5. Wifi Protected Access (WPA)

Question 1

What type of authentication did WPA use?

Answer 1

WPA uses PSK Authentication (Pre-shared key) which was a 256 bit key.

Encryption was RC4 with TKIP

Question 2

What encryption and authentication does WPA2 use?

Answer 2

WPA2 also uses WPA uses PSK Authentication (Pre-shared key) which was a 256 bit key.

Encryption is Advanced Encryption Standard. AES encryption (which replaced RC4)

Question 3

What authentication and encryption did WPA Enterprise have?

Question 4

What authentication and encryption does WPA2 Enterprise have?

Answer 4

Encryption is AES and CCMP

Authentication is Enterprise authentication protocol 801x and EAP / PEAP
means each user have individual log in and password to access the LAN.

Question 5

In the authentication process what is the mobile device trying to connect known as?

Answer 5

The supplicant (which is actually part of the devices software that helps it connect)

Question 6

In authentication processes what is the router reffered to as?

Answer 6

The authenticater

Question 7

How does WPA authentication occur? (It’s the same for WPA and WPA2)

Answer 7

Use Extensible Authentication Protol Over LAn (EAPOL)

Four-Way Handshake between the device and the access point (before data is sent). described below.

Initially both the device and the router will generate a Master Key using the Password & Network Identity (SSID)

Each device (access point and the connecting dvice) generates a Pairwise Master Key (PMK) and also Randomly generated Number (Nonce). PMK is 256 bits long. They send these to each other.

The access point sends the ANonce to the connecting device.

The connecting device sends the SNonce back, also with a PTK (Pairwise Transient Key) (Pand MIC (Message Integrity Code) to the access point.
4 EAPOL packets are sent as part of the authentication process (reffered to as the 4 way handshake.) This handshake process is used to generate the encryption keys.

Session Key Generated

Client Creates Checksum based on the session key and sends a group session key

Checksum Confirmed by Access Point

Session Key Installed

4

Question 8

Describe the PMK (Pairwise Master Key Process)

Answer 8

the Pairwisse Master Key (PMK)

• created using a password that is 8 to 63 characters long along with the SSID.
• The PMK is known by both the supplicant and the authenticator.
• PMK is never sent over the network
• PMK is not used to encrypt packets
• It is used to generate the PTK (Pairwise Transient Key).
• it is verified by the PBKDF2 (Password Based Key Derivation Function2)

Question 9

What is the PTK (Pairwise Transient Key)?

Answer 9

is a unique encryption key generated for each wireless client device (supplicant) connected to the network. It is used to encrypt and decrypt data between a specific client device and the wireless access point (router).

Question 10

How is the PTK (Pairwise Transient Key) generated?

Answer 10

The PTK is derived from four components2:

Pairwise Master Key (PMK): A shared secret key preconfigured on both the wireless access point and the client devices. It serves as the initial key for generating the PTK.

ANonce (Access Point Nonce): A random number generated by the access point to ensure each PTK is unique.

SNonce (Supplicant Nonce): A random number generated by the client device, also used to ensure uniqueness.

MAC Addresses: The MAC addresses of both the access point and the client device are used as additional inputs in the key generation process.

By combining these components and running them through a cryptographic algorithm, the PTK is generated.