Wireless Encryption

Question 1

Wireless encryption

Answer 1

• All wireless computers are radio transmitters and
receivers - anyone can listen in

• Solution: Encrypt the data
  
  • Everyone gets the password
  • Or their own password

• Only people with the password can transmit and
listen
• WPA and WPA2

Question 2

WPA (Wi-Fi Protected Access)

Answer 2

• 2002: WPA was the replacement for serious
cryptographic weaknesses in WEP (Wired Equivalent
Privacy)
• Don’t use WEP

• Needed a short-term bridge between WEP and
whatever would be the successor
• Run on existing hardware

• WPA: RC4 with TKIP (Temporal Key Integrity Protocol)
• Initialization Vector (IV) is larger and an encrypted
hash
• Every packet gets a unique 128-bit encryption key

Question 3

Temporal Key Integrity Protocol

Answer 3

• Mixed the keys
  
  • Combines the secret root key with the IV

• Adds sequence counter - prevents replay attacks

• Implements a 64-bit Message Integrity Check
  
  • Protects against tampering
• TKIP has it’s own set of vulnerabilities
  
  • Deprecated in the 802.11-2012 standard

Question 4

WPA2 and CCMP

Answer 4

• WPA2 certification began in 2004
• AES (Advanced Encryption Standard) replaced RC4
• CCMP (Counter Mode with Cipher Block Chaining
Message Authentication Code Protocol) replaced
TKIP

• CCMP block cipher mode
  
  • Uses AES for data confidentiality
  • 128-bit key and a 128-bit block size
  • Requires additional computing resources

• CCMP security services
• Data confidentiality (AES), authentication, and access
control