Security Services
Regardless of the solution used, any good security solution(s) employed in wireless networks should satisfy the basic needs of authentication, confidentiality, and integrity.
- Authentication Ensures that the entities that need to communicate are truly who they say they are; can include authorization, which allows the entities to communicate on the network after having authenticated successfully.
- Confidentiality Ensures that any information transmitted or shared between the communicating entities remains confidential or inaccessible to any unauthorized or outside entities.
- Integrity Preserves the sanctity of the information communicated between the authorized entities. The contents of the communication must not be corrupted, destroyed, or altered in any way before reaching its intended destination.
Each security solution satisfies these three basic needs in varying degrees: for example, one solution might provide authentication services but is insufficient at providing confidentiality services; another solution may provide confidentiality and integrity services but cannot provide authentication services. In other words, we would find that in the real world, no security solution is perfect.
In this tutorial:
- Securing Wireless Networks
- Security Background
- Security Services
- Cryptographic Concepts and Terms
- Encryption and Decryption
- Keyspace
- Exclusive OR (XOR)
- Algorithm
- Asymmetric Encryption Algorithms
- Public-Private Key Cryptography
- Cipher
- Concealment Ciphers vs. Running Key Ciphers
- Stream Ciphers vs. Block Ciphers
- Cipher Examples
- Cipher Implementations
- Wi-Fi Protected Access
- TKIP/WPA
- Wi-Fi Protected Access 2 (WPA2)
- CCMP/AES
- Hash Functions
- EAP
- EAP Entities
- EAP Grammar
- EAP Types
- EAP-TTLS
- EAP-PSK
- EAP-SIM
- EAP-AKA
- IEEE 802.11i
- Four-Way Handshake
- IEEE 802.11i Considerations