With the advent of the internet, the technological advancements of wireless networking have increased by leaps and bounds. Recent years witnessed the rapid growth of wireless systems in both home and corporate networks. To ensure the provision of cost-effective and reliable wireless services, the companies must install, configure, manage, and protect their wireless infrastructure with adequate security controls. The following sections elaborate the concepts needed to install and configure wireless security settings and these concepts are also necessary for the Security+ exam.
What Cryptographic Protocols Do I Need to Know for Security+?
Unlike wired connections, data which is transmitted across wireless networks can easily be compromised if adequate security controls are not in place. One easy solution is to encrypt the data so that even if it gets into the wrong hands, no one would be able to read it. The following sections illustrate various cryptographic protocols that you need to know for your Security+ exam.
WPA: Wi-Fi Protected Access
WPA is a security protocol based on TKIP and LEAP security solutions (discussed later) and was developed as an alternative to WEP. Even though WPA is an improvement, it isn’t the most secure due to its employment of a single static passphrase. The attackers can use a brute-force attack to discover the passphrase secretly. Furthermore, LEAP and TKIP encryption methods are indeed vulnerable to numerous cracking techniques such as rainbow table attacks and dictionary attacks. The WPA supports the following two modes that can be used to allow authorized access.
WPA2: Wi-Fi Protected Access 2
WPA2 encryption solution is also based on AES algorithms and considered to be one of the most secure cryptographic protocols for wireless communication because it adds Robust Security Network (RSN) support. RSN incorporates added protection for ad-hoc networks, key caching, pre-roaming authentication, and Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). Despite its trustful nature, WPA2 is also not a 100% secure solution for Wi-Fi networks today. As per research conducted by Math Vanhoef, a security researcher in the computer science department of the Belgian University KU Leuven, the attackers can use the novel attack such as Key Reinstallation Attacks (KRACKs) to exploit WPA2 encryption. Using this attack, the attacker can read information that was previously assumed to be securely encrypted. The Wi-Fi Alliance appreciated and issued a security advisory thanks to Math Vanhoef for his terrific work in the realm of wireless security.
CCMP is designed as a replacement for WEP and WPA. It utilizes a Counter Mode with CBC-MAC (CCM) of the AES algorithm to ensure data confidentiality, integrity, and authentication. CCMP employs a 128-bit key and 128-bit block size and provides security in the face of attacks to the 264 steps of operation. The hackers can use meet-in-the-middle attacks to limit a theoretical strength of the key to 2n/2, where n represents a number of bits in the key.
TKIP: Temporal Key Integrity Protocol
TKIP was created to replace WEP without having the need to replace the wireless hardware. The improvements include the rotation of keys to eliminating the problems faced by the older WEP and the use of sequence counters to prevent replay attacks (an attack where the information going over the network is recorded and then replayed to gain access to a network).
What Do I Need to Know About Authentication Protocols?
An authentication protocol is a type of cryptographic protocol or communication protocol specifically designed for the transfer of authenticated data between two parties. For example, when a remote user wants to establish a connection with a database server, the authentication protocol must be in place to ensure the authenticity of that user. The following section briefly explains the mechanism of various authentication protocols.
EAP: Extensible Authentication Protocol
EAP is a foundational authentication protocol which functions more like an authentication framework than a mechanism for authentication. In fact, EAP allows new authentication technologies to be compatible with existing wireless technologies. There are multiple EAP variations used for authentication based on RFC standards. For example, WPA and WPA2 utilize five different EAP types. There are more than 40 EAP methods that are widely used. These include the wireless methods EAP-FAST, EAP-TLS, EAP-TTLS, LEAP, and many more.
PEAP was jointly created by Cisco, RSA Security, and Microsoft as a secure wireless authentication method. PEAP employs a public key certificate to authenticate a server and carries an authentication in a Transport Layer Security (TLS) session. TLS session provides a secure communication channel for wireless users, WLAN stations, and the authentication server.
EAP-FAST: EAP – Flexible Authentication via Secure Tunneling
EAP-FAST was designed by Cisco to replace LEAP (Lightweight EAP) as a more secure authentication protocol. It is used as a mechanism for session authentications in wireless networks.
EAP-TLS: EAP – Transport Layer Security
EAP-TLS is a standard of IETF, defined in RFC 5216 that utilizes the TLS protocol. EAP-TLS has been a popular method to encrypt traffic between web servers. Today, it is also utilized for authentication purposes. EAP-TLS is very secure and is extensively preferred by many wireless companies due to its wide support across multiple types of wireless network.
IEEE 802.1x is a port-based network access control structure that provides an authentication to devices wishing to establish connectivity with a Local Area Network (LAN) or Wide Area Network (WAN). The access isn’t provided unless the authentication process is executed properly.
RADIUS (Remote Authentication Dial-in User Server) Federation
The previous authentication method can be taken one step further with the use of RADIUS Federation. Remote authentication refers to the process of verifying the identity of remote users. A federation can be utilized to provide authentication to a member of one organization to a network that may be used by a member of another organization, using the same set of authentication credentials. It uses IEEE 802.1x as the authentication method with a RADIUS database at the back-end.
What Essential Methods Do I Need to Know?
The following sections elaborate the essential methods that you must understand to secure an elite score for your Security+ exam.
PSK (Pre-Shared Key) vs. Enterprise vs. Open
Pre-Shared Key: The pre-shared key is the type of authentication system that is used to authenticate and validate users on a WiFi connection or WLAN.
Enterprise: This is the type of authentication mostly used by large enterprises. Using a shared key in a business may cause numerous security problems, thus using an enterprise authentication system is the right choice. It utilizes 802.1x to provide authentication to the network, allowing its users to use their individual credentials.
Open: An open system is the one which does not require any authentication password to allow access to the network. An open system is used in places where there isn’t a requirement of any wireless security. An example of such a system is the one used in public Wi-Fis.
WPS: Wi-Fi Protected Setup
The WPS protocol is a wireless network security standard designed to ease the security setup process between wireless home networks. It provides setups for devices without the use of any complicated passphrases. Many modern devices even allow Near-Field Communications (NFC) where the user requires bringing the device close to the access point for authentication. Recently, WPS has experienced a major flaw in its PIN system. The attackers can exploit this vulnerability to discover a PIN with a brute-force attack.
Sec+ Training – Resources (InfoSec)
A captive portal is the customized login page that visitors see when they attempt to connect Wi-Fi network of the Access Point (AP). In other words, a captive portal enables the web browser to allow access to the user providing accurate credentials. Captive portals are mostly used for wireless hotspot and to manage the internet access on campus grounds, hospital wireless networks, school wireless networks, or even for larger organizations.
Are You a Security+ Aspirant and Looking for Some Help?
InfoSec offers a Security+ Boot Camp that teaches you the information theory in a compressed time frame, and also reinforces the theory with hands-on exercises that help you “learn by doing.”
InfoSec also offers thousands of articles on all manner of security topics.