 |
Wireless Home Entertainment
Systems
|
|
|
|
|
Security Issues in Wireless Home Entertainment
You will want to set up a wireless media player or put in place a wireless-enabled entertainment system because of the various advantageous associated with wireless connectivity. In particular, there is the added convenience and flexibility when doing away with interconnecting cables.
At the same time, you do not want hackers from tapping into your home network to steal personal information or damage your system.
Unfortunately, the level of security associated with wireless networks is inherently less than that of wired systems. Wired-LANs are somewhat protected by the natural access constraint of their structure - in particular, if all parts of the LAN resides inside a building protected from unauthorized access.
Wireless LANs, being over radio, do not have the same physical access constraints. This renders wireless LAN more vulnerable to tampering than wired LANs.
For this purpose, a number of security protocols were devised to provide an acceptable level of wireless security when transmitting data over radio, by encrypting the data contents over the wireless link.
All wireless network gear - whether this being a home router, a wireless media player, etc., supports various wireless security protocols intended to make it more difficult for network hackers to tap into your home network. We are saying 'difficult' rather than 'impossible' simply because for the experienced hacker, tapping into someone else network is not impossible; it is true that it can be time-consuming but...
Wireless Security Basics: WEP and WPA/WPA2 Encryptions
Virtually, all wireless equipment supports a wireless security feature referred to as WEP bit encryption. WEP - short for 'Wired Equivalent Privacy', is a data encryption technique for wireless local area networks (WLAN), defined in the 802.11 standard.
WEP is the original standard for wireless security. It was designed to supposedly provide the 'same' level of security as that of wired local area networks (LANs) by scrambling the information passed between wireless devices. A hacker attempting to tap into your WEP-enabled wireless network would find only meaningless bits. However, the wireless access point and the client device would share an encryption key that is used to scramble and descramble the encrypted information.
There are various levels of WEP encryption - depending on the number of bits within the encryption key; the latter can be 64-bit, 128-bit or even 256-bit. The higher the number of bits, the more difficult it will be to decipher, but actual data throughput will suffer as there is more payload for the same amount of data.
One should be aware that although WEP do provide a significant level of wireless security - especially at 128-bit and 256-bit encryption, nevertheless it is not 100% secure. There are a number of open source utilities that hackers can use to break a WEP encrypted network in minutes. In other words, if a hacker can receive packets on a WEP protected network, it is only a matter of time till the WEP encryption is cracked.
At the same time, it is a fact that while WEP is not perfect, yet with so many unprotected networks, simply having it enabled is often enough to send a hacker away to search for an easier target.
WPA, RSN and WPA2
Introduction
Wi-Fi Protected Access - or WPA, is an enhanced encryption technique created by the Wi-Fi Alliance to provide improved wireless security over WEP. It is an early version of the 802.11i standard rectified by the IEEE in June 2004; the latter defines the security mechanism for wireless networks after it was shown that WEP has severe wireless security weaknesses. WPA was mainly designed as an intermediate attempt to provide improvement to WEP by implementing in-the-field firmware upgrades to existing 802.11 gear.
WPA covers a subset of the defined security mechanism in the final 802.11i standard. WPA was followed by a full implementation of the IEEE 802.11i with the introduction of the WPA2; this is based on the concept of a Robust Security Network or RSN.
In RSN based systems, wireless devices need to support additional security capabilities. A fully compliant RSN network is incompatible with existing WEP equipment, though in the transitional period, WEP equipment will still be supported.
WPA employs authentication via user ID and password and uses more sophisticated techniques to protect data passing over a wireless link. It distributes different keys to each user; however, it can also be used in a less secure 'pre-shared key' (PSK) mode, where every user is given the same pass-phrase.
The PSK can be anything using an 8 to 63 character passphrase. It may also be entered as a 64 character hexadecimal string. Weak PSK passphrases can be broken fairly easy by experienced hackers using easily available programs. It is therefore essential to select a 'good' difficult-to-break passphrase, or preferably enter a full 64-character hexadecimal key for improved wireless security.
WPA makes use of a Temporal Key Integrity Protocol or TKIP, to constantly change the encryption key. This dynamically changing of keys makes the WPA/TKIP solution more difficult for a hacker to break the key.
The 802.11i standard allows for various network implementations and while it can use TKIP as a wireless security protocol, yet by default, RSN based systems use the Advanced Encryption Standard; this is the preferred algorithm in 802.11i and in WPA2.
WPA2 is the Wi-Fi Alliance branded version of the final 802.11i standard. The primary enhancement over WPA is the inclusion of the AES block cipher and the Counter-Mode/CBC MAC Protocol (or CCMP encryption protocol) as mandatory. It is this that provides for a stronger, scalable wireless security solution. Instead, WEP and WPA use the RC4 stream cipher, and while WPA can be implemented through a firmware upgrade to a WEP device, WPA2 would require a hardware upgrade as well.
RC4 stream cipher makes use of a 128-bit key and a 48-bit initialization vector (IV). However, one major improvement in WPA over WEP is in the handling of the encryption key. Whereas WEP uses the same key, WPA makes use of a temporary key - thanks to the use of TKIP, thus making it more difficult for a hacker to break the system.
AES-CCMP introduces a higher level of security than RC4 based systems by providing protection for the MAC protocol data unit (MPDU) and parts of the 802.11 MAC headers. This protects even more of the data packet from eavesdropping and tampering.
The CCMP encryption protocol used in AES is equivalent to TKIP in WPA. RSN based solutions - like WPA2, defines a hierarchy of limited life keys, similar to TKIP. And like TKIP, master keys are not used directly in CCMP, but are instead used to derive other keys.
