In the past decade, the number of wireless devices has grown exponentially. Decades ago, all systems were wiredcomputer systems. Wireless technology was not accessible in mobile and portable devices until in recent years, and has followed a variety of methods for encryption and resource management. The purpose of the research in Optimizing IEE 802.11i Resources and Security Essentials is to determine the issues of the performance in current encryption methods in AES-CCMP in different types of devices and handle it so that an optimized resource usage would be achieved with the required security. Two modes for 802.11i for two different groups of devices is suggested and evaluated with the current encryption method for AES-CCMP to compare the performance.

Almost every organization in today's world relies on wireless networks to transmit information, and much of that information should be kept secure. Banking, healthcare, and the military are all vital industries that rely on wireless security for a huge section of their operations.Security experts of today and tomorrow will learn a lot from Optimizing IEE 802.11i Resources and Security Essentials, and it can be used for master level in computer science, information security, wireless network security and cryptography.

The research in this book covers how to best balance security concerns with limited resources available on wireless devices as well as how to optimize security resources on higher-end non-mobile devices

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Yes, you can access Optimizing IEEE 802.11i Resource and Security Essentials by Iraj Sadegh Amiri,Parisa Naraei,Iman Saberi in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Syngress

Year

2014

ISBN

9780128022238

Topic

Computer Science

Subtopic

Computer Networking

Index

Computer Science

Chapter 1

Introduction

Abstract

The standard – 802.11 – is known to be the best adoptable in LAN environments. The chapter mainly describes this standard, then it pertains to the issues of mobile devices in using AES-CCMP encryption protocols. The first objective would be to implement the components of AES-CCMP and to analyze the working, then to define two modes that are for short- and long-term usage for AES-CCMP, for portable systems that have resource limitation like mobile devices, and finally to test and validate the possibility of optimizing resource usage in stationary devices. The problem background of IEEE 802.11 standards is determined. Also the purpose and the scope of the study are described.

Keywords

AES-CIA-CCMP-IEEE-Mobile Devices

Vulnerabilities

Encryption

Decryption

WEP

1.1. Introduction

Nowadays everywhere, wireless technology can be found. Different users are using wireless technology and a wide range of wireless devices exists such as PCs, laptops, tablets, and smartphones. Wireless transmissions use the microwave technology [1–7]. The available frequencies are situated around the 2.4 GHz ISM band for a bandwidth of about 83 MHz and around the 5 GHz U-NII band, for a bandwidth of about 300 MHz divided into two parts. The accurate frequency allocations are set by laws in different countries; the same laws also adjust the maximum selected transmission power and location. Although this technology is being generally used, different devices have different capabilities in the usage. Since wireless networks have more vulnerabilities than other types of computer networks, preparing security in wireless local area network is more essential. The security mechanism chosen for different devices may differ. A satisfactory security technique in wireless network is a balance between data security and network performance. The era of wireless and wired communication systems has gained considerable attention to be a main building block of communications standards such as IEEE 802.11a/g when the microring resonators are used.

This chapter discusses the problem background of IEEE 802.11 standards and determines security model of 802.11 named 802.11-2012. Besides, it explains the aim of this research and defines objectives and the scope of this study.

1.2. Problem background

Nowadays, the kind of devices being used for WI-FI connection is different from previous decade. People used to connect with their PCs and laptops, but nowadays they use mobile devices rather than nonmobile devices. The new mobile devices need security for the data transmission on the Internet, so the necessity of secure algorithms and protocols for encryption and decryption of the data becomes more and more important. For this purpose, new devices had to follow the existing security protocols that were designed and implemented on nonmobile devices for Wi-Fi connections.

The IEEE 802.11 standard defines an interface between a wireless client and an access point (AP) or in ad hock networks. IEEE 802.11-2012 is a revision to the original IEEE 802.11. The draft standard was sanctioned by the IEEE on June 24, 2004. This standard specifies security mechanisms for wireless networks. For confidentiality 802.11-2012 uses a new model of encryption. The new cryptography is based on the Advanced Encryption Standard (AES) algorithm, which was selected by NIST and adopted by the US government as a national standard, and replacement for the previous standard is based on the Data Encryption Standard (DES) algorithm. Strong encryption and authentication are added as the primary components of 802.11-2012 to enhance the original 802.11 standard [8].

