Wireless communications are becoming ubiquitous in homes, offices, and enterprises
with the popular IEEE 802.11 wireless LAN technology and the up-andcoming
IEEE 802.16 wireless MAN technology. The wireless nature of communications
defined in these standards makes it possible for an attacker to snoop on
confidential communications or modify them to gain access to home or enterprise
networks much more easily than with wired networks.
The 802.11 and 802.16 standards considered wired equivalency and secure
access as important in the original design itself. Unfortunately, efficiency considerations
seem to have sidelined security as a “nice-to-have” component, whereas a
“must implement cautiously” specification would have been more appropriate considering
the potential threats. To be sure, strong security seems sometimes overly
burdensome in terms of both computational as well communication overhead.
Wireless devices generally try to reduce computation overhead to conserve
power and communication overhead to conserve spectrum and battery power. Due to
these considerations, the original security designs in wireless LANs and MANs used
smaller keys, weak message integrity protocols, weak or one-way authentication
protocols, and so forth. As wireless networks became popular, the security threats
were also highlighted to caution users. A security protocol redesign followed first
in wireless LANs and then in wireless MANs.
This book discusses the security threats and requirements in wireless LANs
and wireless MANs, with a discussion on what the original designs missed and how
they were corrected in the new protocols. It highlights the features of the current
wireless LAN and MAN security protocols and explains the caveats and discusses