802.11 Wireless Networks: The Definitive Guide, 2nd Edition by Matthew S. Gast

In wireless networks, the word “broadcast” takes on an entirely new meaning. Wireless networks rely on an open medium, and the risk of using them is greatly increased if no cryptographic protection can be applied on the air link. With an open network medium, unprotected traffic can be seen by anybody with the right equipment. In the case of wireless LANs, the “right equipment” is a radio capable of receiving and decoding 802.11, which is hardly an expensive purchase. For extra eavesdropping power, a high-gain external antenna may be used. Antennas are inexpensive enough that you must assume that a determined attacher has purchased one.

Guarding against traffic interception is the domain of cryptographic protocols. As frames fly through the air, they must be protected against harm. Protection takes many forms, but the two most commonly cited informal objectives are maintaining the secrecy of network data and ensuring it has not been tampered with. Initially, the Wired Equivalent Privacy (WEP) standard was the answer for wireless security. In the first four years of 802.11’s life, researchers built a strong case for the insecurity of WEP.

If WEP is so bad, why bother with it? In many cases, it is the only security protocol available on a particular device. WEP’s design is easy to implement. Though it lacks the sophistication of later cryptographic protocols, it does ...