Wireless communication is becoming increasingly popular in today's mobile society. A wide variety of devices are now prefabricated with hardware and software for providing wireless communication and increasingly more businesses and governments are offering these devices and wireless network access.
Yet, wireless networking also exacerbates many security and privacy issues which have been traditionally problematic for wired networks. This is so, because any nefarious entity (intruder) with a receiver and/or transmitter can “sniff” or detect a wireless network out of the air and potentially penetrate it or acquire its data. Conversely, with wired networks an intruder would have to tap or have access to the network wire in some manner in order to detect and penetrate the wired network. Wireless vulnerability may be further compounded by any entity equipped with a high-gain antenna; such that the entity may be miles away from what is considered a useful radiation sphere of the wireless network and the entity may still be capable of becoming an unwanted participant within that network.
Additionally, even when a wireless user is not concerned with privacy, the issue of network utilization should still be considered by the user when wireless communication is used. For example, an intruder may not just be stealing bandwidth from a wireless connection for purposes of accessing the Internet, but that intruder may also be accessing the Internet for illegal or illicit purposes. The intruder may be committing crimes over the stolen network connection or may be utilizing the network connection for purposes of injecting spam (unsolicited electronic mail) or acquiring adult material. Moreover, easy access to a wireless user's wireless network for purposes of stealing a network connection also places other resources of the user at risk of being hacked or being infected with viruses.
To date, wireless networking vulnerabilities have been addressed in large part through data encryption. The most popular wireless encryption technique is referred to as Wired Equivalent Privacy (WEP). The main drawbacks associated with WEP and other symmetric key encryption techniques are that mutually known keys have to be possessed by each device which is communicating wirelessly within the network. Furthermore, the mutual keys are manually provided to and manually configured within each device of the wireless network. Thus, if a key changes in one device, then that device can no longer communicate with its neighbor until its neighbor is manually configured with the changed key.
Also, the more traffic a wireless network encrypts without having changed its keys, the more likely it becomes that an intruder may be capable of breaking the key. Stated another way, the risk that wireless encryption keys may be broken increases as time elapses and as more data is processed with the stale keys. Given enough time and/or enough data, a persistent intruder can break an encryption key.
Therefore, more secure and trusted key distribution techniques are needed for networked environments.