Lecture 17: WiFi Security and WPA Flashcards
What are the 2 major jobs WiFi security has to do?
- Access control
- Encryption
What was the first standard for securing WiFi communication?
WEP
Wired equivalent privacy
What is WEP?
Designed to prevent unauthorized access to the network
Secure data inflight between the client and the access point
How many bits were WEP keys and what were the 2 parts that formed them?
64 or 128 bit key
Formed of:
- Fixed 40 or 104 bit key that acted as the access control password for the network
- An initialization vector made up the remaining 24 bits
The initialization vector used in WEP was sent in ___ during authentication
clear text
Describe the authentication process of WEP
- Clear text authentication message is sent to the router
- Router responds with an initialization vector and 128 bytes of random data
- Client uses the IV, WEP access password to encrypt the random data and sends it to the router
- Router checks if the encrypted data mathces the expected result
How does WEP handle encryption?
Secret WEP key is combined with an IV from the router to create a key
Key is used with an RC4 stream cipher to enrypt the packet data
Packet is sent to the router where its decypted and then sent to the world wide web
What is the purpose of the RC4 cipher in WEP
Stretches the key out so it can encrypt the entire frame
What are the problems with WEP?
- Doesn’t protect user data from other authenticated users
- RC4 is insecure
- IV is too short
What standard was created to replace WEP?
WPA
WiFi Protected Access
What types of keys were introduced in WPA?
Temporal Key Integrity Protocol (TKIP)
What does temporal key integrity protocol generate a session key from?
- WPA authentication password\
- Client and routers MAC Addresses
- 2 random nonces generated y client and the router
How long is the IV in WEP?
24 bits
How long is the IV in TKIP?
48 bits
How does WPA protect messages from being tampered with?
Uses Message Integrity Code (MIC)
A keyed function that generates a message signature using 64 bit derived from the session key
What are the problems with WPA?
- MIC while better then CRC-32 was still considered weak
- RC4 cipher still used to encrypt messages
- New attacks appeared aimed at the handshaking protocol
What standard was created to replace WPA?
WPA2-PSK
While WPA2 still supported TKIP what was it replaced by?
Pre-shared key (PSK)
AES based key mixing and creation system for WPA2
What does SHA-1 do in PSK?
A hash function that derives keys from a previously shared password and then mixes it with other data
Was is AES Counter Mode Cipher Block Chaining Message (CCMP) mode and what standard is it used in?
Used in WPA2-PSK
Uses a counter mode cipher for encryption
Each packet has a counter number that is constantly increasing
The counter changes the output encryption key
In WPA2-PSK what replaced the old MIC method of signing messages to prevent tampering?
How did it work?
AES
Uses chaining block part of CMP to sign messages
Each output cipher block feeds into the cipher function for the next blocking making tampering the message impossible without breaking the chain entirely
What standard is the common choice today?
WPA2
What is the most recent standard?
WPA3
What changes does WPA3 have from WPA2?
- Uses asymmetric encryption system called simultaneous authentication of equals instead of the old TKIP handshake
- Still specifics a 128 bit key but up to 192 bits of security for enterprise eployments
What is the order of WiFi security standards released?
- WEP
- WPA
- WPA2
- WPA3
