By Glenn Fleishman & Ephraim Schwartz

Conventional wisdom says wireless LAN access to an enterprise adds enormous risk because the broken security model at the heart of Wi-Fi networking allows crackers to break encryption , snoop traffic, insert packets, and associate at will. WLAN access points must be outside the firewall, with VPN connections tunneling through. No exceptions.

Enter the Wi-Fi Alliance, with members that include Microsoft (Nasdaq: MSFT) , Intel (Nasdaq: INTC) , Cisco (Nasdaq: CSCO) and Apple (Nasdaq: AAPL) . Seeking to quell consumer and enterprise concerns about Wi-Fi security holes, the group has essentially lifted the construction engineer's drawings for the work-in-progress IEEE 802.11i security draft and started to pour and smooth the macadam that leads to the golden city on the hill: full 802.11i completion and ratification. This ad hoc engineering project comes with member approval; the move isn't as radical as it seems.

The alliance's new WPA (Wi-Fi protected access) standard uses most of the current 802.11i draft to repair problems in WEP (wired equivalent privacy), the first line of defense for Wi-Fi networks. WEP's goal was to encrypt packets in transit at the data link layer to deter unauthorized network access.

WEP failed in its attempt, however, through several cryptographic flaws that resulted in rapid key reuse. These flaws leave the link layer unprotected by Wi-Fi, and thus banished it outside the firewall where protection is provided at higher network layers by VPN, SSH, or other tunneled encryption methods.

WPA solves the problem by abandoning WEP in favor of 802.11i's vastly improved TKIP (temporal key integrity protocol). WPA ensures that TKIP keys vary for each packet through key mixing. WPA also increases part of the keyspace and adds encrypted packet integrity to reject inserted packets. Current Wi-Fi puts weak integrity outside the encrypted payload.

WPA includes full support for server-based authentication using the 802.1x protocol and EAP (extensible authentication protocol), both part of the interim 802.11i draft.

Although EAP lacks a built-in encryption method -- it's merely a generic messaging method -- three overlays that embed EAP inside an encrypted tunnel have emerged to solve different parts of the problem.

An early version, EAP-TLS (transport layer security), required a client-side public-key certificate to be preinstalled before the first wireless session. Although this was the method that Microsoft uses for its campuswide WLAN, EAPTLS is complicated because an enterprise must establish a PKI.

Instead, vendors are focusing on two methods: EAP-TTLS (tunneled TLS) and PEAP (protected EAP), both of which build a tunnel within a tunnel. The outer tunnel is entirely anonymous, allowing a second tunneled session to begin inside it, which itself encapsulates EAP or other protocols. This approach avoids client certificates but still allows for them.

Microsoft and Cisco have backed PEAP. Although virtually identical in principle to EAPTTLS, PEAP handles only EAP and MS-CHAP V2. Microsoft has offered PEAP clients for Windows XP and 2000 for free and plans a full Win32 rollout for Windows 98, NT 4, and Me.

Neither company representatives nor industry observers can explain the necessity for both EAPTTLS and PEAP, the main difference between the two being the latter's lack of legacy authentication support. It's easy to assume that Microsoft and Cisco's agenda was to push enterprises to upgrade to newer authentication servers, but PEAP could wind up as widely available as EAP-TTLS.

Both EAP-TTLS and PEAP are passing through the IETF (Internet engineering task force) process toward hopeful reconciliation or at least standardization. During this process, two man-in-the-middle attacks have been theorized that must be addressed before the standards can be deployed with absolute security.

---

Article source and further details: Wireless.NewsFactor.com