eBook - ePub
Optimizing IEEE 802.11i Resource and Security Essentials
For Mobile and Stationary Devices
- 72 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Optimizing IEEE 802.11i Resource and Security Essentials
For Mobile and Stationary Devices
About this book
In the past decade, the number of wireless devices has grown exponentially. Decades ago, all systems were wiredcomputer systems. Wireless technology was not accessible in mobile and portable devices until in recent years, and has followed a variety of methods for encryption and resource management. The purpose of the research in Optimizing IEE 802.11i Resources and Security Essentialsis to determine the issues of the performance in current encryption methods in AES-CCMP in different types of devices and handle it so that an optimized resource usage would be achieved with the required security. Two modes for 802.11i for two different groups of devices is suggested and evaluated with the current encryption method for AES-CCMP to compare the performance.Almost every organization in today's world relies on wireless networks to transmit information, and much of that information should be kept secure. Banking, healthcare, and the military are all vital industries that rely on wireless security for a huge section of their operations.Security experts of today and tomorrow will learn a lot from Optimizing IEE 802.11i Resources and Security Essentials, and it can be used for master level in computer science, information security, wireless network security and cryptography.- The research in this book covers how to best balance security concerns with limited resources available on wireless devices as well as how to optimize security resources on higher-end non-mobile devices
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Optimizing IEEE 802.11i Resource and Security Essentials by Iraj Sadegh Amiri,Parisa Naraei,Iman Saberi in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over one million books available in our catalogue for you to explore.
Information
Chapter 1
Introduction
Abstract
The standard – 802.11 – is known to be the best adoptable in LAN environments. The chapter mainly describes this standard, then it pertains to the issues of mobile devices in using AES-CCMP encryption protocols. The first objective would be to implement the components of AES-CCMP and to analyze the working, then to define two modes that are for short- and long-term usage for AES-CCMP, for portable systems that have resource limitation like mobile devices, and finally to test and validate the possibility of optimizing resource usage in stationary devices. The problem background of IEEE 802.11 standards is determined. Also the purpose and the scope of the study are described.
Keywords
AES-CIA-CCMP-IEEE-Mobile Devices
Vulnerabilities
Encryption
Decryption
WEP
1.1. Introduction
Nowadays everywhere, wireless technology can be found. Different users are using wireless technology and a wide range of wireless devices exists such as PCs, laptops, tablets, and smartphones. Wireless transmissions use the microwave technology [1–7]. The available frequencies are situated around the 2.4 GHz ISM band for a bandwidth of about 83 MHz and around the 5 GHz U-NII band, for a bandwidth of about 300 MHz divided into two parts. The accurate frequency allocations are set by laws in different countries; the same laws also adjust the maximum selected transmission power and location. Although this technology is being generally used, different devices have different capabilities in the usage. Since wireless networks have more vulnerabilities than other types of computer networks, preparing security in wireless local area network is more essential. The security mechanism chosen for different devices may differ. A satisfactory security technique in wireless network is a balance between data security and network performance. The era of wireless and wired communication systems has gained considerable attention to be a main building block of communications standards such as IEEE 802.11a/g when the microring resonators are used.
This chapter discusses the problem background of IEEE 802.11 standards and determines security model of 802.11 named 802.11-2012. Besides, it explains the aim of this research and defines objectives and the scope of this study.
1.2. Problem background
Nowadays, the kind of devices being used for WI-FI connection is different from previous decade. People used to connect with their PCs and laptops, but nowadays they use mobile devices rather than nonmobile devices. The new mobile devices need security for the data transmission on the Internet, so the necessity of secure algorithms and protocols for encryption and decryption of the data becomes more and more important. For this purpose, new devices had to follow the existing security protocols that were designed and implemented on nonmobile devices for Wi-Fi connections.
The IEEE 802.11 standard defines an interface between a wireless client and an access point (AP) or in ad hock networks. IEEE 802.11-2012 is a revision to the original IEEE 802.11. The draft standard was sanctioned by the IEEE on June 24, 2004. This standard specifies security mechanisms for wireless networks. For confidentiality 802.11-2012 uses a new model of encryption. The new cryptography is based on the Advanced Encryption Standard (AES) algorithm, which was selected by NIST and adopted by the US government as a national standard, and replacement for the previous standard is based on the Data Encryption Standard (DES) algorithm. Strong encryption and authentication are added as the primary components of 802.11-2012 to enhance the original 802.11 standard [8].
