Compaq 470012-741 - Armada 110 - Celeron 700 MHz Manual page 20

Wireless Security White Paper
Code Division Multiple Access (CDMA) and Time Division Multiple Access (TDMA) use the
Cellular Message Encryption Algorithm (CMEA) specified by the Telecommunications Industry
Association (TIA).
The encryption techniques used by WWANs have proven to be effective but not infallible. Both
GSM and CMEA algorithms have reportedly been cracked. However, their effectiveness lies in
making prohibitively expensive the monitoring and interception of random or bulk transmissions
over a WWAN.
Besides encryption, the IS-95 standard of CDMA uses a transmission technique called "spread
spectrum" that was developed by the military with a view to making interception more difficult.
Spread spectrum deliberately varies the frequency of the transmitted signal, resulting in a much
greater bandwidth than the signal would otherwise have. (Conventional wireless signals do not
change frequency except for small, rapid fluctuations that occur as a result of modulation.)
Wireless Access Protocol
The Wireless Access Protocol (WAP) is designed specifically for the mobile environment.
Wireless Transport Layer Security (WTLS) is the security level for WAP applications. WTLS is
based on Transport Layer Security (TLS), a security layer used on the Internet and equivalent to
Secure Socket Layer (SSL)
WTLS was developed to solve problems specific to mobile network devices, including their
limited processing power, memory capacity, and bandwidth. WTLS is designed to provide
adequate authentication, data integrity, and privacy protection. WTLS offers three classes of
authentication:
•
Class 1 authentication is anonymous, meaning neither party to the link is authenticated;
•
Class 2 authentication authenticates only the server;
•
Class 3 authentication requires both client and server to authenticate themselves by means of
a signed digital certificate.
Version 1.1 of WAP used WTLS server certificates to authenticate a WTLS server to a WTLS
client, and to provide a basis for generating a key with which to encrypt a session between the
server and client. WAP 1.2 adds support for WTLS client certificates, which authenticate a
WTLS client to a WTLS server. WAP 1.2 also adds a function that allows a WAP client to
digitally sign a transaction, thus providing for non-repudiation. WAP 2.0 was released in June
2001 and adds support for Wireless Public Key Infrastructure (WPKI) by describing methods for
the secure download of digital certificates. WAP 2.0 is based on standard Internet TLS, and
designed so as to eliminate the "WAP gap." (See below for more on WAP 2.0.)
20