Security Essentials, Textbook page 448

Copyright Goodheart-Willcox Co., Inc. 448 Security Essentials Wired Equivalent Privacy (WEP) Wired Equivalent Privacy (WEP) is a deprecated standard used by legacy devices. One of the concerns with WEP is that it uses the same key to encrypt and decrypt data. If a passphrase is weak, easily determined, or revealed during a hacking attempt, the network and data could be accessed using that key. Due to its inherent security vul- nerabilities, WEP is not recommended for wireless security. Wi-Fi Protected Setup (WPS) Wi-Fi Protected Setup (WPS) is a network security setting and standard for wireless networks. WPS was released in 2007 as a simple, fast method of securing wireless com- munication, specifically intended to help home users who have limited knowledge and skills on setup and security. There are three main methods for enabling WPS: ■ ■ PIN method: the user enters the personal identification number (PIN) located on the new device’s router. ■ ■ Push method: the user pushes a button on the new device and access point, enabling the two devices to discover each other. ■ ■ Near-field communications (NFC) method: This short-range wireless method can be used to transfer network settings to the new device. No manual PIN entry is necessary. However, WPS contains several design flaws. For example, there is no lockout policy on entered PINs, so a hacker could make an unlimited number of attempts to guess a PIN. Additionally, the PINs used in WPS are eight digits, but only seven of them are used. The eighth digit is a checksum value. If a hacker uses a brute-force computer program to generate and attempt PINs automatically, it will only take a matter of hours until access is granted. As such, WPS-secured devices are also not recommended for network usage. Wi-Fi Protected Access (WPA) Wi-Fi Protected Access (WPA) is a wireless security standard that replaced WEP and offers more security in terms of keys and user authentication. Where WEP used the same key for encryption and decryption, WPA instead uses Temporal Key Integ- rity Protocol (TKIP). Additional security enhancements made to WPA include the use of Extensible Authentication Protocol (EAP) and a pre-shared key (PSK). Temporal Key Integrity Protocol (TKIP) is an encryption protocol used in wireless networking. TKIP generates a new key each time a packet is transmitted across a net- work. With TKIP-based encryption, the required length for a key is increased from 64 to 128 bits per packet, which makes the key much more difficult to crack. Additionally, WPA also implements Extensible Authentication Protocol (EAP). Extensible Authentication Protocol (EAP) is an authentication protocol framework used frequently in wireless communication that outlines secure transport and usage of infor- mation. EAP employs a secure public key encryption system, which makes accessing a network far more difficult than with WPS or WEP. Pre-shared key (PSK) is an authentication method used in WLAN security that requires a key value before granting access to an AP or wireless devices. PSK verifies users via a password or code commonly called a passphrase. PSK is fundamentally more secure than open security, also called an open connection, which is a wireless connection that requires no authentication and offers no encryption. Open connec- tions are often located in public spaces such as cafés, airports, or other retail or din- ing establishments. 3.4 3.4, 3.8 3.4

Previous Page Next Page

Security Essentials, Textbook Page 448 (462 of 704)

Help