Published

2008-05-01

Basic security measures for IEEE 802.11 wireless networks

Fundamentos prácticos de seguridad en redes inalámbricas IEEE 802.11

DOI:

https://doi.org/10.15446/ing.investig.v28n2.14898

Keywords:

802.11i, 802.1x, CCMP, TKIP, WEP, WLAN, WPA, WPA2 (en)
802.11i, 802.1x, CCMP, TKIP, WEP, WLAN, WPA, WPA2. (es)

Downloads

Authors

  • Oscar P. Sarmiento Universidad del Valle
  • Fabio G. Guerrero Universidad del Valle
  • David Rey Argote ZTE Corporation

This article presents a tutorial/discussion of three commonly-used IEEE 802.11 wireless network security standards:  WEP, WPA and WPA2. A detailed analysis of the RC4 algorithm supporting WEP is presented, including its vulnerabilities. The WPA and WPA2 encryption protocols’ most relevant aspects and technical characteristics are reviewed for a comparative analysis of the three standards in terms of the security they provide. Special attention has been paid to WEP encryption by using an educational simulation tool written in C++ Builder for facilitating the understanding of this protocol at academic level. Two practical cases of wireless security configurations using Cisco networking equipment are also presented: configuring and enabling WPA-Personal and WPA2-Personal (these being security options used by TKIP and AES, respectively).

Este artículo presenta una discusión tutorial de tres estándares de seguridad de uso común en las redes inalámbricas IEEE 802.11: WEP, WPA y WPA2. Se realiza un análisis detallado del algoritmo RC4 que soporta a WEP y se indican sus vulnerabilidades. También se revisan los aspectos y características técnicas más relevantes de los protocolos de cifrado WPA y WPA2 con la finalidad de hacer un análisis comparativo de los tres estándares en términos de la seguridad que ellos proporcionan. Se ha dado especial atención al aspecto didáctico del funcionamiento del cifrado WEP mediante el desarrollo y uso de una herramienta de simulación escrita en C++ Builder para facilitar su comprensión a nivel académico. Igualmente, se presentan dos casos prácticos de seguridad de red inalámbrica con equipos del fabricante Cisco, habilitando y configurando WPA Personal y WPA2 Personal, opciones de seguridad que usan TKIP y AES, respectivamentements.

References

Aharoni, M., Moser, M., Muench, M. J., Grimchaw, D., Naepflin, A., Schroedel, P., Waeytens F., BackTrack., Mar. 6, 2007. URL: http://www.remote-exploit.org/backtrack.html.

Baghaei, N., Hunt, R., Security performance of loaded IEEE 802.11b wireless networks., Computer Communications, Elsevier, U.K., Vol. 27, No. 17, 2004pp. 1746–1756. DOI: https://doi.org/10.1016/j.comcom.2004.06.004

Balenson, D., Privacy Enhancement for Internet Electronic Mail. Part III: Algorithms, Modes, and Identifiers., Request for Comments (Standard) 1423, Internet Engineering Task Force, 1999.

Ioannidis, J., Rubin, A. D., Stubblefield, A., Using the Fluhrer, Mantin and Shamir Attack to Break WEP., AT&T Labs Technical Report TD-4ZCPZZ, Aug 6, 2001. URL http://www.isoc.org/isoc/conferences/ndss/02/papers/stubbl.pdf

LAN MAN Standards Committee of the IEEE Computer Society., Par 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications., IEEE Standard 802.11, 1999 Edition.

LAN MAN Standards Committee of the IEEE Computer Society., Part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications., Amendment 6: medium access control (MAC) security enhancements. IEEE Standard 802.11i, 2004 Edition (2004).

Moskowitz, R., Weakness in Passphrase Choice in WPA Interface., Nov 4, 2003. URL: http://wifinetnews.com/archives/002452.html.

NIST (National Institute of Standards and Technology)., Announcing the Advanced Encryption Standard (AES) - Federal Information Processing Standards Publication 197., Nov. 26, 2001. URL. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.

Pyshkin, A., Tews, E., Weinmann, R. P., Breaking 104 bit WEP in less than 60 seconds., Apr 1, 2007. URL: http://eprint.iacr.org/2007/120.

Schneier, B., Applied Cryptography: Protocols, Algorithms, and source code in C., 2a ed., New York, John Wiley and Sons, Inc., 1996, pp 397-398.

How to Cite

APA

Sarmiento, O. P., Guerrero, F. G. and Rey Argote, D. (2008). Basic security measures for IEEE 802.11 wireless networks. Ingeniería e Investigación, 28(2), 89–96. https://doi.org/10.15446/ing.investig.v28n2.14898

ACM

[1]
Sarmiento, O.P., Guerrero, F.G. and Rey Argote, D. 2008. Basic security measures for IEEE 802.11 wireless networks. Ingeniería e Investigación. 28, 2 (May 2008), 89–96. DOI:https://doi.org/10.15446/ing.investig.v28n2.14898.

