Forwarded from: Elizabeth Lennon <elizabeth.lennon (at) nist.gov>
ITL BULLETIN FOR APRIL 2007
SECURING WIRELESS NETWORKS
Shirley Radack, Editor
Computer Security Division
Information Technology Laboratory
National Institute of Standards and Technology
Technology Administration
U.S. Department of Commerce
Many users and organizations have found that wireless communications and
devices are convenient, flexible, and easy to use. Wireless local area
networks (WLANs) enable users with mobile devices that operate over
radio frequencies to move from one place to another without being
physically connected to a network. Portable computers, personal digital
assistants (PDAs), and cell phones support the sharing of data and
applications with network systems and other users with compatible
devices, and provide access to network services such as wireless email,
web browsing, and the Internet. Wireless communications can benefit
organizations by reducing their wiring costs.
The mobile devices function within the range of the wireless network,
usually limited to an area such as an office building or building
complex. Since they transmit data through radio frequencies, wireless
networks are open to intruders and especially vulnerable to security
risks unless properly protected. Intruders have exploited the openness
of wireless networks to access systems, destroy and steal data, and
launch attacks that take over network bandwidth and deny service to
authorized users.
Wireless Local Area Networks Standards and Security
The Information Technology Laboratory (ITL) of the National Institute of
Standards and Technology (NIST) issued Special Publication (SP) 800-48,
Wireless Network Security: 802.11, Bluetooth and Handheld Devices, in
2002. This guide assists organizations in implementing a family of
voluntary industry standards developed by the Institute of Electrical
and Electronics Engineers (IEEE) to define the characteristics, the
transmission of data, and the security of wireless local area networks.
In addition to the IEEE 802.11b and 802.11g standards, NIST SP 800-48
also discusses Bluetooth technology and wireless handheld devices such
as text messaging devices, PDAs, and smart phones.
The IEEE 802.11 standards were based on a security method known as Wired
Equivalent Privacy (WEP). Since this method had been subject to several
well-documented security problems, the concerns about security led the
standards developers to improve the security methodology with an
amendment to the specifications (IEEE 802.11i).
The amendment introduces new security features to overcome the
shortcomings of WEP and presents the concept of the Robust Security
Network (RSN), a wireless security network with three main components:
* stations (STA) - wireless endpoint devices such as laptops, and
wireless handheld devices such as PDAs, text messaging devices, and
smart phones;
* access points (AP) - network devices that allow STAs to communicate
over radio frequencies and to connect to another network, such as the
organization's wired infrastructure; and
* authentication servers (AS) - WLAN components that provide
authentication services to STAs.
Threats to WLANs often involve an attacker with access to the radio link
between two STAs or between a STA and an AP. The RSN framework, as
described in IEEE 802.11i, provides for the creation of Robust Security
Network Associations (RSNAs). RSNAs are wireless connections that
provide moderate to high levels of assurance against WLAN security
threats through the use of a variety of cryptographic techniques.
NIST SP 800-97, Establishing Wireless Robust Security Networks:
A Guide to IEEE 802.11i
ITL recently issued NIST SP 800-97, Establishing Wireless Robust
Security Networks: A Guide to IEEE 802.11i, to supplement NIST SP 800-48
and to assist organizations in establishing and maintaining robust
security for WLANs using the new security features that were developed
for IEEE 802.11i. Written by Sheila Frankel and Karen Scarfone of NIST
and by Bernard Eydt and Les Owens of Booz Allen Hamilton, the guide
includes an overview of wireless networking, focusing on the IEEE 802.11
family of WLAN standards. The publication explains the basic WLAN
components and architectural models and provides an overview of WLAN
security, including a review of the security features and weaknesses of
the IEEE 802.11 specifications, and the features of the IEEE 802.11i
amendment that improve WLAN security.
NIST SP 800-97 introduces the major security-related components that are
defined in IEEE 802.11i and explains the security features and
capabilities associated with the framework for RSNs. It provides
extensive guidance on the planning and deployment of RSNs, the steps
needed to establish RSNAs, data confidentiality and integrity protocols,
and the cryptographic keys that are created and used by these protocols.
Other issues discussed include the five phases of operation that occur
during RSN communications, starting with the discovery of a WLAN and
ending in the termination of the connection; the types of frames used to
carry information between RSN components; the flow of frames between
components during each phase of RSN operation; and planning for the
implementation of the Extensible Authentication Protocol (EAP). The EAP,
which was designed to accommodate the use of new authentication methods
as they are developed, should be used by organizations for most RSN
deployments. Also discussed are the most common EAP methods, how
organizations can select EAP methods appropriate to their environments,
EAP security considerations, and the EAP architectural model and related
support requirements.
A section of the guide focuses on validation testing of cryptographic
products as required under Federal Information Processing Standard
(FIPS) 140-2, Security Requirements for Cryptographic Modules, and the
certification requirements as applied to IEEE 802.11 wireless networks.
