Wireless Network Security

Re: Wireless Network Security

Postby enormity » July 27th, 2013, 3:16 pm

Thanks, its really helpul post .i was looking for such kind of information and found it from your thread.
BPO Services India
enormity
 
Posts: 1
Joined: July 27th, 2013, 3:13 pm

Re: Wireless Network Security

Postby harshadkkkk » December 7th, 2012, 7:06 pm

Thanks Sir,
it's very helpfull :)
Regards,
Harshad Kadam
harshadkkkk
 
Posts: 2
Joined: December 7th, 2012, 6:48 pm
Location: mumbai

Re: Wireless Network Security

Postby prakashbajpai » November 30th, 2012, 1:11 pm

highly informative and useful article.
a MUST read for all network and customer engineers. :)
prakashbajpai
 
Posts: 1
Joined: November 19th, 2012, 3:23 pm

Wireless Network Security

Postby tarun.kumar » November 28th, 2012, 1:31 pm

Wire-line networks have been used for years in high Security environment and the Data Security over Wireline network is assumed to be given .

A Wireless network has all of the properties of a wire-line network (except, of course, the wire), and thus security measures taken to ensure the integrity and security of data in the wire-line network environment are applicable to wireless networks as well. The primary difference between a wire-line network and a wireless network is at the physical layer (wire versus airspace) and all other network strengths and weaknesses remain.

Given the obvious reliance of wire-line networks on the wire, anyone gaining access to that wire can damage the network or compromise the integrity and security of information on it. Physical access to network wires needs to be protected.Unfortunately, the vast amount of wire inherent in most networks provides many points for unauthorized access. Network traffic can be intercepted and decoded with commonly available tools once one has physical access to the network.

Wireless networks can take advantage of all of the security measures available on wire-line networks, and then add additional security features not available in the wire-line world. As a result, wireless networks can be as secure, and in fact more secure, than their wire-line counterparts.

Tikona Secure Wireless Network

Tikona Secure Wireless Network uses Standard Protocols and technologies in a Hierarchical implementation .In order to make Tikona Wireless Network highly Secure, Advance Multi-Layer Security Techniques ,that are not available in the wire-line world, have been developed and deployed .

Some of the mechanism adopted for wireless Security on Tikona Wireless broadband Networks are described below . Please note that this is not exhaustive list and is given below to give you an idea of Wireless Broadband Security in general.

Strong Encryption over Wireless network

Tikona Secure Wireless Network uses Most Advance Wireless Protected Access II (WPA2) encryption along with Advance Encryption System (AES ) to connect between Two Wireless End Points .

WPA2 is a pervasive, global standard widely adopted in highly secure environments. WPA2 helps protect networks against hacker threats such as man-in-the-middle attacks, authentication forging, reply, key collision, weak keys, packet forging, and brute-force/dictionary attacks.

Use of AES cipher with 128 bit Key and a 48 bit Initialization Vector makes WPA-2 AES encryption scheme unbreakable. Data and header Integrity is maintained thru CCMP while Key Management is done thru 802.1x EAP-TTLS . Tikona Secure Wireless Network does not use Pre-Shared Keys thus making the EAP-TTLS Encryption key transfer a highly Secure Process.

AES : The Unbreakable Encryption

Advanced Encryption Standard (AES) is a specification for the encryption of electronic data. AES is the best known and most widely used block cipher. In the case of AES-128, there is no known attack which is faster than the 2^128 complexity of exhaustive search.

AES was announced by National Institute of Standards and Technology (NIST) in the United States, as U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001 after a five-year standardization process in which fifteen competing designs were presented and evaluated before it was selected as the most suitable. It became effective as a Federal government standard on May 26, 2002 after approval by the Secretary of Commerce. It is available in many different encryption packages.

AES is the first publicly accessible and open cipher approved by the National Security Agency (NSA) for top secret information .In June 2003, the U.S. Government announced that AES may be used to protect classified information. The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level.

Data and Header Integrity

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol or CCMP (CCM mode Protocol) is an encryption protocol that implement the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard .

CCMP is the standard encryption protocol for use with the WPA2 and provides the following security services.
  • Data Confidentiality; ensures only authorized parties can access the information
  • Authentication; provides proof of genuineness of the user
  • Access control in conjunction with layer management

CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with CBC-MAC (CCM) of the AES standard. CCMP uses CCM that combines CTR for data confidentiality and CBC-MAC for authentication and integrity. CCM protects the integrity of both the MPDU data field and selected portions of the IEEE 802.11 MPDU header. CCMP is based on AES processing and uses a 128-bit key and a 128-bit block size.

Radio Authentication : Secure Key Distribution Thru EAP-TTLS

Tikona Secure Wireless network uses Standard based techniques to distribute Cipher Keys to Radios instead of using Pre Shared Keys (PSK) . PSKs can get leaked and therefor are not suitable to be used in highly secured environments .

Tikona Secure Wireless network employs EAP-Tunneled Transport Layer Security (EAP-TTLS) , an EAP protocol that extends Transport Layer Security . A Centralized Server is Used to Securely Authenticate any New Radio or Element to be connected on the network and provide Cipher Keys to a Pair of Authenticated Radios that requires to be connected.

The secure tunnel provides protection from eavesdropping and man-in-the-middle attack. The Radio’s embedded user's credentials are never transmitted in unencrypted cleartext, thus improving privacy.

Wireless Intrusion Detection and Prevention

Tikona Secure Network NMS is integrated with specialized algorithms to detect Wireless Intrusion and take pre-defines steps in near real Time to mitigate impact of such intrusions. Each Radio deployed over Tikona Secure Network becomes a Scanning device on command to scan the environment and detect any Security Threats . Of Course , the NMS is manned by Trained expert to raise immediate alert also.
Regards ,
Tarun
tarun.kumar
 
Posts: 9
Joined: August 11th, 2011, 12:11 pm
Location: MUMBAI


Return to Tech Talk

Who is online

Users browsing this forum: No registered users and 2 guests