ACS

(1)
Sarmiento, O. P.; Guerrero, F. G.; Rey Argote, D. Basic security measures for IEEE 802.11 wireless networks. Ing. Inv. 2008, 28, 89-96.

ABNT

SARMIENTO, O. P.; GUERRERO, F. G.; REY ARGOTE, D. Basic security measures for IEEE 802.11 wireless networks. Ingeniería e Investigación, [S. l.], v. 28, n. 2, p. 89–96, 2008. DOI: 10.15446/ing.investig.v28n2.14898. Disponível em: https://revistas.unal.edu.co/index.php/ingeinv/article/view/14898. Acesso em: 2 feb. 2025.

Chicago

Sarmiento, Oscar P., Fabio G. Guerrero, and David Rey Argote. 2008. “Basic security measures for IEEE 802.11 wireless networks”. Ingeniería E Investigación 28 (2):89-96. https://doi.org/10.15446/ing.investig.v28n2.14898.

Harvard

Sarmiento, O. P., Guerrero, F. G. and Rey Argote, D. (2008) “Basic security measures for IEEE 802.11 wireless networks”, Ingeniería e Investigación, 28(2), pp. 89–96. doi: 10.15446/ing.investig.v28n2.14898.

IEEE

[1]
O. P. Sarmiento, F. G. Guerrero, and D. Rey Argote, “Basic security measures for IEEE 802.11 wireless networks”, Ing. Inv., vol. 28, no. 2, pp. 89–96, May 2008.

MLA

Sarmiento, O. P., F. G. Guerrero, and D. Rey Argote. “Basic security measures for IEEE 802.11 wireless networks”. Ingeniería e Investigación, vol. 28, no. 2, May 2008, pp. 89-96, doi:10.15446/ing.investig.v28n2.14898.

Turabian

Sarmiento, Oscar P., Fabio G. Guerrero, and David Rey Argote. “Basic security measures for IEEE 802.11 wireless networks”. Ingeniería e Investigación 28, no. 2 (May 1, 2008): 89–96. Accessed February 2, 2025. https://revistas.unal.edu.co/index.php/ingeinv/article/view/14898.

Vancouver

1.
Sarmiento OP, Guerrero FG, Rey Argote D. Basic security measures for IEEE 802.11 wireless networks. Ing. Inv. [Internet]. 2008 May 1 [cited 2025 Feb. 2];28(2):89-96. Available from: https://revistas.unal.edu.co/index.php/ingeinv/article/view/14898

Download Citation

CrossRef Cited-by

CrossRef citations2

1. U. Guru Prasad, R. Girija, R. Vedhapriyavadhana, S. L. Jayalakshmi. (2022). Cyber Security and Digital Forensics. Lecture Notes on Data Engineering and Communications Technologies. 73, p.289. https://doi.org/10.1007/978-981-16-3961-6_25.

2. Anuja Arora, Apoorva Khera. (2015). Wi-Fi Enabled Personal Computer Network Monitoring System Using Smart Phone with Enhanced Security Measures. Procedia Computer Science, 70, p.114. https://doi.org/10.1016/j.procs.2015.10.052.

Dimensions

PlumX

Article abstract page views

933

Downloads

Download data is not yet available.
Crossref
Scopus
Google Scholar
Europe PMC

License

Copyright (c) 2008 Oscar P. Sarmiento, Fabio G. Guerrero, David Rey Argote

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The authors or holders of the copyright for each article hereby confer exclusive, limited and free authorization on the Universidad Nacional de Colombia's journal Ingeniería e Investigación concerning the aforementioned article which, once it has been evaluated and approved, will be submitted for publication, in line with the following items:

1.    The version which has been corrected according to the evaluators' suggestions will be remitted and it will be made clear whether the aforementioned article is an unedited document regarding which the rights to be authorized are held and total responsibility will be assumed by the authors for the content of the work being submitted to Ingeniería e Investigación, the Universidad Nacional de Colombia and third-parties;

2.    The authorization conferred on the journal will come into force from the date on which it is included in the respective volume and issue of Ingeniería e Investigación in the Open Journal Systems and on the journal's main page (https://revistas.unal.edu.co/index.php/ingeinv), as well as in different databases and indices in which the publication is indexed;

3.    The authors authorize the Universidad Nacional de Colombia's journal Ingeniería e Investigación to publish the document in whatever required format (printed, digital, electronic or whatsoever known or yet to be discovered form) and authorize Ingeniería e Investigación to include the work in any indices and/or search engines deemed necessary for promoting its diffusion;

4.    The authors accept that such authorization is given free of charge and they, therefore, waive any right to receive remuneration from the publication, distribution, public communication and any use whatsoever referred to in the terms of this authorization.