Corporate wireless LAN security 4.2802.Ili With the failure of 802.1Ib WEP security, one of the newest technologies was developed the 802.1li, which adds protection using more secure keys and encryption. On June 24, 2004, the IEEE approved 802. 1li security standard for use in WLANS (Dulaney et aL., 2004). However, even though 802 1 li has been approved for use, it has not been released to the public yet. Hardware and software are currently being made and eleased to the public in anticipation of its release The 802. 1li standard uses one of two different security protocols: the"Counter Mode ith Cipher Block Chaining Message Authentication Code Protocol(CCMP)" and the "Temporary Key Integrity Protocol (TKIP). CCMP is the main method used for protecting wI ckets in the 802.1 li standard. One is that ccmp al ways has to be active, and this means protection will always be enabled even if the user does not know how to operate it or how it works. The CCMP uses a variation of the Advanced Encryption Standard (AES)encryption algorithm, which is a very secure and nearly impenetrable method. Protection begins by using a 128-bit key, and the packet is encrypted with this key. Not only is the message data encrypted, but the source destination and other data are encrypted as well. Since all this data is encrypted, a hacker cannot spoof a packet because he/she does not even know where to send the packet. Another important feature of CCMP is that a key does not need to be included in the packet. One fallback of WEP is that a portion of the key is included in the packet. This resulted in more packets being sent than were needed; and with each extra packet,a hacker has a higher chance of cracking the key. With CCMP, 802. 1li is secure against all known hacking attacks and will insure near flawless security protection. The only problem with CCMP is that it uses all new technology, which means that new hardware and software will have to be created and purchased for this method to work. Nonetheless it is a necessary step to ensure security protection in wireless networks. bela t he other encryption method used with the 802. 1li protocol is TKIP, and it is eficial because it was designed as a wrapper around the old WEP protocol. Compared with CCMP protocol where it is necessary to buy new hardware, old hardware and software that use WEP can be reused to comply with TKIP. The TKIP works similar to CCMP, except that it uses two more keys to encrypt the data and headers of the packet, and it includes the keys in the packet. Each packet is initially encrypted with a changing 64-bit encryption key, and then the packet is sent through a process and is encrypted by another 64-bit intermediate key. These keys encrypt the header and data of each packet and since these keys change with every packet, it is necessary to add these keys to the packet. Finally, the final 128-bit encryption key is used to encrypt the entire packet including the 64-bit keys. The entire TKIP encryption method works just as well as the CCMP, and both of these methods are part of the 802. 1li standard 4.3 Wi-Fi Protected Access ( WPA) Since 802. 1li requires new hardware and software, there is going to be a long crossover period where firms need to buy equipment to support the new technology. WPA was developed by the Wi-Fi Alliance as an interim technology to support wireless security until 802. 1li is released. WPA is not a protocol like 802.1l1, TKIP or CCMP. "lIt] is a specification of standards-based, interoperable security enhancements, which strongly increase the level of data protection(encryption) and access control (authentication)Corporate wireless LAN security 273 4.2 802.11i With the failure of 802.11b WEP security, one of the newest technologies was developed – the 802.11i, which adds protection using more secure keys and encryption. On June 24, 2004, the IEEE approved 802.11i security standard for use in WLANs (Dulaney et al., 2004). However, even though 802.11i has been approved for use, it has not been released to the public yet. Hardware and software are currently being made and released to the public in anticipation of its release. The 802.11i standard uses one of two different security protocols: the ‘Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)’ and the ‘Temporary Key Integrity Protocol (TKIP)’. CCMP is the main method used for protecting wireless packets in the 802.11i standard. One great feature is that CCMP always has to be active, and this means protection will always be enabled even if the user does not know how to operate it or how it works. The CCMP uses a variation of the Advanced Encryption Standard (AES) encryption algorithm, which is a very secure and nearly impenetrable method. Protection begins by using a 128-bit key, and the packet is encrypted with this key. Not only is the message data encrypted, but the source, destination and other data are encrypted as well. Since all this data is encrypted, a hacker cannot spoof a packet because he/she does not even know where to send the packet. Another important feature of CCMP is that a key does not need to be included in the packet. One fallback of WEP is that a portion of the key is included in the packet. This resulted in more packets being sent than were needed; and with each extra packet, a hacker has a higher chance of cracking the key. With CCMP, 802.11i is secure against all known hacking attacks and will insure near flawless security protection. The only problem with CCMP is that it uses all new technology, which means that new hardware and software will have to be created and purchased for this method to work. Nonetheless, it is a necessary step to ensure security protection in wireless networks. The other encryption method used with the 802.11i protocol is TKIP, and it is beneficial because it was designed as a wrapper around the old WEP protocol. Compared with CCMP protocol where it is necessary to buy new hardware, old hardware and software that use WEP can be reused to comply with TKIP. The TKIP works similar to CCMP, except that it uses two more keys to encrypt the data and headers of the packet, and it includes the keys in the packet. Each packet is initially encrypted with a changing 64-bit encryption key, and then the packet is sent through a process and is encrypted by another 64-bit intermediate key. These keys encrypt the header and data of each packet, and since these keys change with every packet, it is necessary to add these keys to the packet. Finally, the final 128-bit encryption key is used to encrypt the entire packet including the 64-bit keys. The entire TKIP encryption method works just as well as the CCMP, and both of these methods are part of the 802.11i standard. 4.3 Wi-Fi Protected Access (WPA) Since 802.11i requires new hardware and software, there is going to be a long crossover period where firms need to buy equipment to support the new technology. WPA was developed by the Wi-Fi Alliance as an interim technology to support wireless security until 802.11i is released. WPA is not a protocol like 802.11i, TKIP or CCMP. “[It] is a specification of standards-based, interoperable security enhancements, which strongly increase the level of data protection (encryption) and access control (authentication)