The encryption methods of three generations of 802.11-2012 are described as follows:
Wired Equivalent Privacy (WEP): Uses the RC4 stream cipher for providing confidentiality, and the ICV (CRC-32) for integrity. Some of the weaknesses of WEP refer to not being able to stop packet forgery and replay attacks. Also attackers can easily record and replay packets. WEP uses RC4 inappropriately [9]. Keys are not strong, and attacker can do brute-force attack in less than an hour. This protocol reuses initialization vectors. Some attack techniques are able to decrypt data without key and it allows an intruder to invisibly modify a plaintext without having the key for encryption. Besides, key management is weak and upgrading is not perfect. There are some problems in the RC4 algorithm and in WEP message authentication can be easily forged. There are four scenarios for attacking WEP:
Scenario one: Pulling packets from captured data
Scenario two: Interactively pulling packets from live communication
Scenario three: Creating a packet from a chopchop replay attack
Scenario four: Creating a packet from a fragmentation attack
TKIP(): The WPA as the certification of TKIP was developed for solving the issues in the WEP method, without any changes in hardware. This standard identifies two modes, which are personal and enterprise mode. In addition, the TKIP has following weaknesses [10]:
1. Brute-force attack
2. Dictionary attack
In the context of security, a brute-force attack is a particular strategy used to break your crafted password. This is the most widely used method of cracking and dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying likely possibilities, such as words in a dictionary.
Wi-Fi Protected Access II (WPA2): WPA2 came after two generations of 802.11-2012, which are WEP and WPA; they used RC4-CRC and RC4-TKIP/MIC in order. WPA2 is known as the best security protocol in wireless networks. It replaces RC4 with AES and substitutes MIC with message authentication code. Same as WPA, WPA2 supports two security modes. The first mode is personal and the second mode is enterprise [10].
1. A preshared secret is used for home or personal use. Clients and APs are manually configured to use the same secret of up to 64 ASCII characters or 256 bits.
2. 802.11-2012 adopts 802.1X for user authentication in enterprise mode. 802.1X is based on EAP and defines the framework of authentication. It does not include the authentication methods, but supports multiple authentication methods, such as EAP-TLS and EAP-TTLS. EAP-TLS delivers a much stronger authentication mechanism, and secure key distribution.
Authentication is the assurance that an entity is who he/she/it claims to be. Confidentiality “implies a relationship between two or more persons in which the information communicated between them is to be kept in confidence.” And integrity is the accuracy and consistency of stored data, indicated by an absence of any alteration in data between two updates of a data record. According to these definitions, 802.1X is used for authentication. Encryption (CCMP) is used for confidentiality, and MIC is for data integrity.
MAC, although called authentication, is for the “authentication” of the message, and it is better called data integrity. The authentication of the communication is via 802.1X. Internet connection speed and broadband connectivity has reached 17.5 Mbps in the world but such a net speed is not achieved in wireless networks yet. The high-capacity transmission of data can be achieved using multiple signals. The strong security protocol of AES-CCMP (WPA2) slows down the wireless speed. Despite the popularity of mobile devices, their performance and energy bottlenecks remain hidden due to a lack of visibility into the resource-constrained mobile execution environment with potentially complex interaction with the Wi-Fi connection. AES-CCMP is working tardily in mobile devices with resource limitation, and preparing ideal encryption in AES-CCMP leads to speed reduction and this is the issue that should be looked into.
1.3. Problem statement
IEEE 802.11-2012 encryption technique provides strong security mechanism in computer systems but it is not optimized in the usage of resources. Besides, in mobile devices that are power- and resource-constrained, the wireless connection speed decreases. The level of security provided in AES-CCMP is more than that needed in mobile devices since the mobility characteristic of mobile devices restricts the time required by an attacker to hack the victim device and the session would be terminated whenever the location of mobile device changes. So there is a lack of balance between security level and resource usage that should be investigated.
1.4. Purpose of the study
Nowadays, the number of wireless devices is growing significantly, but they all used to be computer systems. Wireless technology was not accessible in mobile and portable devices until in recent years. The purpose of this research is to determine the existing issues of the performance in current AES-CCMP encryption methods running on different types of devices and handle it so that an optimized resource usage would be achieved with the required security. Finally, two modes for 802.11-2012 for two different groups of devices will be created and evaluated with current encryption method for AES-CCMP to compare the performance.
1.5. Objectives of the study
To achieve the intention of the study, the following objectives are specified:
1. To implement the components of AES-CCMP and to analyze the performance
2. To create two modes that are short time and long time usage for AES-CCMP, for portable systems that have resource limitation like mobile devices
3. To test and validate the possibility of optim...
Table of contents
- Cover
- Title page
- Table of Contents
- Copyright
- Abstract
- List of Abbreviations
- Chapter 1: Introduction
- Chapter 2: Literature Review
- Chapter 3: Research Methodology
- Chapter 4: Design and Implementation for Mobile Devices
- Chapter 5: Conclusion
- References