6.1 An Introduction to Wireless Security
Wireless data differs from data traveling through a wired network in
that the data is broadcast using radio waves. These radio transmissions
pass through walls and floors and ceilings into the apartments above or
below, the street outside or the house or office building next door.
While data traveling through an eterhnet cable is almost impossible to
intercept the data from a WiFi network can potentially be picked up by
anyone with a wirless network card within the range of the wireless
In the wired world we rely on firewalls to protect networks and systems
from intrusion. The wireless network is typically located behind the
firewall and attack comes not from a hacker attempting to break in
through your internet connection but from a person in the building or
room next door or the opportunistic hacker who drives the streets at
night with a laptop looking for unprotected wireless networks.
Wireless networks are protected from attack by using encryption. This
ensures that the data passing between the computers on the network and
the wireless base station/router can only be understood by other
computers that know what key was used to encypt the data. It is very
unlikely that a hacker will be able to find out what your encryption
key is. In fact breaking into encrypted wireless networks is so
difficult and time consuming that the hacker will simply take the path
of least resistance and move on to one of the many unprotected wireless
networks rather than try to break into yours.
There is no practical way to prevent these radio waves carrying our
data from spreading outside our buildings (short of encasing them in
lead) so we have to accept that the data is going to be visible to
Rather than preventing the data from being seen by others, therefore,
we instead rely
on encryption to make the data unintelligable to the hacker. Whilst
anyone in range of our wireless network can see the data they cannot
read it without the correct encryption key.
6.2 What is Encryption?
Encryption essentially involves taking data and subjecting it to
mathematical algorithms that include a key making it unreadable to
anyone else who does not know what that key is. The encrypted form of
the data is know as cyphertext
Wireless networks use what is know as symmetrical encryption whereby
the same key is used at both ends of the nework connection. For
example, the encryption key is used as part of the mathematical
equation on the sending system to encrypt the data. The receiving
system then uses the same key to decrypt the data when it receives it.
This key is specified by you when you configure the encryption for your
wireless network and should be known only to you. The chances of a
hacker guessing your encryption key are very remote and while it is
possible to break the encryption code with enough time and computing
power it is unlikely this kind of effort will be expended on your
network. You can specify different lengths of key for the encryption
process - the longer the key the stronger the encryption and the more
secure the network.
WiFi wireless networks use a security standard known as Wired
Equivalent Privacy (WEP). The aim of WEP is to provide a level of
security in a wireless network environment that is equivalent to the
security of a wired network. In practice it falls short of this goal
but for most purposes it provides an adequate level of protection.
Wireless encryption can be configured as either 64-bit or 128-bit. This
refers to the length of the key that is used in the encryption
algorithm and these relate directly to the strength of the encryption
(128-bit encryption being stronger than 64-bit encryption). Using
stronger encryption can impact the performance of the network because
more time has to be spent encrypting and decrypting the data at each
end of the communication. In practice it is unlikely the typical user
would notice a significant difference and the strongest encryption
(128-bit) is always recommended.
The encryption key are specified in hexadecimal
Unlike decimal which uses a number base of 10 (i.e digits between 0 -
9) hexadecimal uses a base of 16 (i.e digits between 0 - 9 and A - F).
64-bit encryption requires that you provide a 10 digit key whilst
128-bit encryption requires that you provide a 26 digit key.