Library
Back to reading

14.8.9 How Are Wireless Networks Kept Secure?

  1. Why Does Wi-Fi Require Stronger Security Than Ethernet?
  2. What Are the Main Objectives of Wi-Fi Security?
  3. Why Was WEP Replaced?
  4. What Is WPA2?
  5. What Improvements Does WPA3 Provide?
  6. What Is Simultaneous Authentication of Equals (SAE)?
  7. How Is Information Protected After Authentication?
  8. How Are Enterprise Wi-Fi Networks Secured?
  9. Are Public Wi-Fi Networks Secure?
  10. What Is Wi-Fi Easy Connect?
  11. Can Wireless Networks Be Completely Secure?
  12. Will Wi-Fi Security Continue to Evolve?
  13. What Should You Remember?

Short Answer

Unlike wired Ethernet networks, where an attacker usually requires physical access to a cable, wireless LAN transmissions can be received by anyone within radio range. Wireless networks therefore require mechanisms to authenticate users, encrypt transmitted information, verify data integrity, and prevent unauthorized access. Modern Wi-Fi networks achieve these objectives using security standards such as WPA2 and WPA3, together with strong encryption, secure authentication protocols, and centralized access control for enterprise networks.

Why Does Wi-Fi Require Stronger Security Than Ethernet?

Signals transmitted over Ethernet remain confined to physical cables.

Wireless signals, however, propagate through the surrounding environment and often extend well beyond the walls of a building. Anyone within radio range may be able to detect these transmissions. Without appropriate security, an attacker could potentially:

For this reason, security has always been a fundamental requirement of wireless networking.

What Are the Main Objectives of Wi-Fi Security?

Wireless security aims to provide four principal functions:

Together, these mechanisms allow users to communicate securely even though the radio signals themselves are publicly accessible.

Why Was WEP Replaced?

The original IEEE 802.11 standard employed Wired Equivalent Privacy (WEP).

Its objective was to provide a level of security comparable to that of a wired Ethernet network. Unfortunately, weaknesses in its encryption algorithm and key management allowed attackers to recover encryption keys using relatively small amounts of captured traffic. As computing power increased, these attacks became increasingly practical.

Today, WEP is considered obsolete and should no longer be used.

What Is WPA2?

Wi-Fi Protected Access 2 (WPA2) replaced WEP as the principal wireless security standard.

WPA2 introduced several major improvements, including:

WPA2 employs the Advanced Encryption Standard (AES) using the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), providing a level of security suitable for most home and business networks.

What Improvements Does WPA3 Provide?

WPA3 builds upon the strengths of WPA2 while addressing several known weaknesses.

Important improvements include:

These improvements make WPA3 the preferred security standard for new wireless installations.

What Is Simultaneous Authentication of Equals (SAE)?

One of the most significant improvements introduced by WPA3 is Simultaneous Authentication of Equals (SAE).

Traditional WPA2-Personal networks relied upon a pre-shared password during the authentication process. If an attacker captured the authentication exchange, it could potentially be analysed offline using automated password-guessing techniques. SAE replaces this approach with a secure password-authenticated key exchange.

Each password attempt requires interaction with the access point, making large-scale offline dictionary attacks far more difficult.

How Is Information Protected After Authentication?

Once a user has been successfully authenticated, all subsequent wireless traffic is encrypted.

Encryption converts the transmitted information into an unintelligible form that can be interpreted only by authorized devices possessing the correct cryptographic keys. Even if an attacker intercepts the radio transmission, the information remains unreadable without those keys.

Encryption therefore provides confidentiality while users communicate over the shared wireless medium.

How Are Enterprise Wi-Fi Networks Secured?

Large organizations usually require stronger security than a single shared password can provide.

Enterprise wireless networks commonly employ the IEEE 802.1X authentication framework. Instead of sharing one password among all users, each individual authenticates using personal credentials through a centralized authentication server. This approach offers several advantages:

Enterprise authentication therefore provides much stronger security than pre-shared passwords.

Are Public Wi-Fi Networks Secure?

Public Wi-Fi hotspots present additional security challenges because they are often accessible without a password.

Traditionally, information transmitted over these networks was unencrypted unless applications themselves provided encryption. Modern wireless networks increasingly employ Opportunistic Wireless Encryption (OWE), which encrypts traffic between each user and the access point even when no password is required.

Many Internet applications also employ Transport Layer Security (TLS), ensuring that web browsing, online banking, and electronic commerce remain encrypted regardless of the underlying Wi-Fi network.

What Is Wi-Fi Easy Connect?

Many modern electronic devices have limited displays or keyboards, making long passwords difficult to enter.

Wi-Fi Easy Connect simplifies secure network configuration by allowing devices to join a WLAN using methods such as:

This simplifies installation while maintaining strong security.

Can Wireless Networks Be Completely Secure?

No communication system can ever be completely immune to attack.

However, modern WLAN security standards make unauthorized access extremely difficult when networks are configured correctly.

Good security practice includes:

Security therefore depends on both the technology and the way it is managed.

Will Wi-Fi Security Continue to Evolve?

Almost certainly.

As computing power increases and new threats emerge, wireless security standards will continue to improve.

Future developments are expected to include:

Wireless security will remain an active area of development throughout the lifetime of Wi-Fi technology.

What Should You Remember?

Back to reading

Return to Chapter 14 FAQ 14.8.9