Technical information
Network Security White Paper ver. G.1.2
Page 30 of 72
2. Other Network Services
The previous section dealt mainly with physical port based network services. This section will describe
security related information for network services not based on physical ports.
2-1 Wireless LAN
2-1-1 Overview
WLAN utilizes spread spectrum technology based on radio waves to enable communication between
devices in a limited area. This gives users the mobility to move around within a broad coverage area and
still be connected to the network. The absence of cables leaves transmissions extremely susceptible to
interception. For this reason a variety of security precautions have been incorporated into WLAN
specifications.
2-1-2 SSID Only
All data is sent as clear text without any authentication or integrity checking. As wireless data is available
to anyone within range, unencrypted data is extremely susceptible to tampering and theft.
2-1-3 WEP
‘WEP’ (Wired Equivalent Privacy) is a security standard settled on by IEEE, and adopted as IEEE802.11.
Using WEP, data can be encrypted with a shared key (RC4). Access to the network is based on a WEP
key configured on the client’s computer and the access points. Although WEP provides a degree of
security, it does have vulnerabilities. ‘WPA’ was created to overcome the vulnerabilities in WEP which
supports the products.
2-1-4 WPA
‘WPA’ (WiFi Protected Access) is a subset of IEEE802.11i. It utilizes a key exchange system to
constantly change the shared key. This re-keying can be done using either TKIP or CCMP. However,
support for WPA2 is required for CCMP. TKIP uses RC4 as an encryption algorithm and is intended for
use with legacy systems that do not yet support CCMP. In addition to providing key exchange, CCMP
uses the AES encryption algorithm which is a stronger than RC4.
WPA
Encryption Method WEP
TKIP CCMP
Encryption Algorithm RC4 RC4 AES
Shared Key Size 40/104 bit
104 bit 128 bit
Key Exchange / Refresh
No / No Yes / Yes