SUBSCRIBE HERE TO GET POST UPDATES VIA EMAIL :

Delivered by FeedBurner

Different protocols in Wireless Security & Web Security

We have discussed about WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access) and WPA2 (Wi-Fi Protected Access) in our last article. This all are the protocols or we can say standard which have been used to secure wireless connections between clients and access points. Let’s move in details discussion for same.

Wireless_Security_Protocols



1. WEP (Wired Equivalent Privacy): WEP is provide facility of confidentiality in wireless network. Basic feature of WEP is it follows IEEE 802.11 standard. First version of the WEP is launch in 1999. In WEP, encrypted information will be protect wireless vulnerability between client and access points. Key scheduling algorithm and RC4 stream encryption have been followed here. It means information will be passed in one key to overall network so anybody can crack it in few minutes with freely available software. Thus, unauthorized activity can be taken place in minimum amount of time. This is the main drawback of WEP so if high security is required in application then user will not prefer WEP as more secure method is already available. Another thing is, WEP is very difficult to configure. But still It can be used in Wireless local area network (WLAN). Even End to End encryption have been done in WEP so we can also use same in Virtual private network (VPN). After Authentication, Privacy have been provided by WEP.

2. WPA (Wi-Fi Protected Access): WPA is basically designed to overcome a problem which have been faced in WEP. WEP is not giving security assurance but WPA is developed in the way that it can provide more security than WEP. Temporal Key Integrity Protocol (TKIP) is the main algorithm which have been used in WPA. TKIP wrappers WEP. TKIP wraps extra code in beginning and at the End, it encapsulate the code and modify the same. TKIP encrypts each data packet with unique encrypted key. Thus, it gives assurance that data will remain protected by using TKIP algorithm. WPA is developed in 2003. If more devices have been connected through WPA then its security assurance will be degraded so WPA2 is came to the picture.

3. WPA2 (Wi-Fi Protected Access 2): This is used to secure Wi-Fi. There are some changes between WPA and WAP2. As we have seen in WPA, TKIP (Temporal Key Integrity Protocol) is used as algorithm but in WPA2, CCMP (Counter Cipher Mode with Block Chaining Message Authentication Code Protocol) algorithm is used. TKIP is replaced by CCMP. WPA2 is combination of CCMP and AES (Advance Encrypted standard). Performance of WPA2 is more effective than WPA. WPA2 is developed in 2006. CCMP have 128 bit keys and 48 bit initialization vector. Counter Cipher mode is provided best data privacy in WPA2. CCMP gives data integrity and authentication. Thus, WPA2 is more effective than its predecessor. Due to this all facility WPA2 needed more power in compare to WPA and WEP. WPA2 is the strongest encryption technique so in most of the company this can be used.
Now we will see the web security protocols. There are different kind of web security protocols are present as below.

Web_Security_Protocols

4. Internet Key Exchange (IKE): In IKE, two encrypted keys are passed through different communication channel with use of IPsec protocol. Distributing encrypted key is not an easy task when IPsec is using clear text algorithm for communicating between two channels. Before sending encrypted keys none of the host have any idea about the same and here clear text have been used so wrong person can easily identify the keys. Thus, Internet Key Exchange is using state of art key exchange algorithm which is used to meet the challenge of security key in distributed embedded system. This protocol works with IPv4 and IPv6.

5. SSL (Secure Socket Layer): For safe communication between two hosts, this protocol is used. It was founded by Netscape for securing the products. SSL can be used with HTTP and used to secure web servers browsers plus all kind of internet security communications. SSL mainly known for secure authentication, privacy, non-repudiation and Integrity for client and server as well as for Interfaces of internet applications. SSL is portable and easy to use and it is already added in all browsers.

6. HTTPS (Hyper Text Transfer Protocol): HTTPS is invented due lake of security in HTTP. HTTPS introduce SSL (Secure Socket Layer) for communication between the web server and browser. HTTPS removes the risk of security threats. HTTPS integrates embedded web servers with browsers and dedicated devices and term of memory consumption, performance and security.

No comments:

Post a Comment