 stream cypher algorithm given the secret
key and an initialization vector (IV) value. Then, x-or the keystream
to the checksum/packet. The result is encrypted data with a key cal-
culated by the combination.
3. Transmit - Transfer the encrypted data and the IV value to a receiver.
Using the known WEP key and the transmitted IV value, the receiver can
create the same keystream used for encryption and decrypt the message
and checksum. The receiver can then check the integrity of the message by
rehashing it to see if it matches the checksum.
Classic WEP does the above procedure using 40 bit keys, there is also an
extended wep that uses stronger (longer) keys and initialization vectors which
are utilized by sepecific vendors of wireless hardware (part of the difference
between Orinoco GOLD and SILVER systems is the use of longer wep keys
in GOLD)
Thus the three above goals are satisfied. Each message going back and
forth between the WAP and a user would be encrypted using the WEP key,
so casual eavesdropping would be made difficult without using a brute force
approach to find the key. Also, only users who know the key would be able to
send sensible packets to the WAP, so it serves as authentication by knowing
the key. Finally, the checksum encrypted along with the message makes
ensures integrity.
15
3.4 WEP: It was such a bad implementation
While WEP was hopeful, and had taken into accound the fact that commu-
nications could be much more easily intercepted, it turned out to be a rather
bad scheme in practice. Borisov et al. [13] showed how each of WEP is
insufficient in meeting its three goals of confidentiality, authentication, and
integrity.
The first fault of the IETF was thinking that attacks would be imprac-
tical despite the fact that messages could be easily interceptable. However,
since more and more 802.11 equiptment is being set up for various reasons,
antennae and connection equiptment for wireless hardware has been getting
cheaper. We managed to obtain a new 9 dB gain 2.4 gigahertz antenna and
the pigtail to connect to an Orinoco card for about sixty dollars. This an-
tenna could pick up traffic from normally broadcasting WAP’s about a mile
away (it picked up WAPs in biddle from the Bryan Center parking lot). More
sophisticated equiptment could be bought by the serious corporate spy easily
(check prices at http://www.hyperlinktech.com).
This means that the assumption that it would be rather hard to intercept
significant portions of wireless traffic is incorrect. It is entirely feasable to
have someone reading and analyzing traffic undetected from rather far away.
This would not be a problem if the encryption scheme was so strong that
unlimited scanning of wireless traffic would not yeild an easier way to crack
the scheme.
16
Unfortunately, as Borisov et al. [13] shows, WEP is not strong enough,
as a few cheap tricks can be used to break each of the IETF standards.
The main problem is that two different messages encrypted with the same
keystream can be x-or-d to produce an x-or of the two messages. The purpose
of including an initialization vector value in the RC4 stream was to ensure
that keystreams were never duplicated. Unfortunately, the WEP IV field is
24 bits wide, this means that in about a half day, the entire spectrum of IV
values is used and the keys start duplicating themselves. This further means
that someone saving all the network traffic can start determining the contents
of packets if they know a the contents of another key encrypted with the same
keystream. Considering the repetative nature of network traffic, that would
not be too hard, one could also send spam to the company and intercept
traffic as everyone checked their email.
The peril of keystream reuse is also exacerbated by the fact that WEP
did not force a good initialization vector scheme. Borisov et [13] al. gave the
example of the orinoco card that started it’s IV cycle at the beginning each
time it was plugged in, and incremented the value by one each time. Needless
to say, it would not be too dificult to compile a list of keystreams (about 24
Gb would be needed) which enable very easy ciphertext decryption.
The checksum on WEP can be over-ridden once ciphertexts are deter-
mined as well. This is because the checksum is a linear function, thus it is
possible to make modifications to the cyphertext that will distribute over
17
both the message and checksum underneath. So, if one has good experience
with CMR (complicated math reasons) involved with cryptography, they can
modify the message undetected.
Finally, if one compiles a database of all the possible keystreams, than
one doesn’t need to worry about figuring out the WEP key, they just pick a
random keystream to X-or the packets with, and it will be accepted by the
base station.
Thus, WEP is not an effective long term security measure for use by
companies. While it may deter casual snoopers, a dedicated system cracker
can break in and start reading system traffic. Also, the dropping price of
wireless hardware and the mutable firmware of 802.11 systems makes it easy
for system cracking applications to be written and distributed.
3.5 Current Security Implementations
Today, there are many options for security implementations, WEP, although
not as hard to defeat as IEEE would have liked, is still an effective deterrent
to the casual snooper. Other popular schemes include using Virtual Private
Networks (VPNs), and MAC address restriction.
