Issues And Security Attacks Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Wireless LANs also called as WLANs or Wi-Fi have got a lot of appreciation in past couple of years. Almost every part of the world has become Wi-Fi as people are setting it up everywhere including Hotels, Institutions, Company offices, Restaurants, Shopping Malls, houses etc. The installation and configuration of WLANs has become so simple that people can do it without any pain and in quick time than their counterparts, Wired LANs. Because of growing popularity of WLANs the companies providing wireless services are also increasing rapidly. Wireless networks offers portability that means it covers a small geographical area where you can move anywhere and also access the network without any overhead of configuring or searching for the network. As the consumer demand increases there also comes the security issue which is the vital part of any existing network today[7].


The Institute of Electrical and Electronics Engineer(IEEE) provides the 802.11 set of standards of WLANs[1]. Due to the extensive use of wireless networks it has become an obvious target for unethical hackers. Every single day they come up with vulnerabilities in the existing security of the wireless network. Protecting the wireless network by adding higher security increases the cost of the wireless network. After the emergence of wireless networks limitations such as physical security, encryption flaws etc. were discovered. In order to protect the wireless network we have to enhance our design methodology and technology in addition to our existing implementation of the protocols[1][7].

There came the need for the development of security protocols for wireless security. The first protocol developed was WEP (Wired Equivalent Privacy) but it was not fully protected against wireless security. It was easily vulnerable. So WPA (Wi-Fi Protected Access) was developed as the successor to WEP and had a extended shared key and initialization vector. But the hackers were able to penetrate into the wireless security. WPA2 was developed as a successor to WPA which is into use even today and is considered to be secure protocol in the market today. WPA2 has a different cryptographic algorithm than WPA i.e. WPA2 uses AES algorithm instead of RC4 which is used by WPA and WEP.


This section describes about the issues and the security attacks that the protocols of the wireless networks are vulnerable to.

Interception : In interception the listens to the encrypted message and records it so that it can be decrypted later. It is a passive attack.

For e.g. eavesdropping, illegal copying of data or files[8].

Interruption : Interruption is an active attack. It is the situation in which the services data or the file be destroyed or become unavailable or even unusable.

For e.g. Denial of Service(DOS) attack, when a files is lost or corrupted[8].

Modification : Modification refers to making unauthorized changes to the file or tampering with it leaving it unmatched with the original file. It is to be an active attack.

Examples of modification can be intercepting and changing the data, changing database entries[8].

Fabrication : Fabrication refers to the situation in which addition data or activity is added to the existing data or file which actually does not exist. It is to be an active attack.

For e.g. adding an additional file in the database[8].

Brute Force : Brute force is an attack in which the intruder tries every possible permutation to decrypt the encrypted message and validate the output by performing cross comparisons. It is considered to be a passive attack.

For e.g. guessing passwords[1].

Maintainability : Maintainability refers to the situation where the security mechanism have to be ready for counter measures if any of the protocol gets compromised for any reason[1].

Message Integrity Check(MIC) : Combining the Message Integrity check with the brute force attack any hacker has the ability to validate the contents of the decrypted message. If the hacker can figure out the MIC bits in the packet, he can use the MIC bits to decrypt rest of the data. That is the reason MIC is sometimes considered as a problem[1].

Time Factor : Time factor is used to determine how much time will it take for the brute force attack to succeed on a protocol. Presently permutations on the encryption/decryption key tells about the time it's going to need for them to compromise[1].


1.1 WEP (Wired Equivalent Privacy) : The WEP protocol was designed in a way to provide security to the wireless networks. It works with the IEEE 802.11 standard. WEP provides access control by protecting the wireless networks from unauthorized users to access the network. The stream cipher algorithm, RC4, is used by WEP to provide confidentiality in the wireless networks by protecting it against eavesdropping. WEP also uses CRC-32 checksum to provide integrity in order to prevent tampering with the transmitted data. WEP does the encryption of the messages by concatenating a 40-bit key and a 24-bit Initialization Vectors(IV) to develop RC4 key.

In WEP the encryption is done in the following ways[2] :

The checksum is generated using the plaintext. The result of the checksum is concatenated at the end of the message.

A keystream is generated depending upon two keys a) Secret key, which is hard coded and known by the clients and the servers on the network. b) A public key called as

Figure 1. "Figure 1.[2]"

IV, which is generated dynamically during encryption and is publicly known by everyone on the network i.e. even the authorized as well as

non authorized users on the network.

3. A bit stream called ciphertext is created after XORing the results of step 1 and step 2. As seen the ciphertext is then concatenated with the IV and transmitted over the network.

In WEP the encryption is done in the following ways[2] :

Based on the IV transmitted with the message and the hard coded shared key the keystream is generated.

XOR operation is performed on the ciphertext and the keystream. As a result decryption is done and the original message is retrieved.

Figure 2. "Figure 2.[2]"


As WEP uses 40 - bit key to share between every node in the network to encrypt and decrypt the message, it is prone to vulnerabilities.

