Cryptography standards are related to the following:
We've covered different cryptographic standards pertaining to encryption, hashing, digital signatures, and public key infrastructure in the previous sections. In this section, we'll cover the wireless standards and the Federal standard FIPS-140 for cryptographic modules.
Wireless protocols and services are predominantly governed by IEEE 802.11 standards. These standards are basically for Wireless Local Area Networking (WLAN) for computer communications.
The following are some of the cryptographic standards that are used in WLAN:
Wired Equivalent Privacy (WEP) is an algorithm that uses the stream cipher RC4 encryption standard for confidentiality protection and CRC-32 for integrity assurance. This algorithm is now deprecated as it was breached easily.
Wi-Fi Protected Access (WPA) is a security protocol developed by the Wi-Fi alliance that replaces WEP. This protocol implements majority of the advanced requirements in IEEE802.11i standard released in 2004. WPA is backward compatible with WEP.
WPA2 is an advanced protocol certified by the Wi-Fi alliance. This protocol fulfills the mandatory requirements of IEE 822.11i standard, and it uses the AES algorithm for encryption.
Wi-Fi implementations are based on IEEE standards, an international organization known as, Wi-Fi alliance promotes Wi-Fi standards.
Wi-Fi alliance is a non-profit organization that supports IEEE wireless standards. Here is the information about the Wi-Fi alliance as published on their website.
The Wi-Fi Alliance is a global, non-profit industry association of more than 300 member companies devoted to promoting the growth of Wireless Local Area Networks (WLANs). With the aim of enhancing the user experience for wireless portable, mobile, and home entertainment devices, the Wi-Fi Alliance's testing and certification programs help ensure the interoperability of WLAN products based on the IEEE 802.11 specification.
Bluetooth is a wireless protocol for short-range communications of fixed or portable computers and mobile devices. It uses 2.4GHz short-range radio frequency bandwidth for communication between mobile devices, computers, printers, GPS and more. Bluetooth uses custom block ciphers for confidentiality and authentication.
We'll cover one of the most important federal standards, titled Security Requirements for Cryptographic Modules, FIPS-140 series, in the this section.
As per the published information, the Federal Information Processing Standards Publication Series of the National Institute of Standards and Technology (NIST) is the official series of publications relating to standards and guidelines, adopted and promulgated under the provisions of Section 111(d) of the Federal Property and Administrative Services Act of 1949, as amended by the Computer Security Act of 1987, Public Law 100-235. These mandates have given the Secretary of Commerce and NIST important responsibilities for improving the utilization and management of computer and related telecommunications systems in the Federal Government. NIST, through its Computer Systems Laboratory, provides leadership, technical guidance, and coordination of government efforts in the development of standards and guidelines in these areas.
The core structure of FIPS140 recommends four security levels for cryptographic modules that protect sensitive information in federal systems, such as computer and telecommunication systems that include voice systems as well. These levels are qualitative in increasing order-level 1 being the lowest and level 4 the highest.
The following are brief descriptions of the FIPS140 levels: