Enterprise uses the router as an authenticating controller in front of an authenticating server, usually a RADIUS server but Enterprise is out of scope for this post. Personal is the typical hexadecimal or alphanumeric passphrase. Lastly, there are two main modes of WPA/WPA2 - Personal and Enterprise. The two figures below were taken from the Clear To Send Podcast and describe the 4-way handshake: Most importantly, it uses a 4-way handshake for authentication.Introduction of the CCM mode Protocol (CCMP) to replace TKIP (allows for TKIP for backward compatibility).Introduction of AES encryption opposed to the RC4 cipher.So, WPA was a quick fix to WEP that essentially introduced TKIP overlayed onto RC4. In 2004, the Wi-Fi Alliance and IEEE released the 802.11i standard. The Wi-Fi Alliance quickly pushed out WPA to quickly fix the vulnerabilities of WEP, but the Wi-Fi Alliance had a true Wi-Fi security standard in the works. The Wi-Fi Alliance quickly enhanced WPA a year after it’s public reveal with the introduction of WPA2 to combat additional possible vulnerabilities, but it wasn’t enough. However, since WPA was a temporary solution, it still used WEP’s RC4 stream cipher. Hacking WEP encryption was becoming tooled, weaponized, and unfortunately, trivial before WPA replaced it. TKIP provided much needed security for an increasingly vulnerable wireless world back in those days. Stronger data assurance than the Cyclic Redundancy Check (CRC) from WEP with the introduction of a 64-bit MIC (Message Integrity Check).Mixes root keys with IVs on a key-by-key basis instead of appending root key with IV.Implementation of a packet sequencer so out-of-order packets are rejected.TKIP introduced a few major improvements over WEP including: ![]() ![]() WPA sought to implement fixes for major flaws that were exposed in WEP with the most important change being the adoption of the new security protocol, TKIP (Temporal Key Integrity Protocol). As such, the Wi-Fi Alliance, in conjunction with the IEEE, adopted a quick fix for this increasingly risky encryption mechanism - WPA (Wi-Fi Protected Access) - in 2003. After WEP encryption was introduced with the ratification of the IEEE 802.11 standard in 1997, it was quickly discovered to be vulnerable to a myriad of exploits.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |