Wireless Protocols (Memorize) Flashcards
WPA
- Type of protocol
- Vulnerabilities
- Crypto protocols
- Mode
WPA Wifi Protected Access -A wireless security protocol -Replacement for WEP -Susceptible to PW cracking attacks -Replaced by WPA2 -Uses TKIP (Temporal Key Integrity Protocol, vulnerable) or AES (strong) encryption -WPA with TKIP vulnerable to replay attacks
- Allows Pre-Shared Key Mode
- User accesses network anonymously with PSK or passphrase
- Does not authenticate - authorization only
WPA2
- Type of protocol
- Type of encryption
- Mode
WPA2 Wifi Protected Access -A wireless security protocol -CCMP (Counter Mode Cipher Block Chaining) encryption, based on AES -Allows Pre-Shared Key Mode
PSK
- What uses
- Which part of AAA?
Pre-Shared Key Mode
- WPA and WPA2 can operate in this mode
- User accesses network anonymously with PSK or passphrase
- Does not authenticate - authorization only
Enterprise Mode
- Forces users to authenticate (password or certificate)
- 802.1X server, often RADIUS
- To enable enterprise mode on router: enter RADIUS server & RADIUS port & shared secret
EAP
- What kind of protocol
- What does it do
- What crypto protocol uses?
- What wifi security standards use?
EAP
Extensible Authentication Protocol
-A wireless authentication protocol
-Secure encryption key used to encrypt all data transmitted between devices
-TKIP and CCMP (more secure) use this key
-WPA and WPA2 use five EAP types for authentication: EAP-FAST, EAP-TLS, EAP-TTLS, PEAP
EAP-FAST
EAP-FAST EAP Flexible Authentication via Secure Tunnel -A wireless authentication protocol -Cisco's replacement for LEAP -Supports optional certificates -Lightweight and secure
EAP-TLS
EAP-TLS EAP-Transport Layer Security -A wireless authentication protocol -Requires certificate on 802.1X server AND each wireless client -Strong security, wide adoption
EAP-TTLS
EAP-TTLS EAP-Tunneled TLS -A wireless authentication protocol -TLS tunnel -Extension of PEAP -Requires certificate on 802.1X server, NOT clients
PEAP
PEAP
Protected Extensible Authentication Protocol
-A wireless authentication protocol
-Protected PEAP
-Encapsulates and encrypts EAP conversation in TLS tunnel
-Requires certificate on server, not clients
-Microsoft CHAPv2 is implementation
TKIP
TKIP
Temporal Key Integrity Protocol, vulnerable
-Legacy wireless security protocol
-CCMP is the replacement
CCMP
CCMP
Counter Mode Cipher Block Chaining Message Authentication Code Protocol
-The best encryption protocol to use with WPA2
-Uses AES