Beruflich Dokumente
Kultur Dokumente
Research Paper
CS4235A
Fall 2004
Group Members:
Ted Choc
Tracey Diamond
Maleika C. Holder
Mahesh Palekar
Abstract:
Wireless Networks are growing at an explosive rate. Along with the growth, come
the security problems. Wireless networks are easy to break into due to the
broadcast nature of the medium. IEEE 802.11 standard has made significant steps
protocol which has a lot of known flaws and even the interim security solution,
WPA, does not meet the requirements for some users. Hence IEEE is has developed
a new standard, IEEE 802.11.i that includes the WPA and RSN protocols. This
paper describes the WEP & WPA protocols and different vulnerabilities of these
standards. It then gives an overview of IEEE 802.11i standard, showing how the
new 802.11 addendum plans to solve the wireless network security problem.
1. Introduction
about improved communications by fostering improved productivity and allowing for the
collaboration and exchange of information and resources between devices on the network
and other networks. A network can be public or private, providing network services
locally and via the Internet. Based on media transmission type, there are two categories
of networks, wired and wireless. Today wired networks are the more commonly
deployed networks because more security solutions are readily available, but wireless
networks are becoming more popular. This popularity has led to the need for more
security solutions for wireless networks. Currently there are two security protocols being
implemented in wireless networks, WEP and WPA. Though both have major strengths,
their flaws have lead industry leaders to develop the IEEE 802.11i standard to provide the
ultimate wireless network security. Section 2 gives a brief overview of the different
WLAN standards. Section 3 covers the WEP protocol in detail while section 4 explains
WPA. In section 5, different security issues are discussed. Section 6 describes the future
of WLAN security, which includes the IEEE 802.11i standard along with the protocols
for discovery, authentication, key management and data transfer. Section 7 gives the
2. Overview
networks a viable alternative to wired networks. The IEEE 802 Standards Committee is a
leader in LAN and WAN standards. The committee creates and maintains standards at
the physical (PHY) layer and the medium access control (MAC) sub-layer. This
standardizes the lowest layers of the OSI model for data networks, while leaving the
The area of major development within IEEE is to work on the Wireless Local
Area Network (WLAN) 802.11 standards. Initially published in 1997, the standard gives
“requirements for a LAN implementation using both infrared and spread spectrum radio
allows the extension of wired LANs into the wireless arena. 802.11 addresses both radio
transmission and Ethernet data transmission over wireless in the unlicensed frequency
band. The specification concentrates on access method, protocol, framing, security, and
The original 802.11 standard describes implementation using infrared and spread
spectrum radio frequency communications for the licensed-exempt spectrum. Once the
base 802.11 standard was authorized, a group of communications industry leaders joined
together in order to take the 802.11 standard beyond the standards committee. The group
is called the Wireless Fidelity (Wi-Fi) Alliance. The Wi-Fi Alliance is a nonprofit
Network products based on the IEEE 802.11 specification. The Alliance strives to involve
carriers and vendors in order to both educate the industry and to get information from
them to create functional requirements that can be included in the standard [27]. The goal
of the Wi-Fi Alliance's members is to enhance the user experience through product
interoperability.
supplements to the originally ratified standard. The most widely known supplements are
The supplements of importance here are 802.11a, 802.11b, 802.11g, and 802.11i.
Since the initial standard was published three key addendums of the 802.11
standard have been published to define physical layer issues, 802.11a, 802.11b, and
802.11g. The 802.11a standard solves the indoor radio frequency problem of delay
management and other advantages of the slower, original standard, 802.11b simply adds a
lower power consumption, longer range and better penetration than 802.11b. Currently
802.11b is the most widely used of the 802.11 standards. Once 802.11g has been
properly tested and given the Wi-Fi stamp, it will probably become the 802.11 standard
of choice. A major advantage of 802.11g over 802.11a is that it is backward compatible
with 802.11b.
The security measures included within the 802.11a, b, and g standards aim to
provide the end user with the same level of security as the wired network. The initial
wireless security solution was the Wired Equivalent Privacy (WEP) encryption protocol.
