The Future of 802.11 Security: Is It as Bright as It Seems?

Will the new 802.11 standards alleviate this situation? Again, only time will tell. While this book was being written, many manufacturers started to release 802.11g equipment onto the market, even though the 802.11g standard was not complete (see Figure 1-3 for reference on 802.11g development process). A great deal of these pre-802.11g products were advertised as "ultrasecure due to the new standard." In reality, 802.11g has nothing to do with security at all. In a nutshell, it is an implementation of the 802.11a orthogonal frequency division multiplexing (OFDM) physical layer modulation method for a middle ISM band to provide 802.11a speed (54 Mb/s is a standard-defined maximum), thus achieving both high connection speed and 802.11b or even the original 802.11 direct sequence spread spectrum (DSSS) standards compatibility. Therefore, the marketing attempts trying to link 802.11g and security were blatantly false.

Figure 1.3. 802.11i development process.

[View full size image]

On the other hand, the 802.11i standard (still in draft at the time of this writing) is the new wireless security standard destined to replace WEP and provide much stronger wireless security according to its developers. 802.11i was supposed to be released together with 802.11g, but we are not living in a perfect world. Wireless Protected Access (WPA) WiFi Alliance certification version 1 implements many of the current 802.11i development features, but not every 802.11g product currently sold is WPA certified. At the moment, there are many 802.11g networks deployed that still run old, insecure versions of WEP, and we have observed 802.11g LANs without any data encryption enabled by security-unaware administrators. A detailed description of 802.11i is beyond the reach of this introductory chapter and impatient readers are referred to Chapter 10 for the 802.11i structure and function discussion.

What deserves to be mentioned here are the issues of wireless hardware replacement, backward compatibility, personnel training, and falling prices on older 802.11 equipment (combined with higher prices on newly released 802.11g with 802.11i support products) mean that the old vulnerable WEP is with us to stay. This will happen even if 802.11i finally makes it and is unbreakable (very few security safeguards are, if any). Just as in the previously mentioned case of Bluetooth security, there will be users and even system administrators who forget to turn 802.11i security features on or leave the default or obvious key value unchanged. Also, as you will see, WLANs will still remain vulnerable to denial of service (DoS) attacks on both the first and second layers. A vile and determined attacker can use this to his or her advantage, bringing down the network only when 802.11i security features are enabled, thus playing a "Pavlovian game" against the wireless administrator. (When the authentication or encryption is on, the network doesn't work properly!) Thus, an opportunity for a cracker to sneak in will always remain a specific threat to wireless networks to be reckoned with.