With the change in time and 128 bit key not strong

This preview shows page 9 - 12 out of 23 pages.

With the change in time and 128-bit key not strong enough for different threats, Wi-Fi Protected Access 2 (WPA2) was introduced. WPA comes with two different kinds of encryptions: TKIP and Advanced Encryption Standard (AES). AES is an advanced encryption algorithm that uses the same key to encrypt and decrypt data. After discovery of vulnerabilities with TKIP, users have started using AES instead. Based on sharing of keys there are two version of WPA2: personal and enterprise. In the personal version of WPA2, intended for home use, users join the 9
Cybersecurity Incident Report network using a passphrase or a pre-shared key. The passphrase should be 8 to 63 characters long for the device to produce strong encryption keys. The advantage of using the personal version of WPA2 is that all users can use the same key which would be less cumbersome in a small group of users. Using pre-shared keys is the best choice for wireless authentication within an organization. If employee leaves, the passphrase would have to change for everybody. To prevent that, organizations should use enterprise version of WPA2. In enterprise version every user has their own user credentials. Enterprise version uses a server and a database to manage client authentication and key management. There are also disadvantages of using WPA2. It requires additional hardware for enterprise setup and the setup is not lean. Another disadvantage of WPA2 is since it uses AES which requires more computational power to encrypt and decrypt data. This directly translates to more hardware or there will be network performance issues. In WPA2, the use of pre-shared keys is Federal Information Processing Standard (FIPS) 140-2 validated. FIPS 140-2 is a publication issued by National Institute of Standards and Technology (NIST) that define the Federal government standards for protecting unclassified sensitive information (“Should You Require FIPS 140-2?”, n.d.). For a device to be FIPS 140-2 validated the device must use FIPS 140-2 compliant encryption algorithm and IEEE 802.1x based authentication. IEEE 802.1x is a set of specifications developed by IEEE for wireless clients (Beal, n.d.). Table 1 . Wireless Protocols Comparative Analysis 10
Cybersecurity Incident Report Protocol Description Pros Cons Bluetooth Low-power consuming, short range small data wireless transfer protocol. Power required to operate is low Simplicity of use Low chances of another device interference. Lower speeds as compared to other wireless protocols Over period of time battery consuming Poor security LTE Generation of mobile wireless communication that provided better network capacity and speed. Faster speed Better coverage than Wi-Fi Better security for sensitive information Affordable Connectivity still limited through certain carriers in certain parts Drains battery over longer periods of use Users needed to buy newer equipment to use this protocol.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture