How Secure Is the Wireless Telcorp Network?

This document addresses security issues of wireless network systems in general, with specific reference to the Wireless Telcorp network.  Since wireless network systems use the “open air” as the medium for data transmission, the basic questions, “Is a Wireless Data/Internet Connection Safe and How Secure is a wireless network?” are frequently asked.

Most of the “wireless” technologies were designed and developed by the military to prevent unauthorized interception of their wireless transmissions. So, it no surprise that security has been a primary design criteria for wireless networks and its devices. Security provisions are typically built into wireless LANs and WANs, making them more secure than most wired LANs. It is extremely difficult for unintended receivers (eavesdroppers) to listen in on wireless network traffic. Complex encryption techniques make it impossible for all but the most sophisticated to gain unauthorized access to network traffic. In general, individual nodes (devices) must be security-enabled before they are allowed to participate in network traffic. One such wireless technology is called Spread Spectrum. To receive data, the recipient must know the parameters of a spread-spectrum signal being broadcast. If not, it appears as noise. There are two ways that spread spectrum can transmit: frequency-hopping spread spectrum technology and direct-sequence spread spectrum technology:

Frequency-hopping spread spectrum technology: (FHSS) uses a narrowband carrier that pseudo-randomly changes frequency in a pattern known to both transmitter and receiver. Properly synchronized, the net effect is to maintain a single logical channel. To an unintended receiver, FHSS appears to be short-duration impulse noise. Security is implicit since you would need to know the frequency transmission pattern to receive the information.

Direct-sequence spread spectrum technology: (DSSS) generates a redundant bit pattern for each bit, or symbol, to be transmitted. This bit pattern is called a chip sequence (or chip code). The longer the chip length, the greater the probability that the original data can be recovered in the presence of noise. Also, the longer the chip length, the greater the bandwidth required. If bits in the chips are damaged by narrowband noise during transmission, statistical techniques embedded in the radio can recover the original data without the need for retransmission. Regarding the security issue, a DSSS signal appears as low-power, wideband noise to narrowband receivers.

Wireless Telcorp utilizes the Frequency Hopping Spread Spectrum Technology within its network.

Wireless networks use electromagnetic airwaves to communicate information from one point to another without relying on any physical connection. Radio waves, or radio carriers, deliver energy to a remote receiver. The data being transmitted is superimposed on the radio carrier so that it can be accurately extracted at the receiving end. Once data is superimposed or modulated onto the radio carrier, the radio signal occupies multiple frequencies.  To extract data, a radio receiver tunes in one radio frequency while rejecting all other frequencies.

In a typical wireless WAN configuration, a transmitter/receiver, called a transceiver, or access point connects the wireless network to the wired network. These transceivers have a standard Ethernet connection and router capabilities. They also control access to the network and load bearing of all the access points on the network. They are programmed to supply seamless roaming, i.e., no interruption between areas covered by access points.  A single access point can support a group of users (remote cells) and can function within a range of less than one hundred to several miles. The access point (or the antenna attached to it) is usually mounted at a height where radio coverage is maximized.

All remote cells associated with a central access point are synchronized with the specific central access point by frequency and clock, in order to transmit and receive data to and from the central cells. This same rule applies for interception – In order for someone to intercept “data” within a network, he/she must be within the coverage area of the central cell and be synchronized with the central cell.  If someone has access to one of the wireless devices, and tries to connect to the network, several levels or safeguards exist to prevent system interception.

First Level:

Frequency Hopping Spread Spectrum

It is difficult to detect the current frequency of a transmission for Frequency Hopping Spread Spectrum of carrier radio wave environment because it is constantly changing usually within milliseconds. Data packets are transmitted over several different frequencies in pieces. Each frequency is only active with a small piece of data for a fraction of a second before the next frequency is used. This process occurs dozens of times per second. There is virtually no way an intruder would be able to intercept the data without constant synchronization with the frequencies.

Second Level:

Network Identifier Sequence

If an intruder did penetrate the first level of security, there is a second level of Security, or password ID, that is pre-configured in the Access Point. Only station adapters (Remotes) configured with the same password ID can synchronize with the Central access point and join the network. The network cannot be “joined” with a wireless station adapter without the password ID. It takes approximately 10 seconds to authenticate a correct password and sequence; thus, the intruder would only be able to try 6 ID’s per minute under ideal circumstances (i.e., no fat finger typing), out of an astronomical number of possibilities.

Third Level:

Proprietary Hopping Patterns

A unique and outstanding security feature of the wireless typology is the ability to set proprietary hopping patterns. In frequency hopping systems, when a station adapter (Remote Router) joins an access point configured with the same password ID, that access point tells the station adapter the number of the hopping pattern used so it can “adjust” itself to the same one and synchronize with the access point. The Hopping Pattern is a list containing frequencies (channels) of operation in the specific order of hopping.

If any of the access points downloaded with a proprietary hopping pattern is stolen, a different pattern can be uploaded into the other units on the network with little or no interruption to work flow. The number of possible patterns uses a key that can vary in size from 40 bits to 128 bits. The government standard key size is 56 bits, or 7,200,000,000,000,000,000 possible combinations. Adding several additional bits increases this number an astronomically. Or, if all the computers in the world attacked a 128-bit key collectively, the sun would burn out before all the combinations were tried.  

Fourth Level:

Firewall

In addition to basic wireless network security, Wireless Telcorp has erected a firewall to keep intruders from the public network, i.e., Internet out of our network. The firewall device is an Application Specific Integrated Circuit design product (ASIC).  Simply, the firewall is a “box” with proprietary software that is programmed into a special “computer chip”.  The firewall examines Internet addresses on packets or specific ports requested on incoming connections to the Network and decide what traffic is allowed. User authentication or Password verification is required to use this device.

This is no fail-safe system security in any network. Anyone willing to invest enough time and resources can penetrate any network, wired or wireless.  Wireless Telcorp provides one of the safest and secure wireless networks in the industry