3.5.1 VPN: security above the link state
VPNs are a scheme that involve all data between a remote user and a private
WAN being encrypted across the internet. It was created so that remote
18
users could set up links to their company network over the internet without
having to worry about traffic over the link being secure. This was to avoid
the solution of having to run dedicated network lines to users homes that
circumvented the internet due to security needs. VPNs work in the following
way
1. A VPN client running on the users machine will connect to the VPN
Server on a private WAN.
2. A Secure connection is constructed between the client and server.
3. Communication between the WAN and the remote user occurs securely.
VPN’s would be a good way for ISP’s to ensure that only subscribers were
logging into their network, and since all traffic is encrypted above the link be-
tween wireless user and WAP, security is taken care of as well. Unfortunately,
VPN’s don’t scale well, and could be singled out for DOS attacks.
3.5.2 MAC: allow only registered users
MAC (Medium Access Control) is a scheme used that only allows certain
ethernet hardware addresses to transmit through the network. It requires
that anybody wanting to use the network register with the service provider
so that their MAC address can be stored in a big table on a router somewhere
in the network.
19
Because tables of MAC address information would have to be stored and
updated at infrastructure points in the network, this method is also not
scalable beyond several hundred users. It is also possible to spoof the MAC
address of a card, and it doesn’t prevent anyone from casually eavesdropping
on wireless traffic, and is only effective for authentication
4 The Future of Wireless Security
Security in wireless technology has become a major sector of research and
debate in recent years. With the advent of wireless technology holding the
capacity to become the new medium upon which networks can be built, mea-
sures to secure access have become pressing issues. The initial problem with
wireless security comes to a head when trying to resolve clients and Access
Points (AP’s) demands. Individual users demand a network that is capable
of accomplishing simplicity and mobility [14]. APs, however, are primarily
concerned with authentication, authorization, and accounting (AAA) of user
activity. However, there is a common middle-ground that can be achieved
to outline the basic requirements for developing a suite of security tools for
wireless local area networks (WLAN’s) [14]:
1. Mutual Authentication - This quality permits the client and the AP to
properly authenticate each other. It also allows the AP to differentiate
clients.
20
2. Flexible Authorization - Provide the capacity to ensure continued se-
curity by updating and validating clients in some timely manner (i.e.
key freshness etc.)
3. Access Verification - Ensure the safe transfer of data from end-to-end.
4. Interoperability - Allows the client to move between networks without
exceptional overhead, and as smoothly as possible.
5. Data Confidentiality and Integrity - Provide mechanisms to ensure data
transfers are confidential, and allow users to extend their degree of
confidentiality (i.e. using IPsec or TLS).
This outline of requirements encompasses a majority of the demands for
developing security protocols, and will be used as the basis for analyzing a va-
riety of solutions that have been proposed recently. The proposals for increas-
ing WLAN security come in two associated varieties: network layer solutions
and authentication services. Although these solutions are targeted at the
same problem, they are incomplete solutions individually. Through a combi-
nation of these security measures, comfort and confidence with WLAN’s can
be achieved.
4.1 Network Layer Security Implementations
The network layer in ad hoc networks has become an increasingly important
research area, due to its vulnerability to security threats [15]. This layer
21
provides the capacity to route and forward packets of data; an indispensable
component for the proper functionality of a network. Despite the natural
inclination to regard these two functionalities as a singular role in the network
layer, largely due to their dependence upon each other, different security
problems can arise in each of their functionalities, as well as both [15] [16].
There are of course different, but linked, solutions to the problems that can
arise in these two constituents of the network layer.
The current security problems with the routing protocol are two-fold:
external attackers introducing flawed routing information and the nodes ad-
vertising this faulty information [17]. Ad hoc networks, because of their con-
tinually changing topology, compound this security issue; there is no fixed
infrastructure, such as a base station, and thus nodes can rely upon other
nodes to relay data, a responsibility traditionally reserved for a router [16].
Since topology changes in ad hoc networks are common, routing information
can become invalid due to these changes [17]. The solution to prevent er-
rors in routing is somewhat cumbersome, and subject to skepticism for its
ability to maintain efficiency. The most simplistic solution is to solicit the
routing information among nodes, and to perform error checking by diver-
sity coding [17]. While this solution is efficient, it fails to completely prevent
changes to the routing data. Currently, the major proposal under discus-
sion for securing the routing component revolves around changes to the Ad
Hoc On-Demand Vector (AODV) Routing protocol. The central concept to
22
improving AODV relies upon maintaining efficiency, while implementing in-
fallible security; however, many of the solutions accomplish only one of these
goals.