The encryption methods of three generations of 802.11-2012 are described as follows:

Wired Equivalent Privacy (WEP): Uses the RC4 stream cipher for providing confidentiality, and the ICV (CRC-32) for integrity. Some of the weaknesses of WEP refer to not being able to stop packet forgery and replay attacks. Also attackers can easily record and replay packets. WEP uses RC4 inappropriately [9]. Keys are not strong, and attacker can do brute-force attack in less than an hour. This protocol reuses initialization vectors. Some attack techniques are able to decrypt data without key and it allows an intruder to invisibly modify a plaintext without having the key for encryption. Besides, key management is weak and upgrading is not perfect. There are some problems in the RC4 algorithm and in WEP message authentication can be easily forged. There are four scenarios for attacking WEP:

Scenario one: Pulling packets from captured data

Scenario two: Interactively pulling packets from live communication

Scenario three: Creating a packet from a chopchop replay attack

Scenario four: Creating a packet from a fragmentation attack

TKIP(): The WPA as the certification of TKIP was developed for solving the issues in the WEP method, without any changes in hardware. This standard identifies two modes, which are personal and enterprise mode. In addition, the TKIP has following weaknesses [10]:

1. Brute-force attack

2. Dictionary attack

In the context of security, a brute-force attack is a particular strategy used to break your crafted password. This is the most widely used method of cracking and dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying likely possibilities, such as words in a dictionary.

Wi-Fi Protected Access II (WPA2): WPA2 came after two generations of 802.11-2012, which are WEP and WPA; they used RC4-CRC and RC4-TKIP/MIC in order. WPA2 is known as the best security protocol in wireless networks. It replaces RC4 with AES and substitutes MIC with message authentication code. Same as WPA, WPA2 supports two security modes. The first mode is personal and the second mode is enterprise [10].

1. A preshared secret is used for home or personal use. Clients and APs are manually configured to use the same secret of up to 64 ASCII characters or 256 bits.

2. 802.11-2012 adopts 802.1X for user authentication in enterprise mode. 802.1X is based on EAP and defines the framework of authentication. It does not include the authentication methods, but supports multiple authentication methods, such as EAP-TLS and EAP-TTLS. EAP-TLS delivers a much stronger authentication mechanism, and secure key distribution.

Authentication is the assurance that an entity is who he/she/it claims to be. Confidentiality “implies a relationship between two or more persons in which the information communicated between them is to be kept in confidence.” And integrity is the accuracy and consistency of stored data, indicated by an absence of any alteration in data between two updates of a data record. According to these definitions, 802.1X is used for authentication. Encryption (CCMP) is used for confidentiality, and MIC is for data integrity.

MAC, although called authentication, is for the “authentication” of the message, and it is better called data integrity. The authentication of the communication is via 802.1X. Internet connection speed and broadband connectivity has reached 17.5 Mbps in the world but such a net speed is not achieved in wireless networks yet. The high-capacity transmission of data can be achieved using multiple signals. The strong security protocol of AES-CCMP (WPA2) slows down the wireless speed. Despite the popularity of mobile devices, their performance and energy bottlenecks remain hidden due to a lack of visibility into the resource-constrained mobile execution environment with potentially complex interaction with the Wi-Fi connection. AES-CCMP is working tardily in mobile devices with resource limitation, and preparing ideal encryption in AES-CCMP leads to speed reduction and this is the issue that should be looked into.

1.3. Problem statement

IEEE 802.11-2012 encryption technique provides strong security mechanism in computer systems but it is not optimized in the usage of resources. Besides, in mobile devices that are power- and resource-constrained, the wireless connection speed decreases. The level of security provided in AES-CCMP is more than that needed in mobile devices since the mobility characteristic of mobile devices restricts the time required by an attacker to hack the victim device and the session would be terminated whenever the location of mobile device changes. So there is a lack of balance between security level and resource usage that should be investigated.

1.4. Purpose of the study

Nowadays, the number of wireless devices is growing significantly, but they all used to be computer systems. Wireless technology was not accessible in mobile and portable devices until in recent years. The purpose of this research is to determine the existing issues of the performance in current AES-CCMP encryption methods running on different types of devices and handle it so that an optimized resource usage would be achieved with the required security. Finally, two modes for 802.11-2012 for two different groups of devices will be created and evaluated with current encryption method for AES-CCMP to compare the performance.

1.5. Objectives of the study

To achieve the intention of the study, the following objectives are specified:

1. To implement the components of AES-CCMP and to analyze the performance

2. To create two modes that are short time and long time usage for AES-CCMP, for portable systems that have resource limitation like mobile devices

3. To test and validate the possibility of optim...

Cover
Title page
Table of Contents
Copyright
Abstract
List of Abbreviations
Chapter 1: Introduction
Chapter 2: Literature Review
Chapter 3: Research Methodology
Chapter 4: Design and Implementation for Mobile Devices
Chapter 5: Conclusion
References