Performance evaluation of the security in wireless local area networks (WiFi)

Nada CHENDEB, Bachar El HASSAN and Hossam AFIFI(2)

I

Departement o computer and communication, Faculty of engineering, Lebanese University, Elf kobbeh, al Arz Street, Triyoli, Lebanon.

Phone: 06/423988, Fax :06/423989, Emails :cherideb nada@,h,hotmail.com, elhassan@ul.edu.lb 2Dt2partement o networks and communication services,Institut Nationale de Tt2lt2communiccction f (INV, 9 Rue Charles Fourier, 91011 Evry Cedex, France. Phone .- 4-33 1 60764708, Fax : +33 1 60764291, Email :hossnm.afifi@int-evrv.fr

Keywords WLAN, Security, Protocol, Vulnerabilities, attack, performance.. . Topics Wireless Communications, Information & data security 1 Introduction Everyone knows that mobility is a requirement in our days. In order to answer this requirement, new technologies have been developed like 802.1 1. However this technology brings with it, important limitations in the field of security. Since 1997 and until this day, the studies havent stopped in order to make these networks more reliable. Several solutions were found. This article aims to compare the performance of these solutions from two points of view: Robustness against attacks and bandwidth degradation.
2 Performance evaluations: Robustness against attacks

2.1 WEP: Wired Equivalent Privacy This is the first solution suggested by the standard; its objective is to make a WLAN equivalent to a traditional wired network and to ensure these 3 security services: Access Control, mechanisms and vulnerabilities: WEP has two types of authentication: open and shared key; the first does not offer any access security, the second is vulnerable, because it is enough to listen to challenge and answer to be able to access in a legitimate way. Data Integrity, mechanisms and vulnerabilities: The integrity control is ensured by a CRC32. This mechanism suffers from problems like linearity and non-complexity. The exploitation of these problems results in easy redirection attacks, as well as message injection. Data Confidentiality, mechanisms and vulnerabilities: WEP confidentiality is based on RC4 encryption algorithm, using 40 bits static keys + 24 bits initialization vectors sent in clear. - The use of static and short keys forms the basis of dictionary attacks. - The limitation of initialization vector space, the absence of mechanisms that protect against IV repetition and key management mechanisms made it easy to researchers in the university of Maryland to implement an attack which build decryption tables that facilitate data decryption. - The bad implementation of RC4 in WEP, discovered by researchers in university of Berkeley, facilitates the implementation of an attack known as: FMS attack. 2.2 The first evolution: WEP2 WEP2 is an improved version of WEP, with increased initialization vector and key size, and with the use of 802.l x for periodical key change. However, wEP2 remains insufficient because the absence of protection mechanisms against IV collision, the use of RC4, etc. 2.3 The second evolution: WPA, WiFi Protected Access To mitigate these insufficiencies in security, WiFi alliance agreed to use an intermediate solution called WPA. The latter takes parts of 802.1 l i specification, where we have key
0-7803-8482-2/04/$20.OO 02004 I EEE.

21 5

management, Encryption with TKIP and data integrity with MIC. However, it still remains the problem consisting of the use of RC4 algorithm on which TKIP is based. 2.4 The last evolution: 802.11i 1- Pre-RSN: Transit solution using TKIP, Temporal Key Integrity Protocol for encryption, it implements dynamic key management and key mixing functions as well as data integrity by MIC, fi-ame fragmentation and sequencing. 2- RSN: the latest solution supposed for the robust solution, it uses CCMP, Counter Mode with CBC-MAC Protocol, based on AES encryption standard in CBC-MAC for modc for confidcntiality and data intcgrity; it obligcs thc usc of 8 0 2 . 1 ~ dynamic key management and mutual authentication. 2.5 Comparative summary As indicated in the following figure, WEP is weak. It is not sufficient alone, and it is necessary to add an additional security on the higher layers. WPA has improved safety, but additional safety still remains still required, whereas 802.11i, which is not implemented until the day, can make it safer for our network without additional security.

e 5 8

1997-2002

2003-2003

2004-Xyears

3 Performance evaluations: bandwidth degradation Other robustness, such as the load caused by the execution of the algorithm and its influence on the bandwidth are a performance decision parameter. With the aim of comparing various solutions, we took measurements of flow in some cases shown in the following tables. In the first line, you find the flow in Mb/s, while in the second line the percentage of performance fall.
Sans WEP
6.267

WEP 40 bits
6.2

WEP 104 bits

6.199

TKIP - MIC
6.154

0% SHA 1 5.93 5.37%

1.07% MD5-DES 5.827 7.02%

1.08% SHA1-DES 5.744 8.34%

1.80%

MIC seul 5.875 6.25%

TKIP+ MIC
5.86

6.50% SHA 1-3DES 4.95 21.01%

MDS-3DES 5.15 17.82%

WEP 40 bits involves a weak load in the network. Moreover there is not a remarkable difference between WEP 40 and WEP 128 bits. It is thus necessary to activate WEP 128 bits without fearing scarifying of the bandwidth - MIC involved a remarkable fall of flow of 6.5% - With IPSEC, the fall of performance is more remarkable than in the case of the WEP. This is well known; the morc we relocate the treatment towards the lower layers, the better we gain. 4 Conclusions WEP is completely vulnerable, WPA made improvements, it can be used in a transitional phase, but it is not sufficient, the supposed robust solution is 802.1 li. The influence of the protocols on the bandwidth is an essential performance parameter, WEP (40 or 104 bits) has a weak impact on the flow, and TKIP with its MIC calculation takes a great part of the load of the processor, use of IPSEC means to sacrifice most of its bandwidth The network administrator must carry out the good choice between the load, the robustness requested and the importance of transmitted information.

0-7803-8482-21041$20.00 02004 IEEE.

21 6