WLAN - Security Issues and Design

Let’s learn about the cryptographic vulnerabilities and design considerations of WLAN.

WLAN security issues

The most interesting aspect of WLAN security is that some problems have arisen from errors in cryptographic mechanism design, which is relatively unusual. It is far more common for vulnerabilities to arise elsewhere, such as during implementation and key management. However, it would seem that WPA2 addresses all of the previous problems and provides good cryptographic protection. There have been no serious attacks on the cryptography used in WPA or WPA2.

The most vulnerable aspect of WPA2 security remains the potential for the PMK derivation in small (home) networks to rely on a weak password or passphrase. This is an important issue because all the subsequent session keys are derived from this pre-shared key. The mutual entity authentication process relies on PMK only being known by authorized devices and the wireless access point. If this type of key derivation is being used, then all the potential problems with passwords and passphrases apply to WPA2 security. There is also the potential risk that home users will use default keys supplied with their equipment rather than establishing their own.

WLAN design considerations

Get hands-on with 1200+ tech skills courses.