≡ Menu

Protecting Wireless Networks using WEP,WPA and WPA2

Wired Equivalent Privacy:

The intention of WEP (Wired Equivalent Privacy) was to provide the same level of security as in Wired Networks. But it fell short greatly.

WEP uses 128bit key (with 24 bit initialization vector) which is very easy to crack. It uses RC4 (Rivest Cipher 4) stream cipher.

Two modes:

Open Systems Authentication:

No need of credentials from the client. After the initial association with AP (Access Point), WEP encrypts the whole conversation.

Shared Key Authentication:

Requires Client to present credentials to connect to AP before the encryption beings.

WEP can be enhanced by using ssh or tunneling.

WiFi Protected Access (WPA and WPA2):

WPA uses TKIP(Temporal Key Integrity Protocol), a sequence counter to prevent replay attacks and a 64 bit message integrity check. It combines a secret root key with initialization vector.

WPA2 uses AES with Cipher Block chaining message Authentication code Protocol (CCMP).

Both WPA and WPA supports several EAP extensions such as EAP-TLS, EAP-TTLS (Tunneled Transport Layer Security) and Protected EPA (PEAPv0,v1)

Comments on this entry are closed.