This protocol proved to be inadequate, providing minimal security from the casual
IEEE began work on a more robust security solution (802.11i). Work on the 802.11i
supplement involved a great deal of time and research to institute a complete solution. In
order to address the immediate need for a WEP fix, the Wi-Fi Alliance used a subset of
the “in progress” 802.11i addendum to create the Wi-Fi Protected Access (WPA)
protocol. WPA “fixes all of WEP’s problems…and allows full backwards compatibility
for most 802.11a and 802.11b devices” [24]. Only a subset of 802.11i, WPA still does
not provide optimal security. The completion of the 802.11i supplement promises to
provide the security solution required to address the flaws of earlier protocols.
The original 802.11 standard defined the Wired Equivalent Privacy (WEP) protocol to
protect communication at the Data-link layer for WLAN users. The aim of this protocol is
to make the security of wireless networks comparable to that of wired networks. WEP is
a symmetric, private key algorithm. The security of the protocol lies in the secret key
shared between the communicating parties. The main goal of WEP is to provide
• Confidentiality
• Access Control
• Data Integrity
Confidentiality of the network is achieved by employing the RC4 cipher. Access control
to the network is achieved by discarding packets not properly encrypted by the WEP
[1]
plaintext. The checksum does not depend on the key. It is implemented as a CRC-
chosen. RC4 generates a long sequence of pseudo random bytes called the key
stream, as a function of IV and secret key K. Key stream is then XORed with the
[1]
= Plaintext
checksum obtained from the plaintext. If checksums are not equal then the frame
is discarded. Thus only the frames with valid checksum are accepted.
[1]
The RC4 encryption algorithm is stream cipher. Developed in 1987 by Ron Rivest, for
RSA Data Security, it can use variable length keys [2]. The keystream for the algorithm
is completely independent of the plaintext used. It uses an 8 * 8 S-Box (S0 S255), in which
each entry is a permutation of the numbers 0 to 255. The permutation is a function of the
• Another 256 byte array is then filled with the key K, the key is repeated as
• j =0
• for (i = 0 to i = 255)
j = (j + Si + Ki) MOD 256
Swap Si and Sj
[2]
Once the S-Box values are obtained, the keystream is generated as follows.
• i = (i + 1) MOD 256
• j = (j + Si) MOD 256
• Swap Si and Sj
• Keystream = St
[2]
The keystream is then XORed with the plaintext to produce the ciphertext, or the
There are 2 ways in which WEP is implemented: Classic WEP and 128-bit version WEP.
The classic WEP implementation is based on the documented WEP standard. It uses a
key length of 40bits. Key length was chosen due to the US government restriction on the
export technology containing cryptography. 128-bit version extends the key length of the
WEP protocol [1]. Some manufacturers provide a key length of 104-bits. This method is
Another security measure in place for wireless networks is WPA. The Wi-Fi
taken from the upcoming 802.11i standards and is designed to secure all versions of
802.11 devices, including 802.11b, 802.11a, and 802.11g, multi-band and multi-mode
[4]. WAP addresses all known vulnerabilities in WEP in order to ensure data authenticity
on the WLAN without much affect to network performance. It uses Temporal Key
Integrity Protocol (TKIP). Together with 802.1X / EAP authentication, TKIP employs a
key hierarchy that greatly enhances protection. It also adds a Message Integrity Check for
[5]
1. Authentication
2. Encryption
WPA uses 802.1X authentication with the Extensible Authentication Protocol (EAP) as a
basis of the authentication. 802.1X is a LAN port access control mechanism for wired, as
well as wireless, networks. EAP handles the presentation of user credentials, in the form
of digital certificates unique usernames and passwords, smart cards, and secure IDs.
802.1X defines Extensible Authentication Protocol (EAP) over LANs (EAPOL). It also
defines EAPOL messages that convey the shared key information critical for wireless
security [6]. With EAP, 802.1X creates a framework in which client workstations
When a user wants access to the network, the client sends the user’s credentials to
the authentication server via the access point. If the server accepts the user’s credentials,
the master TKIP key is sent to both the client and to the access point. Then a four-way
handshake process takes place, in which the client and access point acknowledge each
Encryption involves TKIP increasing the key size from 40 bits to 128 bits. In TKIP,
keys are dynamically generated and distributed by the authentication server. It removes
the predictability used by an attacker to exploit the WEP key, by employing key hierarchy
and Key management methodologies. Authentication server after checking the user’s
credentials generates a master key and sends it to the client as well as access point. Client
and the access point use this key to generate unique data encryption keys. The Message
Integrity Check (MIC) is incorporated to prevent and detect modification of the data
packets. [4]
WPA has a solution for users in small offices and homes as well. This solution is
WPA with Pre-Shared Key (PSK). WPA with PSK does not require an authentication
server. The encryption mechanism used in WPA and WPA with PSK is the same.
