Wireless Encryption Flashcards
1
Q
Wi-Fi Open
A
No security
2
Q
WEP
A
Wired Equivalent Privacy
Initialization Vector - very weak - 128 bit key
3
Q
WPA
A
Wi-Fi Protected Access
Replaced WEP
TKIP and RC4 - Better than WEP but still flawed
4
Q
WPA2
A
Wi-Fi Protected Access 2
CCMP and AES 128-bit key or higher
Can use pre-shared key or RADIUS server
5
Q
WPS
A
Wi-Fi Protected Setup
Automated wi-fi setup. VERY BAD - needs to be disabled
6
Q
WPA3
A
Wi-Fi Protected Access 3
Enterprise Mode - AES-256 and SHA384-hash (integrity)
Personal Mode - CCMP-128 (AES-128 inside CCMP)
If supported, use this. Pre-shared keys removed entirely. Uses Simultaneous Authentication of Equals (SAE) and Perfect Forward Secrecy (PFS)
7
Q
Perfect Forward Secrecy
A
- Access point (AP) and client generate a long term pair of keys
- AP and client exchange a one-time use session key using Diffie-Hellman
- AP and client encrypt sent messages using session key
- Client decrypts message using key
- Repeat process starting at step 2