|
|||||||||||||||||||||||||||||||||||
|
Home Page - Wireless Media Players - Wireless Security Basics A Guide to Wireless Security BasicsSecurity in Wireless Home Entertainment Systems
|
A Complete Guide to Home Automation, Networking & Wireless Audio/Video distribution in the home.
by Duncan McClelland
Last Update
|
||||||||||||||||||||||||||||||||||
Wireless Home Entertainment brings in added convenience and flexibility ...but what about security issue? |
|||||||||||||||||||||||||||||||||||
|
There often come a time when you will want to set up a wireless media player or put in place a wireless internet-enabled entertainment system because of the various advantageous associated with wireless connectivity. In particular, there is the added convenience and flexibility of doing away with long interconnecting cables. At the same time, you do not want hackers from tapping into your home network to steal personal information or damage your system. Unfortunately, the level of security associated with wireless networks is inherently less than that of wired systems. Wired-LANs are somewhat protected by the natural access constraint of their structure - in particular, if all parts of a wired network resides inside a building protected from unauthorized access. Wireless LANs, being over radio, do not have the same physical access constraints. This renders wireless LANs more vulnerable to tampering than wired networks. For this purpose, a number of security protocols were devised to provide an acceptable level of wireless security when transmitting data over radio, by encrypting the data contents over the wireless link. All wireless network gear - whether this being a home router, a wireless media player, etc., supports various wireless security protocols intended to make it more difficult for network hackers to tap into your home network. We are saying 'difficult' rather than 'impossible' simply because for the experienced hacker, tapping into someone else network is not impossible; it is true that it can be time-consuming but... Wireless Security Basics: WEP and WPA/WPA2 EncryptionsWEPVirtually, all wireless equipment supports a wireless security feature referred to as WEP bit encryption. WEP - short for 'Wired Equivalent Privacy', is a data encryption technique for wireless local area networks (WLAN), defined in the 802.11 standard. WEP is the original standard for wireless security. It was designed to supposedly provide the 'same' level of security as that of wired local area networks (LANs) by scrambling the information passed between wireless devices. A hacker attempting to tap into your WEP-enabled wireless network would find only meaningless bits. However, the wireless access point and the client device would share an encryption key that is used to scramble and descramble the encrypted information. There are various levels of WEP encryption - depending on the number of bits within the encryption key; the latter can be 64-bit, 128-bit or even 256-bit. The higher the number of bits, the more difficult it will be to decipher, but actual data throughput will suffer as there is more payload for the same amount of data. One should be aware that although WEP do provide a significant level of wireless security - especially at 128-bit and 256-bit encryption, nevertheless it is not 100% secure. There are a number of open source utilities that hackers can use to break a WEP encrypted network in minutes. In other words, if a hacker can receive packets on a WEP protected network, it is only a matter of time till the WEP encryption is cracked. At the same time, it is a fact that while WEP is not perfect, yet with so many unprotected networks, simply having it enabled is often enough to send a hacker away to search for an easier target. WPA, RSN, and WPA2IntroductionWi-Fi Protected Access - or WPA, is an enhanced encryption technique created by the Wi-Fi Alliance to provide improved wireless security over WEP. It is an early version of the 802.11i standard rectified by the IEEE in June 2004; the latter defines the security mechanism for wireless networks after it was shown that WEP has severe wireless security weaknesses. WPA was mainly designed as an intermediate attempt to provide improvement to WEP by implementing in-the-field firmware upgrades to existing 802.11 gear. WPA covers a subset of the defined security mechanism in the final 802.11i standard. WPA was followed by a full implementation of the IEEE 802.11i with the introduction of the WPA2; this is based on the concept of a Robust Security Network or RSN. In RSN based systems, wireless devices need to support additional security capabilities. A fully compliant RSN network is incompatible with existing WEP equipment, though in the transitional period, WEP equipment will still be supported. WPAWPA employs authentication via user ID and password and uses more sophisticated techniques to protect data passing over a wireless link. It distributes different keys to each user; however, it can also be used in a less secure 'pre-shared key' (PSK) mode, where every user is given the same pass-phrase. The PSK can be anything using an 8 to 63 character passphrase. It may also be entered as a 64 character hexadecimal string. Weak PSK passphrases can be broken fairly easy by experienced hackers using easily available programs. It is therefore essential to select a 'good' difficult-to-break passphrase, or preferably enter a full 64-character hexadecimal key for improved wireless security. WPA makes use of a Temporal Key Integrity Protocol or TKIP, to constantly change the encryption key. This dynamically changing of keys makes the WPA/TKIP solution more difficult for a hacker to break the key.