Authentication is done using simple common pass phrase instead of user specific
credentials. Below is a table specifying the key differences between WEP and WPA.
WEP WPA
Encryption Defective, cracked . Correct most WEP defects
40 bit key 128 bit key
Static Key. Same key is used Keys are generated
by every one on the network dynamically
Manual Distribution of Keys Automatic Key Distribution
vulnerabilities outside of the security protocols mentioned above and both WEP and
WPA have vulnerabilities that allow attackers to penetrate a wireless network. Below we
enumerate some of the more common security issues. Insertion attacks are when devices
are attached to a wireless network without authority by bypassing the security and review
process [7]. One example of this type of threat would be logging onto an open or
unsecured wireless network using a laptop or other wireless device. An attacker who has
successfully inserted a device into a wireless network, which uses a hub, can monitor the
messages flowing across the network. This is because a hub unlike a switch broadcasts
messages to all nodes. The attacker can simply put his client in promiscuous mode and
gather passwords and other sensitive information as it passes through the network. The
other type of insertion attack is the insertion of a rogue access point. It requires someone
to physically add a wireless access point onto the network. An employee or someone
with temporary access to the physical network can make this addition. [7]. A laptop with
specialized software may be configured to run as a rogue wireless access point. With a
rogue wireless access point, the attacker can trick users into using his WAP because the
current 802.11 standard does not include WAP authentication. The authentication is from
the client to the WAP. The real Service Set Identifier (SSID) can be transmitted by the
rogue WAP. If it emits a stronger signal than the legitimate WAP, the rogue can steal the
traffic. [9] This can be used to perpetrate a man in the middle attack by which the attacker
reads the data sent by the user and then forwards it on to the proper destination. The users
are unaware that anything improper is taking place. Sensitive data can be compromised.
In addition, if the rogue is a laptop acting as a WAP, the victim’s machine may be
will still be sent as part of communications but will not be broadcast. In addition, the
factory default name of the SSID should be changed, since attackers know the ones
Broadcast of the WAP’s beacon should be set at the maximum interval so anyone
scanning for a wireless access point will have less chance of finding it [9]. Jamming
takes place when a WAP becomes overwhelmed by the amount of signals it is receiving
and the result is denial of service. This can be caused by a malicious attacker or
MAC addresses can be used to aid in the prevention of unauthorized use of wireless
networks. The WAP can be configured to allow access to only those MAC addresses
given. However, an attacker can use MAC spoofing to get around this security technique.
authorized device. These MAC address can be obtained by using freely available
Software is also available to sniff a wireless network that is in close physical proximity.
Antenna can boost the range at which sniffing may be done. Sniffing can allow username
and passwords to be stolen allowing someone to log onto the network as the victim.
Additionally, fake packets can be interjected into the communication stream[7] This
occurs post-authentication, after the WAP and client have established communication, the
hacker can insert a packet that appears to come from the WAP disconnecting the client.
The hacker then can spoof packets to appear to come from the original client and send
LAN. Wired Equivalent Privacy, WEP, (explained in the section above) provides a
limited amount of protection but if configured incorrectly, even this limited protection
will be diminished. There is no key management policy in the WEP protocol [9]. Some
users leave the pass phrase as the factory default key or choose weak pass phrases based
The Security of WEP lies in difficulty of discovering the secret key through a brute
force attack. Some shortcut attacks on the system do not require brute force attack on the
• Keystream Reuse
• Message Authentication
• Message Modification
• Message Injection
WEP provides data confidentiality using stream cipher RC4. A major drawback of the
stream ciphers is that 2 messages encrypted using the same key stream reveal the
information about both the messages. Suppose messages P1 and P2 are encrypted using
= P1 P2
Thus if one plaintext is known then other plaintext can be easily computed. This type of
attack succeeds only if the keystream is reused and the attacker has some knowledge of
the plaintext. To prevent this type of attack, WEP uses different IV for each packet.