This section also provides an overview of the security specifications
developed by the Wi-Fi Alliance, a nonprofit industry consortium of WLAN
equipment and software vendors, which conducts a certification program
for WLAN products. The certifications help organizations select
interoperable WLAN products that can support RSNs. Recommendations for
best practices related to WLAN security are summarized, and planned
extensions to IEEE 802.11 are discussed.
Extensive appendices to NIST SP 800-97 include an acronym list,
references and other sources of information, as well as a listing of
online resources that provide additional information about IEEE 802.11i
specifications and IEEE 802.11i security.
NIST SP 800-97 is available from NIST's website at
http://csrc.nist.gov/publications/nistpubs/800-97/SP800-97.pdf.
Recommendations for Wireless Network Security
NIST recommends that organizations adopt the following practices to
improve the security of their wireless networks:
* Ensure that all WLAN components use Federal Information Processing
Standards (FIPS)-approved cryptographic algorithms to protect the
confidentiality and integrity of WLAN communications.
The IEEE 802.11i amendment defines two data confidentiality and
integrity protocols for RSNAs: Temporal Key Integrity Protocol (TKIP)
and Counter Mode with Cipher Block Chaining Message Authentication Code
Protocol (CCMP). The guide discusses both protocols, as well as the
cryptographic keys created and used by these protocols.
Federal agencies are required to use FIPS approved cryptographic
algorithms that are contained in FIPS-validated cryptographic modules.
Only the CCMP uses a FIPS-approved core cryptographic algorithm, the
Advanced Encryption Standard (AES), as specified in FIPS 197. Since CCMP
provides stronger assurance than WEP and TKIP, federal agencies are
advised to use CCMP for securing IEEE 802.11-based WLANs. Auxiliary
security protection is required for legacy IEEE 802.11 equipment that
does not support the use of the CCMP. Federal agencies should consult
NIST SP 800-48 for specific recommendations for securing legacy IEEE
802.11 implementations.
* Select IEEE 802.11 RSN authentication methods that meet the needs of
the organization's computing environments.
The RSN specified in IEEE 802.11 uses the EAP for the authentication
phase of establishing an RSNA. EAP supports a wide variety of
authentication methods, also called EAP methods. These methods include
authentication based on passwords, certificates, smart cards, and
tokens. EAP methods also can include combinations of authentication
techniques, such as using a certificate followed by a password, or the
option of using either a smart card or a token for authentication. These
options enable organizations to integrate the EAP methods with other
environments to which a WLAN might connect. Organizations have
considerable discretion in choosing which EAP methods to employ;
however, the choice of EAP method should be carefully considered since
it can impact the protection provided by an RSN.
Because of the extensible nature of EAP, many EAP methods exist, and
others are being developed. Some EAP methods may not satisfy the
necessary security requirements for WLANs; for example, EAP methods that
do not generate cryptographic keying material cannot be used for WLANs.
In general, the current EAP methods that can satisfy WLAN security
requirements are based on the Transport Layer Security (TLS) protocol. A
primary distinction between TLS-based EAP methods is the level of public
key infrastructure (PKI) support required; the EAP-TLS method requires
an enterprise PKI implementation and certificates deployed to each STA,
while most other TLS methods require certificates on each AS only.
Organizations should use the EAP-TLS method whenever possible.
Because some EAP methods have not yet been adopted as voluntary industry
standards and new methods are being developed, organizations are
encouraged to obtain up-to-date information on EAP methods and standards
when planning an RSN implementation, based on IEEE 802.11. See Appendix
C of the guide for contact information. Additionally, organizations
should ensure that the cryptographic modules implementing the TLS
algorithm for each product under consideration have been FIPS-validated.
Before selecting WLAN equipment, organizations should review their
existing identity management infrastructure, authentication
requirements, and security policy to determine the EAP method or methods
that are most appropriate in their environments. They should then
acquire systems that support the chosen EAP methods, and implement and
maintain them carefully. See the guide for detailed guidance on planning
EAP implementations, the available EAP methods, how organizations can
select EAP methods, and additional EAP security considerations.
* Integrate existing authentication technology with the IEEE 802.11 RSN
WLAN to the extent feasible.
Although the RSN framework supports the use of pre-shared keys (PSK),
organizations should choose to implement the IEEE 802.1X standard and
EAP for authentication instead of using PSKs because of the resources
needed for proper PSK administration and the security risks involved.
IEEE 802.1X and EAP authentication requires an organization to use an
AS, which may necessitate the use of a PKI. An organization that already
has implemented ASs for web, email, file and print services, and other
authentication needs, should consider integrating this technology into
its RSN solution. Most leading network operating systems and directory
solutions offer the support needed for RSN integration.
* Ensure that the confidentiality and integrity of communications
between access points and authentication servers are sufficiently
protected.
The data confidentiality and integrity protocol, such as CCMP, used by
an IEEE 802.11 RSN protects communications between STAs and APs.