WPA2WPA2 is the Wi-Fi Alliance branded version of the final 802.11i standard. The primary enhancement over WPA is the inclusion of the AES block cipher and the Counter-Mode/CBC MAC Protocol (or CCMP encryption protocol) as mandatory. It is this that provides for a stronger, scalable wireless security solution. Instead, WEP and WPA use the RC4 stream cipher, and while WPA can be implemented through a firmware upgrade to a WEP device, WPA2 would require a hardware upgrade as well. RC4 stream cipher makes use of a 128-bit key and a 48-bit initialization vector (IV). However, one major improvement in WPA over WEP is in the handling of the encryption key. Whereas WEP uses the same key, WPA makes use of a temporary key - thanks to the use of TKIP, thus making it more difficult for a hacker to break the system. AES-CCMP introduces a higher level of security than RC4-based systems by providing protection for the MAC protocol data unit (MPDU) and parts of the 802.11 MAC headers. This protects even more of the data packet from eavesdropping and tampering. The CCMP encryption protocol used in AES is equivalent to TKIP in WPA. RSN based solutions - like WPA2, defines a hierarchy of limited life keys, similar to TKIP. And like TKIP, master keys are not used directly in CCMP, but are instead used to derive other keys. The end result: WPA2 encryption is much harder to break than WPA even though the latter already provides significant wireless security improvements over WEP-based devices. WPS - Wireless Security Configuration Made Simple!Many home users who know little of wireless security often feel intimidated at the thought of configuring security on their home network and associated connected wireless devices. This is due to the different security options often supported by Wi-Fi certified gear. For this purpose, in January 2007, the Wi-Fi Alliance officially launched the Wi-Fi Protected Setup, or WPS protocol, to provide a standard that simplifies the establishment of a secure wireless home network. It is also for this reason that the WPS protocol was originally referred to as 'Wi-Fi Simple Configuration'. WPS emphasis is placed on a user-friendly setup while ensuring security. In order to achieve its objective, the WPS protocol defines three types of devices in the network: Registrar: A device with the authority to issue and revoke credentials to a network. In a typical home application, this is often integrated into the Wireless Access Point or AP, and takes the form of a wireless router with integrated AP and Ethernet switch. Enrollee: The device that is seeking to join the wireless network. Authenticator: This is the AP functioning as a proxy between a Registrar and an Enrollee. It is not the scope of this article to explain how these devices inter-operate in a WPS scenario. However knowing of their existence will help you better understand how WPS manages to achieve its goal of user usability while ensuring network security. Usability is ensured thanks to four simple setup modes - or possible setup choices as defined by WPS - that provide the user with a simple way of adding a new device to a secure home network. These setup options are:
Security is preserved as in each of these four possible setup modes, the WPS protocol requires that exchange of security information between the wireless device seeking to join the network and the network registrar or AP, is triggered only by a specific user action. In other words, once device identification takes place at both ends of the wireless link, exchange of security information between the two requires a human trigger to initiate the actual setup session. Basic Steps in Securing a Wireless NetworkWhat follows are just a few simple basic steps in wireless security - listed in order of importance - you can take to help enhance the security of your wireless networking activity.
The following wireless security measures - while ineffective against determined experienced hackers - may still serve a useful purpose against the majority of inexperienced opportunistic users. Furthermore, these may also force experienced hacker to move elsewhere and find an easier target!
At the same time, it is important to keep in mind that hiding the SSID, or enabling MAC filtering alone, will not prevent anyone from reading the data transmitted over your wireless network, only encryption will do that. |
Wireless Speaker related articles appearing under this section Guides: Basic Guide to Wireless Audio Systems Installation Tips for Wireless add-on Speaker Systems Home theater wireless systems: an HTiB or a component-based solution? Introduction to Wireless Media Players and Internet-enabled Home Entertainment Systems Reviews: Rocketfish RF-WHTIB Wireless Rear speaker Kit Add-on wireless speakers for Surround and Multiroom Audio Wireless Digital Media Players Reviews
Related Technical Guides
Guide to Wireless Headphones and Dolby Headphone technology
Surround Sound Formats
Speaker Placement in Multi-channel
Audio
Home Theater Design:
Set-up Discs and Video Calibration Solutions
The HDMI Cable Guide
TV Viewing Distance
...and wireless AV distribution in the home Coverings everything from terminology to wireless security and required products. An extremely informative book that can help you set up and run your own WiFi network.
A step-by-step guide to designing your network, from component selection, wiring installation, Internet and PC network connectivity, wireless security measures, to troubleshooting.
Featured digital media players, BD players & internet-enabled HDTVs
LG BD 370 Network Blu-ray Disc Player The new LG BD player for 2009 comes at half the price of its previous model and feature enhanced online support to stream NetFlix videos and movies, NetCast for YouTube, and CinemaNow. 42-inch Panasonic Viera TC-P42G10 42-Inch 1080p Plasma HDTV Panasonic most affordable 2009 THX-certified HDTV - featuring VieraCast internet connectivity to browse online content like YouTube videos, Amazon Video on demand, Picasa Web Albums, weather and stock information, etc, through a web interface build direct into the TV. Panasonic SC-PT960 Deluxe 5 DVD Home Theater System A 1250W, six-speaker wireless HTiB complete with 5 DVD/CD changer, 1080p upscaling capabilities, built-in iPod docking station, and wireless rear speakers with multi-room audio support using Panasonic Viera link technology. For the full range of wireless media players available at amazon, please |
||||||||||||||||||||||||||||||||||
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() [?] Subscribe To This Site More on Wireless Media Players will follow soon.
Subscribe
to our free e-zine to remain abreast with the latest additions to our website.
|
|||||||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||
|
return from Wireless Security Basics... |
|||||||||||||||||||||||||||||||||||
|
About Me | Contact Form | Advertise on this Site | Site Search | Privacy Policy Copyright © - Practical-Home-Theater-Guide.com All rights reserved. |
|||||||||||||||||||||||||||||||||||