Thereby producing different keystreams, but the length of the IV field used by WEP is
just 24 bits. Hence if a sender is transmitting packets of size 1500 bytes at a rate of
5Mbps, IV’s will start duplicating in a half a day [1]. For Message authentication, WEP
protocol uses the checksum field to ensure data integrity. The checksum is implemented
as CRC -32. CRC 32 is useful to detect random errors in a message but is not enough to
without affecting the checksum. Let C1 be the cipher text of message M2 intercepted by
the attacker. Now the attacker has to find C2 that decrypts to M2 such that M2 = M1
So C2 = C1 (E,checksum(E))
[1]
Thus the attacker can easily modify the message arbitrarily without the recipient knowing
For message injection, checksum of the message is independent of the key. Hence
an attacker can compute the checksum of the message. If the attacker gets hold of the
plaintext and corresponding ciphertext then he can compute the keystream. Using the
keystream, one can create a new packet using same IV. As IV’s are reused, repetition of
the IV will not trigger any alarm at the receiver. Suppose the attacker has a cipher text,
C P =P RC4 (IV,K) P
= RC4(IV,K)
[1]
Let M1 be the message the attacker wants to inject into the system. Then he computes the
checksum of the message. And then XOR’s it with the keystream RC4 (IV,K).
The 40 bit standard WEP keys are used they can be broken by brute-force attacks,
but non-standard WEPs of at least 80 bits are very resistant to these types of attacks.
Research has shown that key sizes of greater than 80-bits, for robust designs and
implementations, make brute-force cryptanalysis (code breaking) an impossible
task. For 80-bit keys, the number of possible keys – a keyspace of more than
1026 – exceeds contemporary computing power. [9]
Although, even when proper care is taken in the generation of a WEP key, “hackers use
the Wired Equivalent Privacy (WEP) encryption standard. These tools exploit
traffic until they collect enough data to recognize the pattern” [11]. Once enough data has
been obtained, WEP keys may be broken stripping away what little security they
provided.
WEP keys use an initialization vector (IV) to vary the key between packets.
However, the IV is sent unencrypted in the message. Therefore the attacker can collect
messages and wait for two with the same IV. These can be used to recover the plaintext
using the aforementioned statistical analysis. Some manufacturers even use the same IV
each time or a small pool of frequently used IVs used by many manufactures, resulting
poor encryption.
some of the same security issues as WEP. Some generic problems with WPA are
• It requires a hardware upgrade, and devices enabled with WPA are only recently,
widely available.
Another major concern that is not addressed in either WEP or WPA is handling denial-of-
service (DOS) attacks. This type of attack can be committed by sending multiple packets
each second, using the wrong key. The access point will assume a hacker is attempting to
access the network and will shut off all connections, causing the network to be down
indefinitely.
The 802.11i is the future of wireless network security. The collaboration of IETF
and IEEE has a standard that defines several new protocols to support the following
features:
• Discovery
• Authentication
• Key Management
• Data Transfer
[14]
6.1 Discovery
The 802.11i standard supports many different types of encryption. A system that
wishes to connect to the wireless network must be able to first determine what encryption
types are available and then have the ability to select one. The IEEE created a new
protocol specifically to handle this task, which is called Robust Secure Network (RSN).
The RSN protocol uses a three step process of send-response messages for a complete
2. The WAP sends a probe response with a RSN Information Exchange (IE) frame.
populated with the type of authentication, uni-cast cipher, and multicast cipher
[14]
Both the end-user and the WAP have the ability to terminate this process if the WAP does
not support the encryption techniques the end-user is looking for, or if the end-user
selects an encryption technique the WAP does not implement. Once the communication
defined in this protocol has been completed successfully by an end-user and a WAP, a
wireless communication channel has been established between the end-user and the
access point, and both parties are now ready for the authentication portion of the 802.11i
standard. [14]
6.2 Authentication
Once the wireless enabled end-user has discovered the available encryption
techniques, the user must authenticate their identity with the wireless network. In this
process, the end-user communicates with the AP, which in turn communicates with the
authentication server (AS) in an attempt to validate the user's credentials and privileges
for further communication. The authentication portion of the 802.11i standard must meet
• Create a mutually authenticated session key, which is stored by the end-user and
authentication server
[14]
Because the IEEE wanted to design the standard as modular as possible, the 802.11i
specification only requires the use of the Extensible Authentication Protocol (EAP) and
802.1X, which specifies the communication between the end-user and the access point
but does not denote how the access point and authentication server are to communicate.
