Proceedings of 2009 IEEE International Conference on Antennas, Propagation and Systems (INAS 2009), 3-5 Dec. 2009, Johor, Malaysia 978-1-4244-5373-3/09/$26.00 ©2009 IEEE 1-6 Wireless Security protocols Wi-Fi (802.11) and WiMAX (802.16) ARASH HABIBI LASHKARI 1 , SAMANEH FARMAND 2 , Ali Bonakdar 3 , ROSLI SALLEH 4 FCSIT, University Malaya (UM), Kuala Lumpur, Malaysia 1 a_habibi_l@hotmail.com, 2 mobina23@gmail.com, 3 alibo9191@gmail.com, 4 Rosli_Salleh@utm.edu.my Abstract— Wireless technology has been gaining rapid popularity for some years. Adaptation of a standard depends on the ease of use and level of security it provides. In this case, contrast between wireless usage and security standards show that the security is not keeping up with the growth paste of end user’s usage. Current wireless technologies in use allow hackers to monitor and even change the integrity of transmitted data. Lack of rigid security standards has caused companies to invest millions on securing their wireless networks. There are three major types of security standards in wireless. In our previous papers which registered in some conferences [1][2][3][4], we explained the structure of WEP, WPA and WPA2 as first, second and third Wi-Fi security protocols and discussed all their versions, vulnerabilities and lacks and improvements. Now, in this paper we try to peruse the weaknesses of WPA2 as the last security protocol in Wi-Fi category and then try to make a whole picture of WiMax as a replacement of previous Wireless security protocols. Keywords— Wireless Security, WEP, WPA, WPA2, 802.11i, 802.11X, WiMAX, 802.16 I. INTRODUCTION With reference to our previous paper in WEP (ICFCC2009 Conference), The 802.11 WLAN standards specify the two lowest layer of the OSI network model which are physical and data link layers. The major goals of IEEE for creating these standards were made different approach to the physical layer, for example different frequencies, different encoding methods, and share the same higher layers. They have succeeded, and the Media Access Control (MAC) layers of the 802.11a, b, and g protocols are considerably identical. At the next higher layer still, all 802.11 WLAN protocols specify the use of the 802.2 protocol for the logical link control (LLC) portion of the data link layer. As you can see in “Figure 1”, in the OSI model of network, such protocols as TCP/IP, IPX, NetBEUI, and AppleTalk, still exist at higher layers. Each layer utilizes the services of the underside layers. “Figure 1” In WLANs, privacy is achieved by data contents protection with encryption. Encryption is optional in 802.11 WLANs, but without it, any other standard wireless device, can read all traffic in network. There have been three major generations of security approaches, which is mentioned below: • WEP (Wired Equivalent Privacy) • WPA (Wi-Fa Protected Access) • WPA2/802.11i (Wi-Fa Protection Access, Version 2) Each of these protocols has two generations named as personal and enterprise template. Figure 1: 802.11 AND OSI MODELL II. WEP STATIC OR PERSONAL The Wired Equivalent Privacy (WEP) was designed to provide the security of a wired LAN by encryption through use of the RC4 algorithm with two side of a data communication. A. In the sender side: WEP try to use from four operations to encrypt the data (plaintext).At first, the secret key used in WEP algorithm is 40- bit long with a 24-bit Initialization Vector (IV) that is concatenated to it for acting as the encryption/decryption key. Secondly, the resulting key acts as the seed for a Pseudo-Random Number Generator (PRNG).Thirdly, the plaintext throw in an integrity algorithm and concatenate by the plaintext again. Fourthly, the result of key sequence and ICV (integrity check value) will go to RC4 algorithm. A final encrypted message is made by attaching the IV in front of the Cipher text. Now in