However, IEEE 802.11 and its related standards do not cover protection
of the communications between the AP and AS. Therefore, organizations
deploying RSNs should ensure that communications between each AP and its
corresponding ASs are protected sufficiently through the use of
cryptography. Also, because of the importance of the ASs, organizations
should pay particular attention to establishing and maintaining their
security through operating system configuration, firewall rules, and
other security controls.
* Use technologies that have the appropriate security certification from
NIST and interoperability certification from the Wi-Fi Alliance when
IEEE 802.11 RSNs are established.
To implement IEEE 802.11 RSNs, organizations may need to update or
replace existing IEEE 802.11 equipment and software that cannot support
RSNAs. They may also need to purchase additional equipment. The Wi Fi
Alliance's Wi-Fi Protected Access 2 (WPA2) certification program
facilitates the interoperability of WLAN products that implement IEEE
802.11i systems with similar equipment from other vendors. Federal
agencies should procure WPA2 products that use FIPS-approved encryption
algorithms and that have been FIPS-validated. Organizations that plan to
use authentication servers as part of their IEEE 802.11 RSN
implementations should procure products with the WPA2 Enterprise level
certification. Also, because the WPA2 certification is expanded
periodically to test for interoperability with additional EAP methods,
organizations should obtain the latest WPA2 information before making
procurement decisions.
* Ensure that WLAN security considerations are incorporated into each
phase of the WLAN life cycle in the establishment and maintenance of
IEEE 802.11 RSNs.
Each of the phases of the life cycle in planning and implementing IEEE
802.11 RSNs has special considerations for WLAN security. The five-phase
life cycle model for WLANs, which is briefly summarized below, is based
on the model discussed in NIST SP 800-64, Security Considerations in the
Information System Development Life Cycle.
* Initiation Phase includes the tasks that an organization should
perform before it starts to design its WLAN solution: developing a
WLAN use policy; performing a WLAN risk assessment; and specifying
business and functional requirements for the solution, such as
mandating RSNAs for all WLAN connections.
* Acquisition/Development Phase includes Planning and Design, and
Procurement:
* Planning and Design allows WLAN network architects to specify the
technical characteristics of the WLAN solution, such as authentication
methods, and the related network components, such as the firewall
rules. The WLAN network architects should also conduct a site survey
to help determine the architecture of the solution and how the WLAN
should be integrated with the existing authentication infrastructure,
including the organization's PKI.
* Procurement involves specifying the number and type of WLAN components
that must be purchased, the feature sets they must support such as
FIPS-validated encryption modules, and any certifications they must
hold such as WPA2 Enterprise.
* Implementation entails the configuration of procured equipment to meet
operational and security requirements, and the installation and
activation of the equipment on a production network, with the
appropriate event logging procedures enabled.
* Operations/Maintenance includes carrying out security-related tasks
that an organization should perform on an ongoing basis once the WLAN
is operational, including patching, periodic security assessment, log
reviews, and incident handling.
* Disposition encompasses the tasks that occur after a system or its
components have been retired, including preserving information to meet
legal requirements, sanitizing media that might contain sensitive
material, and disposing of equipment properly.
Best Practice Recommendations
NIST SP 800-97 summarizes over 50 best practice recommendations for WLAN
security, grouped by the life cycle phase for which each recommendation
is most relevant. NIST encourages organizations to adopt these best
practice recommendations. RSNs are complex, involving multiple devices,
protocols, and standards. The recommendations are presented in a way to
enable organizations to manage their WLANs and to take actions that will
provide reasonable assurance that the WLANs are protected from most
security threats. The recommendations should be particularly helpful to
organizations that have made a decision to integrate WLAN technology
into their computer networks and want to determine the best way to do
it. The recommendations will help those organizations that are already
managing WLANs, but are not satisfied with the level of security they
provide. When they upgrade, replace, and configure their infrastructure,
they should enhance security by supporting RSNs and other security
controls.
More Information
NIST publications assist organizations in planning and implementing a
comprehensive approach to information security. For information about
NIST standards and guidelines that are referenced in the security guide
for wireless networks, as well as other security-related publications,
see NIST's web page http://csrc.nist.gov/publications/index.html.
Federal organizations should follow the guidance on general security
controls that are discussed in NIST SP 800-53, Recommended Security
Controls for Federal Information Systems, for minimum management,
operational, and technical security controls for information systems.
This publication is available on the web page listed above.
For information about FIPS 140-2, lists of FIPS-approved cryptographic
products, and NIST's Cryptographic Module Validation Program,
see http://csrc.nist.gov/cryptval/140-2.htm.
Disclaimer
Any mention of commercial products or reference to commercial
organizations is for information only; it does not imply recommendation
or endorsement by NIST nor does it imply that the products mentioned are
necessarily the best available for the purpose.
Elizabeth B. Lennon
Writer/Editor
Information Technology Laboratory
National Institute of Standards and Technology
100 Bureau Drive, Stop 8900
Gaithersburg, MD 20899-8900
Telephone (301) 975-2832
Fax (301) 975-2378
__________________________
Subscribe to InfoSec News
http://www.infosecnews.org
Received on Apr 27 2007
Intro