EAP is designed only to transport the authentication messages and is not intended to act
as the authentication method for 802.11i. Instead, the authentication relies on other
techniques being plugged into EAP, which allows for new authentication methods to be
introduced without modifying the underlying protocol. 802.1X is simply defined as the
way to transport EAP messages from the end-user to the AP. Although not defined in the
is the standard authentication method for 802.11i, and RADIUS is the standard for
handling the communication between the AP and the authentication server. The flow of
messages between the three components (end-user, AP, and authentication server)
3. AP sends a access request to the authentication server with the identity specified
communication.
• Once this step has been completed, both the end-user and authentication
5. Authentication server sends an accept message to the AP with the master key.
6. AP sends an EAP success message to the end-user, which means they were
[14]
Unfortunately, the decision to make RADIUS the standard for server-AP communication
has given rise to some problems. The major problem associated with RADIUS is that it
uses a static key between the AP and the authentication server, which requires a great deal
of care to ensure that the key does not get leaked. In addition, the protocol assumes the
connection between the server and the AP is secure, which allows someone to inject false
request packets into that connection and receive valid responses. Therefore, there has
been a push to move from RADIUS to DIAMETER, which uses Cryptographic Message
Syntax (CMS) for key distribution. Unfortunately, the conversion to DIAMETER does
not seem to be a high priority, which could result in the degradation of the security in
802.11i [14]. None the less, this problem is not a result of the 802.11i standard because it
does not specify the protocol to be used between the authentication server and AP, which
shows the good design discussions chosen when decided exactly what the standard should
server, and AP all have a pairwise master key, which will be used in the remaining two
The purpose of the key management component of 802.11i is to ensure that both
the AP and the end-user have shared temporal keys for both unicast and broadcast
Authentication Protocol over LAN), which is actually the same as 802.1X mentioned
above. With the pairwise master key created in the authentication process, a new key is
created to ensure greater security for the remainder of the communication cycle. In the
authentication process the master key, is passed between the AP and the end-user, but the
temporary key created in this step is generated locally on both hardware devices and is
never transmitted. The process for generating the unicast key is as follows:
2. First, the end-user generates its own random number. The temporary key is
generated using this random number, the number generated by the AP, the
pairwise master key created in the authentication process, the MAC address of the
3. The end-user sends the access point the random number it generated.
4. The AP now generates the same temporary key using the same information.
5. The AP sends a message to the end-user telling it to install and use the temporary
6. The end-user sends a response, which informs the AP to start using the temporary
key as well.
[14]
All messages after the initial message from the AP to the end-user contain a message
integrity code, which can be validated against the temporary key generated. This integrity
code prevents a man in the middle attack because only a device with the proper keys
could generate a valid integrity code. Once this initial communication is complete, both
devices have a shared unicast temporary key. With this key, a broadcast (group) key will
2. Using the 128-255th bits of the unicast temporary key, the AP encrypts the group
3. The end-user decrypts the group temporary key using the same portion of the
[14]
Now, both the end-user and the AP have mutually validated keys for communicating to a
single second party (unicast key) and to any number of users at the same time
(broadcast/group key). With these keys, the communication between the two parties can
The last major component of the 802.11i standard is the process by which data is
transferred between devices. The standard defines three separate means for encrypting
data, which are CCMP, WRAP, and TKIP. All of these protocols were designed to meet
packets with the same sequence number, you are preventing replayed packets.
[14]
problems during the initial establishment of the connection, the AP and end-user drop all
none 802.1X traffic,. Once both devices have the temporary unicast and broadcast keys,
they begin to drop all traffic that is not protected with those keys. By filtering the
packets, both the end-user and the AP are able to (missing piece) . The filtering allows
for more protection from forged and replayed packets, but the bulk of the complexity
be implemented in all 802.11i compliant devices. The CCMP technique is based on the
AES encryption algorithm in CCM mode (Counter Mode with CBC-MAC), which is a
128 bit block cipher. The data is encrypted in the following format using the temporary
header, the length of the header, and the payload. The checksum is calculated
3. The checksum and the payload are then encrypted using the Counter Mode of
AES.
