Standards of Wireless LAN security

The Progression of WLAN Security Standards

WLAN standards have progressed over the years in response to a growing need for stronger security and because of some problems in the earliest WLAN security standard.

     The initial security standard for WLANs, called Wired Equivalent Privacy (WEP), had many problems. The other three standards covered here represent a progression of standards whose goal in part was to fix the problems created by WEP. 

In chronological order, Cisco first addressed the problem with some proprietary solutions. Then the Wi-Fi Alliance, an industry association, helped fix the problem by defining an industry-wide standard. Finally, the IEEE completed work on an official public standard, 802.11i.

Wired Equivalent Privacy (WEP)

WEP was the original 802.11 security standard, providing authentication and encryption services. As it turns out, WEP provided only weak authentication and encryption, to the point that its authentication and encryption can be cracked by a hacker today, using easily downloaded tools. The main problems were as follows:

=> Static Preshared Keys (PSK): 

The key value had to be configured on each client and each AP, with no dynamic way to exchange the keys without human intervention. As a result, many people did not bother to change the keys on a regular basis, especially in Enterprises with a large number of wireless clients.
=> Easily cracked keys: 

The key values were short (64 bits, of which only 40 were the actual unique key). This made it easier to predict the key’s value based on the frames copied from the WLAN. 

Additionally, the fact that the key typically never changed meant that the hacker could gather lots of sample authentication attempts, making it easier to find the key.
Because of the problems with WEP, and the fact that the later standards include much better security features, WEP should not be used today.