WEP lacks maintainability as it RC4 which is the only algorithm used by WEP to encrypt and decrypt the messages. If RC4 is penetrated by an any hacker than the whole mechanism is put to risk.

CRC problem.

1.2 Wired Equivalent Privacy 2 (WEP2) : It is same as WEP but the only difference that the key size was extended to 104-bit long and the initialization vector remained the same i.e. 23-bit long.

Issues : WEP2 has the same issues as that of WEP i.e. problem of MIC and of maintainability. As a matter of fact WEP2 just requires the interception of more number of packets to break into because of the extended key size.

2.1 Wi-Fi Protected Access(WPA)

WPA is a security protocol developed for wireless networks that implements most of the IEEE 802.11i standards developed by Wi-Fi Alliance. WPA uses the same protocol as of WEP i.e. RC4 stream cipher but it has extended 128 bit key and 48 bit initialization vector(IV). The obvious improvement to WPA with respect to WEP is the Temporal Key Integrity Protocol (TKIP). TKIP combined with the IV changes the key whenever the system is being used. This system overcomes many of the limitation found in WEP. WPA also has an improved integrity check which is done using MIC.[1]

Advantages of WPA over WEP are as follows :

An extended IV of 48 bit to stop replay attacks.

Every packet has a key mixing function as the TKIP has a short lifetime and is replaced with a new key periodically.


WPA is not maintainable.

MIC problem.

2.2 Wi-Fi Protected Access 2 (WPA2)

WPA2 has gained the popularity tag of the best working protocol for wireless security. WPA used Message Integrity check (MIC) whereas WPA2 uses Message authentication code, CCMP, for integrity check which is considered to be more secure. Instead of RC4 WPA2 uses Advance Encryption Standard (AES). WPA2 operates in two modes same as that of WPA : Home user (Personal) and Corporate user (Enterprise)[1][3].

Home user mode : In this mode, very similar to WEP a pre shared secret key is used. The secret key can be made up of any of any of the 64 ASCII characters. The user manually configures all the access points and clients on the wireless network. The user can also use a 256 bit randomly generated number, but doing so can create an overhead for the user as to manually enter the number into every client machine[3].

Issues with Home user mode

It has the same security issues as that of the WEP and WPA[3].

Corporate user mode : This mode uses the Extensible Authentication Protocol - Transport Layer Security (EAP-TLS) which is considered to be the most secure authentication protocol in the wireless security. It uses Public Key Infrastructure (PKI), which includes software, policies, hardware, and procedure to manage, create, use and distribute, Digital certificates, to secure the communication to an authentication server[4][5]. Here the corporate user mode uses Remote Authentication Dial In User Service (RADIUS) as an authentication server. RADIUS provides centralized Authentication, Accounting and Authorization (AAA) in a wireless network[6].

Issues with corporate mode

AES may require periodic hardware upgrades.

WPA2 requires a very high processing power.

It is not maintainable and has a MIC problem same as that of WPA but in spite of that its is more secure than WPA and WEP.


Multiple Slot System (MSS) :

MSS makes use of any one of the four algorithm randomly i.e. RC4, AES, RSA and Blowfish unlike that of the other security protocols that we discussed earlier that use only one algorithm for Encryption/Decryption process. As shown in Figure 3 MSS uses any one slot at random out of 256 slots to insert any one of the four algorithm, randomly chosen, that is going to be used for the encryption and decryption process. Not using the original names of the algorithm MSS uses a 2-bit code to distinguish between the four algorithms. At every slot a MSS uses different algorithm is used to encrypt a message. It also uses a different key. Therefore for a hacker to get into the message has to go through 4256 combinations just for knowing the information about the slots. As MSS uses different configuration file for all the different users on the network, if the user on the network is attacked it will not affect the entire network. MSS works at the Application layer [1].

Figure 3. "Figure 1.[1] "

As shown in Figure 4. MSS header contains three parts :

Slot Selector (SS) : The SS is 8-bit long. It is used to select any one of the slot from the group of 256 slots that will contain any one of the four algorithm for encryption or decryption[1].

Key selector (KS) : The KS is 48-bit long. Therefore it can randomly select any one of the key out of 248.[1]

MIC Shuffle Selector (MICSS) : The MICSS is 8-bit long that uses shuffle tables that has a count of 256. The primary purpose of shuffle table is to shuffle the MIC bits and the original message. The shuffling makes it difficult for the attacker to differentiate between the MIC bits and the message[1].

Figure 4 "Figure 2.[1]"


The above proposed mechanism MSS can overcome almost all the known vulnerabilities in the wireless security. First of all it uses any of the four algorithms randomly for the encryption and the decryption process. And above that there are key lists and shuffling tables different for each node on the network that make the security more difficult to be broken. MSS is maintainable because for any reason if any one algorithm is compromised MSS can deny the presence of that algorithm in the slot. This will result in the degradation of the security level of MSS but still then it will be more secure as compared to WEP, WEP2, WPA and WPA2. By shuffling the MIC bits and the original message MSS has provided protection against the brute force attack. The following table shows the comparison between WEP2 WPA2 and MSS[1].

Table 1. "Table 1[1]."