Presentation is loading. Please wait.

Presentation is loading. Please wait.

IEEE 802.11i Dohwan Kim.

Published byGloria Osborne Modified over 5 years ago

Similar presentations

Presentation on theme: "IEEE 802.11i Dohwan Kim."— Presentation transcript:

1 IEEE i Dohwan Kim

2 Table of contents WEP WPA1 WPA2 Conclusion

3 Wireless network security
802.11 WEP 802.11i WPA1 At first, WEP is used as wireless network security. But WEP had serious problem, so IEEE working group make task group i. IEEE i make wireless network security protocols which are WPA1 and WPA2. WPA2

4 WEP (Wired Equivalent Privacy)
IEEE RC4, CRC-32 IV (initialization vector) : 24 bit WEP-40 – 64bit, WEP-104 – 128bit Static method Not recommend Alternative : dynamic WEP WEP is a security algorithm for IEEE wireless networks. WEP uses the stream cipher RC4 for confidentiality, and the CRC-32 checksum for integrity. Standard WEP-40 has 40 bit key and 24bit initialization vector. In WEP, RC4 generate key stream by using initialization vector and key. And cipher text is generated by calculating XOR between keystream and cipher text. But WEP is not recommended because WEP use static key. Recently, everyone can crack WEP key. Alternative is dynamic WEP. Dynamic WEP use dynamic key which is changed frequently. So dynamic WEP can prevent cracking.

5 WPA (Wi-Fi Protected Access)
Enterprise mode Authentication : IEEE 802.1x/EAP Encryption : TKIP/MIC Personal mode Authentication : PSK WPA means wi-fi protected access. WPA consists of enterprise mode and personal mode. In enterprise mode, WPA use IEEE 802.1x and EAP for authentication. In personal mode, WPA use PSK for authentication. And WPA use TKIP and MIC for encryption.

6 WPA - authentication IEEE 802.1x/EAP
In enterprise mode, WPA use IEEE 802.1x and EAP. IEEE 802.1x is authentication method for WPA in enterprise mode. And EAP means extensible authentication protocol. When device access to AP, AP access RADIUS server for authentication. Radius server means remote authentication dial-in user services, and it can decide authentication of user. IEEE 802.1x needs radius server, so this method can only use in enterprise.

7 WPA - authentication PSK (Pre Shared Keying) AP has pre-shared key.
If supplicant want access to AP, supplicant must know AP’s PSK. PSK means pre shared keying. In PSK, AP has pre-shared key. And if supplicant want access to AP, supplicant must know AP’s PSK.

8 WPA - encryption TKIP/MIC Difference from WEP Based on WEP
RC4 encryption Difference from WEP Master keys MIC TKIP is encryption method based on WEP. So TKIP use RC4 encryption. But TKIP has some differences from WEP. First, WEP has only one master key, but TKIP has several master keys by mixing key and initialization vector. Second, TKIP use MIC which means message integrity check.

9 WPA2 Enterprise mode Personal mode Authentication : IEEE 802.1x/EAP
Encryption : AES-CCMP Personal mode Authentication : PSK WPA2 is more robust than WPA1. WPA2 and WPA use same authentication, IEEE 802.1x and EAP in enterprise mode, and PSK in personal mode. But WPA2 use encryption which is AES-CCMP. WPA1’s TKIP is more robust than WEP, but TKIP is also limited to encrypt data. So AES-CCMP is used in WPA2.

10 WPA2 - encryption CCMP is encryption method based on AES.
AES is a type of symmetric cryptographic technique. CCMP is encryption method based on AES. AES is a type of symmetric cryptographic technique. This is figure about symmetric cryptographic technique.

11 WPA2 – encryption (AES) Low memory Easy implementation Robust
AES has many advantage. First, AES use low memory, and second, implementation of AES is easy. Moreover, AES is very robust. This figure show process of AES. In AES, there are 4 process such as sub bytes, shift rows, mix columns, and add round key.

12 Conclusion WEP and WPA1 (TKIP) is not recommended.
Drawback of AES is researched, so beyond AES receives attention. WEP and WPA1 is not recommended. 802.11i only recommend CCMP. And drawback of AES is researched, so beyond AES receives attention.

Download ppt "IEEE 802.11i Dohwan Kim."

Similar presentations

IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.

Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
15 November 2004 1 Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.
WLAN security S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

Similar presentations

Ads by Google