Lecture 17: WiFi Security and WPA

Question 1

What are the 2 major jobs WiFi security has to do?

Answer 1

• Access control
• Encryption

Question 2

What was the first standard for securing WiFi communication?

Answer 2

WEP

Wired equivalent privacy

Question 3

What is WEP?

Answer 3

Designed to prevent unauthorized access to the network

Secure data inflight between the client and the access point

Question 4

How many bits were WEP keys and what were the 2 parts that formed them?

Answer 4

64 or 128 bit key

Formed of:
- Fixed 40 or 104 bit key that acted as the access control password for the network

• An initialization vector made up the remaining 24 bits

Question 5

The initialization vector used in WEP was sent in ___ during authentication

Answer 5

clear text

Question 6

Describe the authentication process of WEP

Answer 6

• Clear text authentication message is sent to the router
• Router responds with an initialization vector and 128 bytes of random data
• Client uses the IV, WEP access password to encrypt the random data and sends it to the router
• Router checks if the encrypted data mathces the expected result

Question 7

How does WEP handle encryption?

Answer 7

Secret WEP key is combined with an IV from the router to create a key

Key is used with an RC4 stream cipher to enrypt the packet data

Packet is sent to the router where its decypted and then sent to the world wide web

Question 8

What is the purpose of the RC4 cipher in WEP

Answer 8

Stretches the key out so it can encrypt the entire frame

Question 9

What are the problems with WEP?

Answer 9

• Doesn’t protect user data from other authenticated users
• RC4 is insecure
• IV is too short

Question 10

What standard was created to replace WEP?

Answer 10

WPA

WiFi Protected Access

Question 11

What types of keys were introduced in WPA?

Answer 11

Temporal Key Integrity Protocol (TKIP)

Question 12

What does temporal key integrity protocol generate a session key from?

Answer 12

• WPA authentication password\
• Client and routers MAC Addresses
• 2 random nonces generated y client and the router

Question 13

How long is the IV in WEP?

Answer 13

24 bits

Question 14

How long is the IV in TKIP?

Answer 14

48 bits

Question 15

How does WPA protect messages from being tampered with?

Answer 15

Uses Message Integrity Code (MIC)

A keyed function that generates a message signature using 64 bit derived from the session key

Question 16

What are the problems with WPA?

Answer 16

• MIC while better then CRC-32 was still considered weak
• RC4 cipher still used to encrypt messages
• New attacks appeared aimed at the handshaking protocol

Question 17

What standard was created to replace WPA?

Answer 17

WPA2-PSK

Question 18

While WPA2 still supported TKIP what was it replaced by?

Answer 18

Pre-shared key (PSK)

AES based key mixing and creation system for WPA2

Question 19

What does SHA-1 do in PSK?

Answer 19

A hash function that derives keys from a previously shared password and then mixes it with other data

Question 20

Was is AES Counter Mode Cipher Block Chaining Message (CCMP) mode and what standard is it used in?

Answer 20

Used in WPA2-PSK

Uses a counter mode cipher for encryption

Each packet has a counter number that is constantly increasing

The counter changes the output encryption key

Question 21

In WPA2-PSK what replaced the old MIC method of signing messages to prevent tampering?

How did it work?

Answer 21

AES

Uses chaining block part of CMP to sign messages

Each output cipher block feeds into the cipher function for the next blocking making tampering the message impossible without breaking the chain entirely

Question 22

What standard is the common choice today?

Answer 22

WPA2

Question 23

What is the most recent standard?

Answer 23

WPA3

Question 24

What changes does WPA3 have from WPA2?

Answer 24

• Uses asymmetric encryption system called simultaneous authentication of equals instead of the old TKIP handshake
• Still specifics a 128 bit key but up to 192 bits of security for enterprise eployments

Question 25

What is the order of WiFi security standards released?

Answer 25

• WEP
• WPA
• WPA2
• WPA3