border=0 cellpadding=0 cellspacing=0 width=100%>
Yahoo! is not affiliated with the authors of this page or responsible for its content.
Security in Current Commercial Wireless Networks: A Survey
1
Security in Current Commercial Wireless Networks:
A Survey
Fabian Andre Perez
School of Electrical and Computer Engineering
Purdue University West Lafayette, IN 47907-1285
fperez@csociety.org
Abstract
The goal of this survey is to give an overview of the current practices in the security mechanisms used in the
current commercial Wireless Networks. The study will try to cover all the scope of Wireless Networks from the
well known 802.11 standards for WLAN to the 3G standards for Wireless Cellular Technologies. This article is
not intended to cover the details of each technology but will try to give a high level view of the solutions used to
secure each technology.
I. INTRODUCTION
Everyday, technology is innovating the way people interact among each other. In the last years, Wireless
Networks -in all its avors- have revolutionized the way people communicate, and for the rst time it gives
the customers the feeling of being virtually connected (by voice, messaging, video applications over cell
phones, email, VoIP, messaging over internet). It is this closeness or convenience that has made current
Wireless Networks so successfull. The more we get used to a communication tool, the more we trust it.
For good or for bad, this is the reality today, and current technology aims to be even more intimate in
the way to interact with people.
However, in the last few years some concern has been raised about the security strength of the commer-
cial Wireless Networks; this is precisely the motivation of this document. To offer a clear presentation,
easy to understand, of how each major Wireless Technology is using security standards and practices to
offer the security level customers deserve and demand.
This study will analyze various technologies, which are listed in II. For each technology, rst a simple
but clear introduction is offered in order to make the following security analysis easier to present. Then
a section detailing how each technology is using secure mechanisms in order to enforce their security
policy is presented.
Even though an introduction section is offered for each technology, some background knowledge is
assumed in wired and wireless networks and Information Security. A secondary but important objective
of this study was the compile a glossary about the countless acronyms used in the eld.
Another important point to note is that Wireless technologies change incredibly often; therefore, this
survey should be accurate by its publish date May 2005. Please be aware of this point. 2
II. WIRELESS STANDARDS AND TECHNOLOGIES
As beforementioned, this document focuses the attention into various currently widely used Wireless
Networks. The technologies reviewed are:
1) IEEE 802.11
2) IEEE 802.16
3) IEEE 802.15.1 Bluetooth
4) IEEE 802.15.4 Zigbee
5) HomeRF
6) IrDA
7) UMTS
8) CDMA2000
Following we treat each technology separately. 3
III. 802.11
The IEEE 802.11 standards are a set of specications to provide the same functionality as the IEEE 802.3
CSMA/CD (Ethernet) standard. That is, to implement LANs but with the air as a transmission medium
instead of cables. The resulting communication networks are known as WLANs (Wireless LANs). IEEE
802.11 is a member of the family IEEE 802 which handles specications for Local Areas Networks
(LANs). In this study we will describe the specications related with security. A bigger discussion of
the several members of the IEEE 802 family can be found in [1].
The 802.11 standards have evolved since their rst appearance in 1989 [1], [2]. The protocol covers
specication for Layer 1 (physical) and Layer 2 (data link) of the OSI model. Access Points (APs) use
also layer 3 (IP Layer), but it is for management purposes only. However, current APs could be congured
as a mix of APs, switches, routers, and even rewalls. A light overview of some of the standards that
form the IEEE 802.11 family that are more related to this study are:
802.11
This is the original standard, it species transmissions speed of 2Mbps or 1Mbps. It works in
the 2.4GHz ISM band using either FHSS or DSSS with PSK modulation.
802.11a
This standard came after 802.11b; therefore, trying to x the problems encountered with 802.11
and 802.11b. It operates in the 5GHz band (U-NII). Therefore it can coexist with 802.11b without
causing interference. It has 12 non-overlapping channels. The encoding scheme is OFDM and the
data speeds depend in the modulation technique: 54 & 48 Mbps (64-QAM), 36 & 24 Mbps (16-
QAM), 18 & 12 Mbps (QPSK), and 9 & 6 Mbps (BPSK). The coverage range is approximately
60 feet [3].
