Wireless LAN – WLAN
BAT54-Rail/F..
Release
7.54
06/08
3.2
Development of WLAN security
35
D The receiver selects any symmetrical key. This symmetrical key that is
used both for encryption and for decryption, must now be securely trans-
mitted to the sender. It is encrypted with the sender's public key and re-
turned to the sender. The only way that the symmetrical key can be
decrypted again is with the sender's private key. Potential eavesdroppers
observing the key exchange cannot decrypt this information, and conse-
quently the transmission of the symmetrical key is secure.
This method can be used for the safe transmission of symmetrical keys via
the Internet. In the following sections, we will see these methods again,
sometimes in modified form.
3.2.2 WEP
WEP is an abbreviation for Wired Equivalent Privacy. The primary goal of
WEP is the confidentiality of data. In contrast to signals which are transmitted
over cables, radio waves spread out in all directions—even into the street in
front of the house and other places where they really aren't desired. The
problem of undesired interception is particularly obvious in wireless data
transmission, even though it can also arise in larger installations with wired
networks—however, access to cables is far more easily restricted than is the
case with radio waves.
During the development of the WLAN security standard, the IEEE Committee
did not intend to develop a "perfect" encryption method. Such high-security
encryption methods are, for instance, required and also used in electronic
banking—in this case, however, the applications themselves use high-quality
encryption methods, and it would be unnecessary to repeat this effort at the
radio transmission level. With the new security standards, only those appli-
cations which normally work without encryption in wired LANs should be pro-
vided with sufficient security against eavesdropping by unauthorized third
parties.
WEP is a symmetrical method of encryption and uses RC4 algorithm as its
basic encryption technology, a process already well-known in other areas
and considered highly secure. RC4 uses a key between 8 and 2048 bits in
length, which is used to generate a pseudo-random series of bytes using a
predetermined process. The data packet for encryption is then XOR'd byte
by byte with this byte stream. The receiver simply repeats this procedure with
the same key and in the same order to produce the original data packet
again.
To Next Page
Loading...