[14]
Performing these three steps, ensures that only those who hold the temporary key
generated early are able to decrypt the plaintext. In addition if a malicious third party
attempted to modify any portion of the packet, the checksum generated would not match
the one appended to the payload. This ensures the privacy and authenticity of the
communication. Although the CCMP encryption technique is provably strong, the basis
of the security is that only the intended parties have the temporary key generated in the
previous processes. For CCMP to be truly effective you must generate a new key for
every new communication established and the key must be properly based between the
end-user and the AP, which is done using the 802.1X protocol discussed above. The only
major drawback associated with CCMP is that all new hardware must be acquired
because the process is too complicated to just modify the existing technology. So this
In the initial proposal of 802.11i, the IEEE proposed the use of the WRAP
encryption technique, which is based on AES in the OCM mode. Due to legal issues,
WRAP was replaced with CCMP. Since three companies have filed for patents relating
to WRAP, problems with the acceptance of this standard by those who do not hold the
patent are likely to occur. WRAP still remains in the 802.11i specification, but that is
only because some manufacturers had already produced hardware that implemented it.
The final encryption technique discussed in the standard is TKIP (Temporal Key
Integrity Protocol), which is in essence a wrapper for the existing WEP security protocol.
The major benefit for TKIP is that it can be implemented entirely in software, which
allows it to run on existing hardware running WEP security. Instead of using a static key
for encryption, TKIP uses the temporary key to perform the WEP security.
Unfortunately, this is still plagued by the same problems as the original WEP because the
encryption technique is not strong enough, and a brute force attack can break the key in
several hours. The security of TKIP is an improvement over WEP because the key is
dynamically generated for each connection, but TKIP was not designed to be the optimal
7. Summary
comparable to that of wired networks. A major benefit of the design of 802.11i is the
the standard easily allows the addition of the new technique without replacing the
hardware. Now that many manufacturers are beginning to produce devices that
implement 802.11i, it will not be too long before the new technology is deployed and a
secure wireless infrastructure is available. In “WPA Plugs Holes in WEP”, Jim Geier
Basically, 802.11i is taking WEP a step further than simply patching WEP by proving
[1] Borisov, Nikita, Ian Goldberg, and David Wagner. "Intercepting Mobile
Communications: The Insecurity of 802.11.", 27 Oct. 2004
<http://www.isaac.cs.berkeley.edu/isaac/wep-draft.pdf>.
[3] Geier, Jim . "802.11 WEP: Concepts and Vulnerability." Wi-Fi Planet 20
June 2002. 27 Oct. 2004 <http://www.wi-
fiplanet.com/tutorials/article.php/1368661>.
[5] Higgins, Tim. "Wi-Fi Protected Access (WPA) NeedToKnow - Part II." Toms
Networking 25 June 2003. 30 Oct. 2004
<http://www.smallnetbuilder.com/Sections-article50-page1.php>.
[7] Klaus, Christopher W. Wireless LAN Security FAQ. 6 Oct. 2002. 14 Oct. 2004
<http://www.iss.net/wireless/WLAN_FAQ.php>.
[8] Arbaugh, William A., Narendar Shankar, and Y.C. J. Wan. "Your 802.11
Wireless Network has No Clothes*." (2001). 15 Oct. 2004
<http://www.cs.umd.edu/~waa/wireless.pdf>.
[9] Karygiannis, Tom, and Les Owens. National Institute of Standards and
Technology. Wireless Network Security. Nov. 2002. 14 Oct. 2004
<http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf>.
[10] Gast, Matthew. “Seven Security Problems of 802.11 Wireless”. 14 Oct. 2004
<http://www.oreillynet.com/pub/a/wireless/2002/05/24/wlan.html>.
[11] Wireless LAN Security: What Hackers Know That You Don’t. 14 Oct. 2004
<http://www.airdefense.net/whitepapers/hackers_request2.php4>.