The end result: WPA2 encryption is much harder to break than WPA even though the latter already provides significant wireless security improvements over WEP-based devices.
Basic Steps in Securing a Wireless Network
What follows are just a few simple basic steps in wireless security - listed in order of importance - you can take to help enhance the security of your wireless networking activity.
|
|
By default, encryption is switched off. Turn it ON. Use WPA2 whenever possible; alternatively opt for WPA as the next best wireless security encryption. WEP is better than nothing. |
|
|
Change default passwords required to access wireless devices. Default passwords represent an easy crack for hackers. Default passwords are set by product manufactures to enable you to access the system on first log-on, but these should be changed once you set up your system to prevent hackers from accessing your network. By simply changing these passwords, you will be doing a lot towards enhancing your wireless security |
|
|
Change the default SSID (Service Set Identification), or network name used to identify your network. Hackers know the default names of the different brands of equipment; furthermore, default SSIDs - like default passwords - may serve as an indication for hackers that a network is easy to tap in. Change default SSID to something that would make it easy for the respective users to find the correct network, BUT that at the same time, would still be difficult for a hacker to guess. In other words, do not use a name that is easily associated with you! |
|
|
Disable file and print sharing - if not needed. Disabling the print/file sharing feature can limit a hacker's ability to steal data from your computer in the event s/he manages to get past the encryption. |
|
|
Limit radio coverage of your Access Points to the desired area only whenever possible. Any wireless signal spilling outside your desired coverage area represents an opportunity for hackers to get access to your network without entering your home! Use directional antennas at the perimeter of the covered area to direct your broadcast inward, and do not use more radio power than necessary to avoid signal leakage outside the required access zone. |
|
|
Use a firewall especially between wired and wireless segments of the network to prevent anyone breaking your wireless network from hacking your wired network. |
The following wireless security measures - while ineffective against determined experienced hackers - may still serve a useful purpose against the majority of inexperienced opportunistic users. Furthermore, these may also force experienced hacker to move elsewhere and find an easier target!
|
|
Disable the SSID broadcast: Hiding the SSID may help prevent unauthorized access from the casual opportunistic user since a user need to know the SSID to connect to a network. |
|
|
Enabling MAC address filtering: MAC address filtering will prevent the casual users from connecting to your network by maintaining a list of allowed MAC addresses that can access your network. |
At the same time, it is important to keep in mind that hiding the SSID, or enabling MAC filtering alone, will not prevent anyone from reading the data transmitted over your wireless network, only encryption will do that.
Additional Related Articles under the
Wireless Speakers Systems and Wireless Home Entertainment Sections:Reviews:
For an easy-to-follow guide on home networking, we suggest to visit Home-Network-Help.COM
|
More on
Wireless Security in Home
Entertainment
Remember
|
|
return from Wireless Security Basics |
back to Home Page |
Copyright © - Practical-Home-Theater-Guide.com All rights reserved.
Review Date:
13th August, 2007
Lots more info at
Practical Home Theater Guide
Suggested Further Reading:
Wireless Home Theater: A buying guide to Wireless
Speakers Systems
Wireless speakers offer greater
flexibility especially when in-wall wiring is not an option. This wireless
speakers buying guide should help you identify the best solution for your needs.
A Practical Guide to Wireless Headphones and Dolby
Headphone technology
Ever told to turn it down? Wireless headphones may be a
solution. However, you need to combine the flexibility
of a wireless headset with Dolby Headphone technology to
enjoy a great sound experience.
Surround Sound
Formats
The never ending list of terms and brand names - Dolby, DTS,
THX - associated with surround systems is starting to get a bit too
complicated...
Speaker Placement in Multi-Channel Audio Correct home theater speaker placement plays a critical role towards achieving that seamless ‘enveloping’ sound so important in the overall home theater experience.
Time Delay
Settings in Surround Systems
Directly related with your home theater speaker placement is a correctly set surround sound
field in multi-channel audio playback systems.
Home
Theater Equipment Placement
Just as important as which equipment to buy, is deciding where to put them.
Correct placement of system components is a major contributor towards...
Selecting and Installing Speaker Wire
A correct home theater wiring approach
is important for your home theater sound. Poor workmanship and low quality
speaker wire will surely impact...
Home Theater Design:
A series of
articles covering all aspects of a home theater setup.
Home Theater Room Design Basics (1):
Room Acoustics and Lighting
Acoustics
& lighting are dependent on the shape, size and layout of your room – a fact
often overlooked by many during their home theater design stage...
Set-up Discs and Video Calibration Solutions
Home theater setup DVDs and video calibration kits can help you squeeze a
lot more out of your system.
Quick
Guide to DVI
The DVI Cable Guide
- explaining the different flavors of DVI interconnects
HDMI
Cable Guide
A short guide explaining all you need to know about HDMI
cables & connectors.
HDCP and HDTV:
What is HDCP, and why
it impacts HDTV viewing? What about HDCP strippers as a solution to
non-compliant devices?
Audio Video
Equipment Racks
There is more to equipment racks than a storage space for your
home theater gear. More in this info guide.
Recommended Guides to
Home Networking
This book covers everything from terminology through wireless security and down to products needed. An extremely informative guide that can help you set up and run your own WiFi network.
Through this easy-to-follow step-by-step guide, you’ll learn to design your network, select the components, install any necessary wiring, connect to the Internet, connect PCs to the network, set up wireless security measures, and troubleshoot your network.
Wireless
Media Players
@
