On Wireless Networks
One of the most important developments in recent years has got to be the proliferation of wireless networks. Today, we have cellular networks, WI-FI networks, Bluetooth networks and in the near horizon, WI-MAX networks. The bean bag upon which I am seated now is covered by three cellular networks and five WI-FI networks.
Thankfully, these five WI-FI networks are secured to some degree with either WEP or WPA. I remember how I could, at my previous apartment, connect to my neighbour's open network. No wonder why the cable connection speed was always poor - the rest of the neighbours could easily have been leeched off that clueless fellow.
WEP employs the RC4 cipher with a 24 bit IV. Currently, there are a variety of key sizes depending on the vendor. The router I am using offers 64-bit and 128-bit key sizes. Unfortunately, WEP has long been known to be vulnerable - for one, its small IV and static key structure results in the repetition of IV thus exposing regularity in the encrypted data which can be used to break the shared key. Vulnerabilities in WEP are well documented and anyone who is interested can find out more with a simple web search.
WPA was created with the intention to address the lack of security. While it still uses RC4, the IV size has been increased to 48. Another notable change is the use of the 802.1X authentication server in key exchange. Again, if anyone is interested in the details, a web search will yield a host of interesting tidbits.
Now, the important take away from all of this: if your wireless network is not encrypted right now either with WEP or WPA, do so now! (Digression: Encryption does not equate security. I will elaborate on this but in a another post...) While WEP is not thoroughly secured, it does deter the casual user from helping himself (or herself) to your network connection. In addition, it helps to keep your data from those insidious sniffers - programs that capture, log and even filter all network traffic. Really wonderful stuff...
Next