AODV has a multitude of security flaws: impersonation of nodes, forging
Route Error (RERRs) messages, and selectively terminating Route Request
(RREQs) and Route Reply (RREPs) messages [16]. Current proposals for
improving the security of AODV Routing consists of using digital signatures
to validate non-mutable fields, and using hash chains to protect the hop
counts; this routing protocol is currently called Secure AODV, or SAODV
[16]. The unfortunate problem with this implementation is the processing
demands this solution requires from some ad hoc networks to validate the
asymmetric cryptography [16]. However, Nokia Research Center (NRC) has
developed an alternative means to implement AODV security while mini-
mizing processing times, namely NRC-AODV [16]. This improved version of
SAODV is currently under a testing phase, but does require modification for
implementation in ad hoc computer networks. While this satisfies the routing
component, the data component is validated by point-to-point checks, such
as IPsec [16]. The SAODV solution is elegant for the routing component,
but is deficient in the data component given the mutability in topology of
WLAN’s. Therefore, a more suitable solution is desired.
An alternative solution to securing AODV relies upon a pseudo-event
notification system, coupled with tokens signed with a secret key [15]. The
23
solution, as proposed by Yang et. al.[15], is four-fold:
1. Neighbor Verification - A global secret key pair is used to validate
tokens broadcast from other nodes using asymmetric cryptography.
2. Security Enhanced - Routing Protocol - Each AODV maintains a list
called the Token Revocation List (TRL) broadcast by the intrusion
reaction component.
3. Neighbor Monitoring - This component monitors routing updates and
packet forwarding misbehaviors, as well as a form of distributed col-
laboration to assure any single node is in violation of security.
4. Intrusion Reaction - A broadcast system to isolate security violators
and notify network users through the TRL’s.
This solution is convenient because it is designed to be localized, dynamic,
intrusion tolerant, and decreases overhead time compared to the SAODV
solution. However, the employment of asymmetric cryptography, processor
complexity, and storage requirements shed a negative light on the possibility
and scalability of this solution. In addition to the fact that there is some de-
gree of node density required to implement the mechanisms of collaboration,
event notification, and neighbor validation. There are additional advantages
to this solution that allows it to supersede other solutions. The first is the
time-stamped distribution of updates, a parallel with information soliciting
24
used by Zhou and Haas. The salient feature in this implementation, however,
is the protection of both the routing and data components.
As aforementioned, the routing and data components of the network are
to some degree inseparable, and this solution encompasses both components.
The routing information is maintained by asymmetric cryptography within
the AODV, and continual broadcasts among nodes. Secondly, the data com-
ponent is validated by monitoring packet forwarding misbehavior among
nodes, and hence the TRLs [15]. This method can be summarized as using
a variety of algorithms to validate packets, and bolstered by the distributive
collaboration among nodes to ensure monitoring accuracy. Whereby, it sa-
tiates both components of the security requirements outlined for improving
the network layer in WLAN’s. The second component to satisfy a more com-
pletely secure WLAN is the implementation of authentication services that
are scaleable and efficient.
4.2 Authentication Security Implementations
Unfortunately, there is a limited amount of information available concerning
user authentication in a wireless network. However, from the information
available, the most suitable platform suggested so far is the integration of a
authentication protocols used on both hardwired and wireless LANs. Faria
and Cheriton [14] recommend two protocols to authenticate users on a net-
work: the Secure Internet Access Protocol (SIAP) and Secure Link Access
25
Protocol (SLAP) which provide a handshaking method of security for au-
thentication. These protocols are designed to function on top of the preex-
isting IEEE 802.11 protocols, and serve as a replacement scheme for WEP.
The detailed design for implementation allows SLAP to perform additional
security assessments on the network level, by providing the capacity to per-
form message authentication of packets [14]. There is a small amount of
overlap between the two types of security proposals discussed thus far, and
these issues will be discussed after familiarization with the SIAP and SLAP
authentications.
SIAP is designed to function on top of the TCP/IP protocol stack, and is
initially used to provide an authentication handshake between the client and
the AP [14]. SIAP is designed to have each of the clients and AP’s certified
by a known Ceritication Authority (CA), which links the key pair to a DNS
name [14]. There are a handful of functions used to authenticate a client;
through the transfer of public keys and the comparison of data values a user is
authenticated, and establishes the capacity to gain access to an AP [14]. The
inherent problem with this mechanism for authentication relies on the ability
of a server and client to confirm signatures over public keys, which can be
easily solved by using a deployed public-key infrastructure [14]. The absence
of such a system presents a small hurdle, but it can be easily solved using
a local network single-domain certification authority (SOCA)[14]. After the
handshake step, the key values are passed from SIAP to SLAP, which then
26
performs the function of data authentication [14].
The headers that are transferred from this point forward all contain the
SLAP header, and the entire frame is further secured with encryption using
the Advnced Encryption Standard (AES), chosen for its efficiency in both
hardware and software [14]. Once the frame is encrypted, each one receives
a message authentication code that wraps the SLAP header and contents of
the frame. Frames under this protocol architecture undergo reversion upon
their delivery to an end-item (i.e. client or AP). Validation and verification
of frames is performed after their reversion at the end-item, and SLAP uses
the message authentication code to assure the integrity and identity of the
sender [14].
