1.2. Problem background
Nowadays, the kind of devices being used for WI-FI connection is different from previous decade. People used to connect with their PCs and laptops, but nowadays they use mobile devices rather than nonmobile devices. The new mobile devices need security for the data transmission on the Internet, so the necessity of secure algorithms and protocols for encryption and decryption of the data becomes more and more important. For this purpose, new devices had to follow the existing security protocols that were designed and implemented on nonmobile devices for Wi-Fi connections.
The IEEE 802.11 standard defines an interface between a wireless client and an access point (AP) or in ad hock networks. IEEE 802.11-2012 is a revision to the original IEEE 802.11. The draft standard was sanctioned by the IEEE on June 24, 2004. This standard specifies security mechanisms for wireless networks. For confidentiality 802.11-2012 uses a new model of encryption. The new cryptography is based on the Advanced Encryption Standard (AES) algorithm, which was selected by NIST and adopted by the US government as a national standard, and replacement for the previous standard is based on the Data Encryption Standard (DES) algorithm. Strong encryption and authentication are added as the primary components of 802.11-2012 to enhance the original 802.11 standard [8].
The encryption methods of three generations of 802.11-2012 are described as follows:
Wired Equivalent Privacy (WEP): Uses the RC4 stream cipher for providing confidentiality, and the ICV (CRC-32) for integrity. Some of the weaknesses of WEP refer to not being able to stop packet forgery and replay attacks. Also attackers can easily record and replay packets. WEP uses RC4 inappropriately [9]. Keys are not strong, and attacker can do brute-force attack in less than an hour. This protocol reuses initialization vectors. Some attack techniques are able to decrypt data without key and it allows an intruder to invisibly modify a plaintext without having the key for encryption. Besides, key management is weak and upgrading is not perfect. There are some problems in the RC4 algorithm and in WEP message authentication can be easily forged. There are four scenarios for attacking WEP:
Scenario one: Pulling packets from captured data
Scenario two: Interactively pulling packets from live communication
Scenario three: Creating a packet from a chopchop replay attack
Scenario four: Creating a packet from a fragmentation attack
TKIP(): The WPA as the certification of TKIP was developed for solving the issues in the WEP method, without any changes in hardware. This standard identifies two modes, which are personal and enterprise mode. In addition, the TKIP has following weaknesses [10]:
1. Brute-force attack
2. Dictionary attack
In the context of security, a brute-force attack is a particular strategy used to break your crafted password. This is the most widely used method of cracking and dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying likely possibilities, such as words in a dictionary.
Wi-Fi Protected Access II (WPA2): WPA2 came after two generations of 802.11-2012, which are WEP and WPA; they used RC4-CRC and RC4-TKIP/MIC in order. WPA2 is known as the best security protocol in wireless networks. It replaces RC4 with AES and substitutes MIC with message authentication code. Same as WPA, WPA2 supports two security modes. The first mode is personal and the second mode is enterprise [10].
1. A preshared secret is used for home or personal use. Clients and APs are manually configured to use the same secret of up to 64 ASCII characters or 256 bits.
2. 802.11-2012 adopts 802.1X for user authentication in enterprise mode. 802.1X is based on EAP and defines the framework of authentication. It does not include the authentication methods, but supports multiple authentication methods, such as EAP-TLS and EAP-TTLS. EAP-TLS delivers a much stronger authentication mechanism, and secure key distribution.
Authentication is the assurance that an entity is who he/she/it claims to be. Confidentiality āimplies a relationship between two or more persons in which the information communicated between them is to be kept in confidence.ā And integrity is the accuracy and consistency of stored data, indicated by an absence of any alteration in data between two updates of a data record. According to these definitions, 802.1X is used for authentication. Encryption (CCMP) is used for confidentiality, and MIC is for data integrity.
MAC, although called authentication, is for the āauthenticationā of the message, and it is better called data integrity. The authentication of the communication is via 802.1X. Internet connection speed and broadband connectivity has reached 17.5 Mbps in the world but such a net speed is not achieved in wireless networks yet. The high-capacity transmission of data can be achieved using multiple signals. The strong security protocol of AES-CCMP (WPA2) slows down the wireless speed. Despite the popularity of mobile devices, their performance and energy bottlenecks remain hidden due to a lack of visibility into the resource-constrained mobile execution environment with potentially complex interaction with the Wi-Fi connection. AES-CCMP is working tardily in mobile devices with resource limitation, and preparing ideal encryption in AES-CCMP leads to speed reduction and this is the issue that should be looked into.