The advantages of 802.11a are the speed (54Mbps) compared to 802.11b (11 Mbps), also the
likelihood of interference in the 5 GHz is less than in the 2.4 GHz where other applications
compete for the same frequency space (cordless phones, microwaves, baby monitors, Bluetooth).
A disadvantage is the reduced range of coverage compared to 802.11b, which results in more
APs to cover the same area. Other disadvantage is that there is no backward compatibility with
802.11b, so 802.11a equipment can not communicate directly with 802.11b equipment. Also,
because it is not so popular, equipment is more costly; therefore, deployment costs are higher.
Finally, the 5 GHz frequency band is allocated in USA; however, in other countries this band is
already used for other purposes.
802.11b
This is the most successful technology among the 802.11 family. The standard operates in the
2.4GHz band (ISM). It has 11 channels but only three (1, 6, 11) are non-overlapping. It uses
DSSS as Encoding Scheme, and the data speed with its respective modulation are: 11 & 5.5
Mbps (CCK), 2 Mbps (DQPSK), 1 Mbps (DBPSK). Its range is approximately 300 feet [3].
The advantages of 802.11b are: The 2.4 GHz frequency band is available internationally. It
is the most popular standard, which means that hot spots implemented in public areas (cafes,
airports, libraries, book stores) use this standard to attract most people. For the same reason,
the equipment is relatively affordable. The principal disadvantage is that it uses the 2.4 GHz
ISM band, and the frequency band is polluted with other applications. This, added with the fact
that 802.11b has only 3 non-overlapping channels, makes some environments too noisy, and to
deploy a functional 802.11b network is a real challenge. As a consequence the throughput is
usually much lower than the expected 11 Mbps. Also, the low tipical throughput speed makes it
impractical for some bandwidth-hungry applications like multimedia or real time applications.
802.11g
This technology evolved from the successful 802.11b. The standard operates in the 2.4GHz 4
band (ISM). It has 11 channels but still only three (1, 6, 11) are non-overlapping. It uses OFDM
as Encoding Scheme, and the data speed with its respective modulation are: 54, 48, 36, 18, 12
& 6 Mbps (OFDM) 11 & 5.5 Mbps (CCK), 2 Mbps (DQPSK), 1 Mbps (DBPSK). Its range is
approximately 300 feet [3].
The advantages is that 802.11g standard denes the way wireless LAN gear communicates at up
to 54 megabits per second while remaining backward-compatible with 11-Mbps 802.11b. This
important breakthrough enables streaming media, video downloads, and real time applications.
Also, 802.11g enables networks to upgrade hardware while remaining backward compatibility
with 802.11b. The principal disadvantage of 802.11g is the same one that 802.11b has. The
frequency band has to be shared with a lot more applications. Another technical detail is that
to be able to achieve 54 Mbps throughput, 802.11g gear must be present in the client and in
the APs. If one of them is 802.11b only, then all the network will reduce the speed to work at
802.11b specications.
Within IEEE 802.11, there are several working groups devoted to solving several wireless issues. Some
other groups that should be considered are:
802.11d
This group works in the specications of general Internationalization issues.
802.11e
This group works in the specications for QoS support for 802.11a, b, g. This is necessary
for delay-sensitive applications such as Voice over Wireless IP.
802.11f
This group works in IAPP: Inter-Access Point Protocol, which handles the issues that exists
in inter-APs communication to properly roam mobile users.
802.11n
A standard reportedly in the works that would boost 802.11a, 802.11b, and 802.11g speeds
up to 108 Mbps and higher. 802.11n is not yet ofcial.
IEEE 802.11i is strictly related with security (the main topic of this study), so it will be widely discussed
in the next section. Further information about these working groups can be found at [4].
Security Analysis of IEEE 802.11
The rst approach of security in 802.11 was to offer a Wired Equivalent Privacy (WEP). However, today
we know WEP do not offer the security level expected. Other solutions have being presented since the
failure of WEP. Here we will review each one of them highlighting the most interesting points of each one.
A. Wired Equivalent Privacy
WEP was the rst attempt to offer security in the IEEE 802.11 standards. However, in the last few
years the research community has proven that WEP design aws and speci