[12] Neudoerffer, Dave. “5 steps to secure mobile data.” 7 Nov. 2002. 14 Oct. 2004
<http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2897010-
1,00.html>
[13] What is a rogue wireless access point? 31 Oct. 2004
< http://www.tech-faq.com/wireless-networks/rogue-access-point.shtml>
[14] Cam-Winget, Namcy, Moore, Tim, Stanley, Dorothy, Walker, Jesse. “IEEE
802.11i
[16] What is RSN (Robust Secure Network)?. Tech FAQ. Oct 14, 2004.
<http://www.tech-faq.com/wireless-networks/rsn-robust-secure-network.shtml>
[22] Cohen, Alan and Bob O’Hara. “802.11i shores up wireless security”, Network
World Fusion. May 26, 2003.
<http://www.nwfusion.com/news/tech/2003/0526techupdate.html>
[23] Geier, Jim. “WPA plugs holes in WEP”, Network World Fusion. March 31,
2003. <http://www.nwfusion.com/research/2003/0331wpa.html>
[24] Fleishman, Glenn. “The Path to 802.11i”. Wi-Fi Networking News. 2003.
<http://wifinetnews.com/archives/002594.html>
[26] Marks, Roger B., Gifford, Ian C., and O’Hara, Bob. Standards in IEEE 802.
Unleash the Wireless Internet
[27] Telephony’s Complete Guide to WiMAX: The Business Case for Service
Provider Deployment. www.TelephonyONLINE.com, June 2, 2004
1. NetStumbler: Freeware wireless access point identifier that listens for SSIDs and
2. Kismet: Freeware wireless sniffer and monitor that passively monitors wireless traffic
and sorts data to identify SSIDs, MAC addresses, channels, and connection speeds.
http://www.kismetwireless.net
3. THC-RUT: Freeware wireless LAN discovery tool that uses “brute force” to identify
http://www.thehackerschoice.com
4. Ethereal: Freeware wireless LAN analyzer that interactively browses captured data,
viewing summary and detail information for all observed wireless traffic.
http://www.ethereal.com
computing the encryption key when enough packets have been gathered.
http://airsnort.shmoo.com
6. HostAP: Toolkit that converts a wireless LAN user station to function as an access
point. (Available for wireless LAN cards that are based on Intersil's Prism2/2.5/3
chipset.) http://hostap.epitest.fi
7. WEPWedgie: Toolkit for determining 802.11 WEP keystreams and injecting traffic
with known keystreams. The toolkit also includes logic for firewall rule mapping,
http://sourceforge.net/projects/wepwedgie/
8. WEPCrack: Freeware encryption breaker that cracks 802.11 WEP encryption keys
http://sourceforge.net/projects/wepcrack/
9. AirSnarf: Soft AP setup utility that is designed to steal usernames and passwords
from public wireless hotspots by confusing users with DNS and HTTP redirects from
10. SMAC: Windows MAC Address Modifying Utility that allows users to change MAC
address Network Interface Cards (NICs) on Windows 2000, XP, and 2003 Server
http://www.klcconsulting.net/smac
11. Airjack: Denial-of-Service tool kit that sends spoofed authentication frames to an AP
hunter_killer. http://sourceforge.net/projects/airjack
12. IRPAS: Internet Routing Protocol Attack Suite designed to attack common routing
13. Ettercap: Suite for Man-in-the-Middle attacks. It features sniffing of live connections
and content filtering on the fly. Additionally, it supports active and passive dissection
of many protocols and includes many features for network and host analysis.
http://ettercap.sourceforge.net
14. Cain&Abel: Password recovery tool that allows easy recovery of various kinds of
16. WEP Attack: Brute-Force WEP cracker that uses Dictionary attacks against WEP
http://sourceforge.net/projects/wepattack/
17. ASLEAP: Toolkit that can recovers weak LEAP passwords, read captured files, or
sniff the air. Can also actively de-authenticate users on LEAP networks, forcing them
to re-authenticate. http://asleap.sourceforge.net/
18. THCLeapCracker: Toolkit that can break the Cisco LEAP authentication protocol and
can also spoof challenge-packets from access points, allowing the hacker to perform
19. DSNIFF: Collection of tools for network auditing and penetration testing. Can
http://naughty.monkey.org/~dugsong/dsniff
20. IKEcrack: Authentication crack tool that can use Brute-Force or a Dictionary attack
http://ikecrack.sourceforge.net/