In order to assure the efficiency of this architecture, SIAP messages in-
tended for the AP are not processed using the SLAP module, allowing the
client to assure access authority before associating with an AP [14]. Once a
client is associated with an AP, all messages use the SLAP protocol to com-
municate with the AP. Given the dynamic topology of WLAN’s, each SIAP
association to an AP is unique, and therefore in transferring from one AP
to another, the SIAP client must broadcast its state, and obtain validation.
There are several key features to this design that constitute the SIAP and
SLAP architecture as effective, scaleable, and promising.
The first of these features is the ability to make this standard applicable
to WLAN’s interfaced with hardwired LAN’s, allowing the individual entities
27
to be completely interoperable with the currently existing Ethernet hardware
or default gateway [14]. Additionally, since SIAP is completely independent
of the link layer, it is possible for this protocol to implemented in the IEEE
802 family [14]. Additionally, these added benefits to the design of wireless
security can be implemented on top of IEEE 803 standards, and thus pre-
vents the necessity to create multiple wireless standards; this attests to the
simplicity of the SIAP and SLAP architecture.
4.3 Conclusions
As stated earlier, in order to assure the security of a wireless network, some
compromise must be reached in regard to resolving the protocols to use. The
SIAP and SLAP architecture seems to perform the duties of data integrity
on the network layer quite effectively, as well as efficiently, and therefore is
the outstanding architecture to implement client authentication (points 1,
3, 4, and 5 from the outline for security tools suite). The only real failure
point of this system is the ability to maintain the routing component of the
network layer, which received little attention despite the ramifications for
forgoing its security. However, SAODV is an appropriately matched solution
of improving routing security, and is limited to this functionality in its design
(point 2 from the outline for security tools suite). However, SAODV does
need to improve its speed and processor requirements in order to be a suit-
able companion for increasing security. Therefore, by combining the SIAP
28
and SLAP architecture, with an improved version of SAODV, possibly as a
derived form of NRC-SAODV, the potential for creating an airtight wireless
security protocol is extraordinary. Whereby, the elimination of WEP can be
achieved, and the potential for ubiquity maximized.
References
[1] (2002) Wireless networking. Duke University Of-
fice of Information Technology. [Online]. Available:
http://www.oit.duke.edu/access/wireless/index.html
[2] (2002) Nycwireless faq. NYCWireless. [Online]. Available:
http://www.nycwireless.net/buildnode faq.html
[3] L. Peterson and B. Davie, Conputer Networks: A Systems Approach.
Morgan Kaufmann, 2000, p. 117.
[4] (2002) Apple - airport - technical specifications. Apple Computer, Inc.
[Online]. Available: http://www.apple.com/airport/specs.html
[5] (2002) Wisp in a box. Boingo Wireless, Inc. [Online]. Available:
http://www.boingo.com/hso/wisp.html
[6] (2002) What does it cost? Boingo Wireless Inc. [Online]. Available:
http://www.boingo.com/whatdoesitcost.html
29
[7] (2002) Hot spot operators. Boingo Wireless, Inc. [Online]. Available:
http://www.boingo.com/hso/
[8] B. Koerner, “Sky dayton’s long road to internet nirvana,” Wired, 2002.
[9] A. Press. (2002, Dec.) Ibm, at&t, in-
tel form wireless venture. [Online]. Available:
http://www.businesstoday.com/business/technology/ap wireless12062002.htm
[10] (2002) Csma/ca. CISCO Systems. [Online]. Available:
http://www.cisco.com/en/US/tech/tk389/tk214/tk124/tech protocol home.html
[11] J. Grier. (2002) The big question: 802.11a or 802.11b? [Online].
Available: http://www.80211-planet.com/columns/article.php/961181
[12] L. of the IEEE Computer Society, “Wireless lan medium access control
(mac) and physical layer specifications,” IEEE Standard 802.11, vol.
1999 edition, 1999.
[13] N. Borisov, I. Goldberg, and D. Wagner, “Intercepting mobile commu-
nications: The insecurity of 802.11,” ACM Sigmobile, 2001.
[14] D. Faria and D. Cheriton, “Dos and authentication in wireless public
access networks,” ACM WiSe, 2002.
[15] H. Yang, X. Meng, and S. Lu, “Self-organized network-layer security in
mobile ad hoc networks,” ACM WiSe, 2002.
30
[16] M. Zapata and N. Asokan, “Securing ad hoc routing protocols,” ACM
WiSe, 2002.
[17] L. Zhou and Z. Haas, “Securing ad hoc networks,” IEEE Network Mag-
azine, 1999.
31