Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Protocols WEP, WPA & WPA2.

Published byAlfred Jason Paul Modified over 6 years ago

Similar presentations

Presentation on theme: "Wireless Protocols WEP, WPA & WPA2."— Presentation transcript:

1 Wireless Protocols WEP, WPA & WPA2

2 What is WEP? Wired Equivalent Privacy (WEP) was included as the privacy component of the original IEEE standard ratified in September 1999. WEP is a weak security algorithm for IEEE wireless networks. Its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP has been demonstrated to have numerous flaws and has been deprecated in favor of newer standards such as WPA and WPA2.

3 How does WEP work? WEP uses RC4 algorithm to encrypt the packets of information. Each byte of data will be encrypted using a different packet key. Standard 64-bit WEP uses a 40-bit key, which is concatenated with a 24-bit Initialization Vector (IV) to form the RC4 key. - (IV): A continuously changing number used in combination with a secret key to encrypt data. It is used to prevent a sequence of text that is identical to a previous sequence from producing the same exact cipher-text when encrypted. 128-bit WEP uses 104-bit key, which is also concatenated to a 24-bit Initialization Vector.

4 WEP Authentication Two Methods of Authentication: Open System Authentication and Shared Key Authentication. In Open System Authentication, the WLAN client need not provide its credential to the Access Point during Authentication. Any client can authenticate with the Access Point and then attempt to associate. In effect, no Authentication occurs. Subsequently WEP keys can be used for encrypting data frames. At this point, the client must have the correct keys. In Shared Key Authentication, the WEP key is used for authentication in a four step challenge-response handshake.

5 Open System & Shared Key Authentication

6 What’s wrong with WEP? The IV is too small and in clear text: It’s a 24-bit field sent in the clear text portion of a message. The 24-bit string used to initialize the key stream generated by the RC4 algorithm, is a relatively small field when used for cryptographic purposes. The IV is static: Reuse of the same IV produces identical key streams for the protection of data, and because the IV is short, it guarantees that those streams will repeat after a short time. The IV is part of the RC4 encryption key: The fact that an eavesdropper knows 24-bits of every packet key, combined with a weakness in the RC4 key schedule, leads to a successful analytic attack that recovers the key after intercepting and analyzing only a relatively small amount of traffic.

7 How to crack WEP? Step 1: You need some basic computer skills, I mean, COME ON!!! Step 2: Get a packet sniffing program. Step 3: Make sure there is traffic on the network. Step 4: Begin packet sniffing and allow the program to get a good sample of the WEP encrypted packets. Step 5: Decipher the public/private key by matching the packets for similarities. Very Simple: ed&v=jETwvEDaJeQ

8 What is WPA? Wi-Fi Protected Access(WPA) is a security protocol and security certification program developed to secure wireless computer networks. The WPA protocol implements the majority of the IEEE i standards WPA was carefully designed so that hardware upgrades would not be needed. WPA retained the use of RC4 but it added features designed to address the deficiencies in the way that WEP uses the cipher.

9 WPA features A longer key: WPA lengthens the Initialization Vector (IV) to 48 bits and the master key to 128 bits. Temporal Key Integrity Protocol(TKIP): Generates different keys for each client and alters keys for each successive packet. - The TKIP was brought into WPA and it replaced WEP’s 40-bit or 128-bit encryption. - TKIP is a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet and thus prevents collisions. Message Integrity Code(MIC) or Cryptographic checksum: Verifies that messages have not been altered in transit and protects against replay attempts.

10 WPA Authentication Personal mode (WPA-PSK): This utilizes manually configured keys in the same manner as WEP. All clients use the same initial master key. Its designed for home and small office networks and it does not require an authentication server. Enterprise mode(WPA or WPA-802.1x): As opposed to WPA-PSK, it’s designed for enterprise networks and it requires a RADIUS authentication server. This provides more security. The AP uses Extensible Authentication Protocol (EAP) to negotiate a pair-wise master key with each client individually.

11 WPA Authentication

12 What is WPA2 WPA2 is based on the Robust Security Network(RSN) mechanism, which provided support for all of the mechanisms available in WPA as well as: 1. Strong encryption and authentication support for infrastructure and ad-hoc networks (WPA is limited to infrastructure networks). 2. Reduced the overhead in the key derivation during the wireless LAN authentication exchange. 3. Support for opportunistic key caching to reduce overhead in roaming between access points. 4. Support for CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) encryption mechanism based on the Advanced Encryption Standard (AES) cipher as an alternative to the TKIP protocol.

13 WPA2 vs WPA What is similar? - WPA and WPA2 can use the same authentication method because they are both EAP(Extensible Authentication Protocol) based. Meaning that many other protocols can be built on top of EAP. What is different? - The key difference is the encryption method. WPA uses TKIP/RC4 while WPA2 uses CCMP/AES or Advanced Encryption Standard used by the US Department of Defense.

14 Infrastructure Mode Infrastructure Mode: Wireless networking bridges a wireless network to a wired ethernet network. - A wireless AP is required to join the WLAN, the AP and all wireless clients must be configured to use the same SSID. The AP is then cabled to the wired network to allow clients access to internet connections or printers. - APs can be added to WLANs to increase the reach of the infrastructure and support any number of clients.

15 Ad-Hoc Mode Ad-Hoc Mode: It’s a method for wireless devices to directly communicate with each other. - Operating in Ad-Hoc mode allows all wireless devices within range of each other to discover and communicate in peer-to-peer fashion without involving central access points - An ad-hoc network tends to feature a small group of devices all in a very close proximity to each other (Performance suffers if the number increases).

Download ppt "Wireless Protocols WEP, WPA & WPA2."

Similar presentations

IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.

Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Security in IEEE 802.11 wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.

Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
WEP and 802.11i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.

WEP and i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
15 November 2004 1 Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

Similar presentations

Ads by Google