Ads by TechWords

See your link here
Receive the latest technology news and information.
Mobile/Wireless Computing
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

How 802.1x authentication works

April 3, 2003 12:00 PM ET

Computerworld - Benefits of WLAN
Wireless LANs offer two things central to the adoption of communications technologies: reach and economy. Scalable end-user reach is gained without stringing wires, and the users themselves often feel empowered by their unfettered Internet access. In addition, IT managers find the technology a means to possibly stretch scarce budgets.
However, without stringent security to protect network assets, a WLAN implementation could offer a false economy. With Wired Equivalent Privacy (WEP), the old 802.1x WLAN security feature, networks could be easily compromised. This lack of security caused many to realize that WLANs could cause more problems than they were worth.
Overcoming the inadequacies of WEP
WEP, a data privacy encryption for WLANs defined in 802.11b, didn't live up to its name. Its use of rarely changed, static client keys for access control made WEP cryptographically weak. Cryptographic attacks allowed attackers to view all data passed to and from the access point.
WEP's weaknesses include the following:

  • Static keys that are rarely changed by users.

  • A weak implementation of the RC4 algorithm is used.

  • An Initial Vector sequence is too short and "wraps around" in a short time, resulting in repeated keys.

Solving the WEP problem
Today WLANs are maturing and producing security innovations and standards that will be used across all networking mediums for years to come. They have learned to harness flexibility, creating solutions that can be quickly modified if weaknesses are found. An example of this is the addition of 802.1x authentication to the WLAN security toolbox. It has provided a method to protect the network behind the access point from intruders as well as provide for dynamic keys and strengthen WLAN encryption.
802.1X is flexible because it's based on Extensible Authentication Protocol. EAP (IETF RFC 2284) is a highly pliable standard. 802.1x encompasses the range of EAP authentication methods, including MD5, TLS, TTLS, LEAP, PEAP, SecurID, SIM and AKA.
More advanced EAP types such as TLS, TTLS, LEAP and PEAP provide mutual authentication, which limits man-in-the-middle threats by authenticating the server to the client, in addition to just the client to the server. Furthermore, these EAP methods result in keying material, which can be used to generate dynamic WEP keys.
The tunneled methods of EAP-TTLS and EAP-PEAP actually provide mutual authentication to other methods that utilize the familiar user ID/password methods, i.e. EAP-MD5, EAP-MSCHAP V2, in order to authenticate the client to the server. This method of authentication occurs through a secure TLS encryption tunnel that borrows techniques from the time-tested secure Web connections (HTTPS) used in online


Jump to comments

Mobile/Wireless

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Southern Company
Download Now  

Managing Laptops Outside the Office
Learn how you can reduce costs by tracking mobile computers no matter where they are located.

4G Ahead Video Program
Uncover the features and benefits of the two leading 4G technologies for enterprises considering future deployment.

Case Study: Roughing IT
Download Now