Technology
|
Max Tranmission Speed
|
Security
|
Availability of "cracking" tools
|
Advantages
|
Disadvantages
|
802.11a
|
54 Mbps
|
WEP-152, Static passwords, some implementations
add 802.11x security capabilities into 11a
|
Some freeware, Some commerical
|
Faster tranmission speed than 802.11b
|
Latency is much greater than wired networks.
Security can be circumvented with some skill.
|
802.11b
|
11 Mbps
|
WEP-40-128, Static passwords
|
Mainstream, trivial to circumvent security.
40-bit or 128-bit encryption makes no difference to cracking time.
|
Availability of equipment, cost
|
Latency is much greater than wired networks.
Security is absolutely trival to compromise, and hackers are well versed at
cracking these networks.
|
802.11g
|
54 Mbps
|
WEP, Static passwords
|
Same as 802.11b - mainstream
|
Backwards compatible with 802.11b
|
Latency is much greater than wired networks.
Security can be easily circumvented.
|
802.1X w/ LEAP & TKIP & MIC
|
Authentication framework that can be used with
other 802.11 implementations
|
RC4, per user per packet dynamic keying, user
authentication, mutual authentication of client and server via username/password
challeng/response, strong message integrity checks
|
Theoretical IV collision if base key is not
rotated. 802.1x/EAP allows the base key to be rotated on a policy defined
interval. No known encryption attacks. LEAP brute-force tool recently released.
|
Good levels of security.
|
Latency is much greater than wired networks.
Cisco specific authentication solution. Must be supported by 3rd parties
on server side (Radius) and client side (OS drivers).
|
802.1X w/ EAP-TLS & TKIP & MIC
|
Authentication framework that can be used with
other 802.11 implementations
|
RC4, per user per packet dynamic keying, user
authentication, mutual authentication of client and server via certificates,
strong message integrity checks
|
Theoretical IV collision if base key is not
rotated. 802.1x/EAP allows the base key to be rotated on a policy defined
interval. No known encryption attacks.
|
Good levels of security.
|
Latency is much greater than wired networks.
Client workstations must support 802.1x/EAP. Clients must have certificates.
|
802.1X w/ PEAP & TKIP & MIC
|
Authentication framework that can be used with
other 802.11 implementations
|
RC4, per user per packet dynamic keying, user
authentication, hybrid mutual authentication of client and server, strong
message integrity checks
|
Theoretical IV collision if base key is not
rotated. 802.1x/EAP allows the base key to be rotated on a policy defined
interval. No known encryption attacks.
|
Good levels of security.
|
Latency is much greater than wired networks.
Client workstations must support 802.1x/EAP. Servers (Radius) must have certificates.
Access Point and client OS support in Fall (August) 2002. Initial support
via vendor OS EAP implementations
|
802.11i - (802.1x & EAP & AES)
|
Proposed standard yet to be adopted across
all IEEE wireless media (802.11a,b,g)
|
AES encryption, stronger mutual authentication
|
Proposed standard yet to be adopted
|
Good levels of security.
|
Latency is much greater than wired networks.
Proposed standard yet to be adopted.
|
BlueTooth
|
1 Mbps
|
Very poor.
|
N/A
|
N/A
|
Does not have the bandwidth to handle serious
network application demands (slow). Also fairly insecure.
|
HiperLAN
|
54 Mbps
|
Public key cryptography, others
|
N/A
|
Relatively fast.
|
Latency is much greater than wired networks.
European Standard, not mainstream. Expensive.
|
HomeRF SWAP
|
2 Mbps
|
N/A
|
N/A
|
N/A
|
Latency is much greater than wired networks.
Designed for home use only. Relatively slow.
|
Reline Communications
(Pre-standard 802.16)
|
72Mbps
|
64-bit proprietary
|
None Known
|
Very fast transmission speed. 5.8GHz
range (less interferance)
|
Proprietary encryption. Bridging only
- no client support
|
![[http://www.securitystats.com]](/pics/ads/secstats.gif)