improvements in existing hardware. Cisco Key Integrity Protocol (CKIP) protects the WEP key from exploits that seek to derive the key using packet comparison. Cisco Message Integrity Check (CMIC) is a mechanism for protecting the wireless system from “inductive attacks,” which seek to induce the system to send either key data or a predictable response that can be analyzed (compared to known data) to derive the WEP key. Cisco clients and compatible clients can use CKIP and CMIC with 802.1x authentication or with static WEP keys when communicating to Cisco autonomous access points. Figure summarizes these points. Enhanced 802.11 Security
Enhanced 802.11 security through either WPA or WPA2 (802.11i) incorporates authentication and encryption to improve upon basic 802.11 security. Authentication and encryption check user credentials before access is granted and to increase the security integrity of the user session after association to the network. Authentication in 802.11 leverages the IEEE 802.1x standard to authenticate users and to permit policy assignment to those users based on the authentication transaction. Basing the authentication transaction on user rather than machine credentials reduces the risk of security compromise from lost or stolen equipment. The 802.1x authentication also permits flexible credentials to be used for client authentication. Passwords, one-time tokens, PKI certificates, or device IDs can be used for authentication. Using 802.1x for wireless client authentication also has the advantage of allowing dynamic encryption keys to be distributed to each user each time that the user authenticates to the network. Encryption for 802.11 is enhanced with multiple mechanisms to aid in protecting the system from malicious exploits against the WEP key as well as in protecting the investment in the system by facilitating encryption improvements in existing hardware. Figure summarizes these points. Encryption—TKIP and MIC
The first enhancements to the 802.11b WEP standard fall under the umbrella of Temporal Key Integrity Protocol (TKIP pronounced “tee-kip”). TKIP and MIC are both elements of the WPA standard intended to secure a system against all known WEP key vulnerabilities. Note
Current Cisco equipment supports CKIP and CMIC and the Wi-Fi WPA and WPA2 standards. Different algorithms are used in CKIP and TKIP, making them incompatible between a wireless client and access point. Both the access point and the client must use the same protocol. Although access points can be configured to support both security protocols in a mixed environment, we always recommend that you use TKIP. Figure summarizes these points. WPA and WPA2
WPA was a WiFi Alliance interim solution. WPA2, ratified in June 2004 as IEEE 802.11i, encompasses the prior WPA features plus a number of security improvements. WPA resolves the issue of weak WEP headers (IV) and provides a way to ensure message integrity using TKIP to enhance data encryption. WPA provided a solution for security problems that were known up to and including 2003. These problems include the well-publicized AirSnort and man-in-the-middle WLAN attacks. AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when it gathers enough packets. WPA2 overcomes some of the weaknesses in WPA. WPA2 uses the AES algorithm. AES is a stronger security algorithm than the RC4 stream cipher used by WPA, but AES is more processor-intensive. Hardware updates are required to move to AES encryption while maintaining comparable throughput. The WPA mechanisms were designed to be implemented by vendors in current hardware, meaning that users should be able to implement WPA on their current systems with only a firmware or software modification. Figure summarizes these WPA2 elements: Encryption—AES
AES replaces RC4 as the encryption mechanism in the IEEE 802.11i specification (or WPA2). The protocol is called Advanced Encryption Standard-Cipher Block Chaining Message Authentication Code Protocol (AES-CCMP). AES is the next-generation encryption function that the U.S. National Institute of Standards and Technology (NIST) approved. NIST solicited the cryptography community for new encryption algorithms. The algorithms that NIST considered had to be fully disclosed and available royalty free. NIST judged candidates on cryptographic strength as well as practical implementation. The finalist, and the adopted method, is known as the Rijndael algorithm. AES uses a 128-bit block cipher and requires newer or current radio cards on both access points and clients to eliminate throughput reduction that stems from an increase in computational load for encryption and decryption. If you are planning to implement AES on existing equipment, check Cisco.com documentation to verify whether your current hardware supports AES or whether you need to upgrade. AES-CCMP uses IVs to augment the key stream. The IV value increases by one after encrypting each block. This technique provides a unique key stream for each block. AES-CCMP also uses a message authentication check to verify packet integrity using frame length, destination and source addresses, and data in input values. Figure summarizes these points.
Content 6.2 Introducing Wireless Security 6.2.5 802.1x Overview The IEEE developed a supplement to the IEEE 802.1d standard to define the changes that are necessary to the operation of a MAC-layer bridge to provide port-based network access control capability. This is called the 802.1x standard. WLAN 802.1x has the following features, summarized in Figure :