S 2.388 Appropriate key management for WLAN

Initiation responsibility: Head of IT, IT Security Officer

Implementation responsibility: Administrator

The use of cryptographic security mechanisms requires the confidential, integral and authentic generation, distribution, and installation of suitable keys (see also S 2.46 Appropriate key management). When using WEP and WPA-PSK or WPA2-PSK, the security of the WLAN depends primarily on the selection of suitable WLAN keys that have not been compromised. For this reason, a suitable method for key management must be selected which fits the existing cryptographic mechanisms. In this case, we differentiate between two types of key management: static (manual) and dynamic key management.

WEP

In WEP, only a single, static key is used, i.e. the same WEP key must be entered in every WLAN component in a network. Furthermore, WEP has no provisions for dynamic key management, and so the keys need to be administered manually. Since WEP keys can be compromised in a very short amount of time, WEP should not be used any more. However, if it is necessary for some reason to use WEP, then the keys must be changed regularly by hand (at least once per day).

WPA / WPA2 with TKIP or CCMP

WPA uses TKIP, which permits the use of dynamic cryptographic keys instead of just the static keys permitted by WEP. In IEEE 802.11i (WPA2), CCMP is also used as the cryptographic method for ensuring data integrity and for encrypting the user data.

TKIP and CCMP are symmetric methods, which means all communication partners must have a shared key configured. This key is referred to as the Pairwise Master Key (PMK). The Pairwise Master Key (PMK) can be sent to the participating WLAN components in one of two ways:

• Static keys: The PMK can be configured manually (similar to WEP) as a static key, referred to as a pre-shared key (PSK), on access points and clients. It is usually possible to specify the shared, secret key using passwords. These passwords are used to calculate the PMK using hash functions. If such a PSK is not complex enough (in terms of the length of the key and the randomness of the characters), then it is vulnerable to dictionary attacks. For this reason, these passwords should be highly complex and have a length of at least 20 characters. Once a WLAN reaches a certain size, it becomes much more difficult to roll out a new key.
  
  It is possible to use PSK in combination with WPA or WPA2. If WPA-PSK or WPA2-PSK will be used, then it is recommended to change the key every three to six months to protect communications and for authentication purposes.
• Dynamic keys: Dynamic key administration and distribution offers a mechanism with a higher level of security which ensures that a new key (PMK) is provided regularly, and especially after a WLAN client has successfully provided authentication on the access point. To achieve key administration and distribution, IEEE 802.11i falls back on another standard, the IEEE 802.1X standard. This standard was designed for port-based network access control in cable-based networks. The basic idea in IEEE 802.1X is that a network port is only activated when the user has successfully provided authentication for the network. Authentication is therefore performed in Layer 2. In order for such a procedure to function at all, IEEE 802.1X specifies an interface between the client, the network element and an authentication system. This interface is based on the Extensible Authentication Protocol (EAP) and the adaptation of this protocol for transmission in Layer 2 in a LAN (referred to as EAP over LAN or EAPOL). This means the specification of a function for key administration and distribution go hand-in-hand.

In general, the keys of all WLAN components should be changed at regular intervals, but at least once every 3 months. In large installations, the central WLAN management solution should contain a suitable function for this purpose to keep the amount of work necessary to a minimum.

The changing of the key information should be tested specifically on all WLAN components during the planning phase so that any possible problems with changing the keys are detected early.

Review questions:

• Are the passwords/keys of all WLAN components changed at regular intervals (at least every three months)?
• Is changing the passwords/keys tested in advance on the WLAN components?
• Is a central solution for the WLAN management available to minimise the amount of work and improve the traceability?