What is WPA (Wi-Fi Protected Access)?

WPA is an acronym for Wi-Fi Protected Access and consists of a mechanism for controlling access to a wireless network designed with the idea of ​​eliminating WEP’s weaknesses. They are also known as TSN (Transition Security Network).

What is WPA?

Functionality

WPA uses TKIP (Temporal Key Integrity Protocol) to manage dynamic keys and dramatically improves data encryption, including the initialization vector. Generally, WPA is TKIP with 8021X. Otherwise, WPA works similarly to WEP, but using dynamic keys, it uses the RC4 algorithm to create a bitstream used to encrypt it with XOR, and the initialization vector (IV) is 48 bits. Dynamic fundamental change can make it impossible to use the same system as WEP to open a WPA-secured wireless network. In addition, WPA can support different access control systems, including user passwords, digital certificates, or verification of another system, or use a shared password to identify yourself.

WPA-PSK

It is the most straightforward access control system after WEP. It has the same configuration challenge as WEP, a shared public key for practical purposes, but dynamic key management significantly increases the level of security. PSK corresponds to the initials of the Pre-Shared Key and comes to the pre-shared key, that is, for customer purposes, bases its security on a shared password. WPA-PSK uses an 8 to 63-character-long access key, which is the shared key.

As with WEP, this password must be entered at each station and access point of the wireless network. Any station identified with this password has access to the network. The features of WPA-PSK currently define it as the most suitable system for a small office or home network; the configuration is straightforward, security is acceptable, and it does not require any additional components.

WPA-PSK Weaknesses

The main weakness of WPA-PSK is the shared key between stations. When a system relies on a password, it is always open to a rough attack, that is, to check passwords and to cause significant problems if chosen correctly, given the length of the passwords. We should think that there is a moment of weakness when the station establishes the authentication dialog.

This dialog is encrypted with shared keys, and access, if any, is guaranteed, and the use of dynamic keys is initiated. The weakness is in knowing the content of the authentication package and its encrypted value. What remains now is to try to set the password using a dictionary or brute force attack.

Enterprise WPA

Other versatile and easier-to-maintain access control mechanisms are required in corporate networks, such as users of a system identified by name/password or having a digital certificate. Obviously, the hardware of an access point is not capable of storing and processing all this information, so it is necessary to refer to other elements of the wired network to verify the credentials. Verifying a client against a component of a wired network seems complicated if it still does not have access to the network.

To allow authentication traffic between the client and the local machine, the IEEE 802.1X described below takes over. Once a client is verified, WPA is when TKIP starts using dynamic keys. WPA clients must be configured to use a specific authentication system that is entirely independent of the access point. WPA authentication systems can be EAP-TLS, PEAP, and EAP-TTLS, among others.

What is WPA-2?

Security is a feature that is especially true when we talk about wireless networks. A physical connection with the network cable is required to access a wired network. However, in a wireless network deployed in an office, a third party would have been able to access the network without even having it at the company’s premises. It would have been sufficient if it were close to where the signal came. Moreover, in the event of a passive attack, where only information is heard, there are no traces that allow a later definition.

The channel of wireless networks should be considered unsafe, unlike private wired networks. Everyone may be listening to the information transmitted. Not only that, but you can also inject new packs or replace existing packs (active attacks). For wireless networks, we need to take measures to send data over the Internet.

After the new 802.11 standard is completed, WPA2 is created accordingly. WPA2 can be considered as migration, while WPA2 is the certified version of the IEEE standard. The 802.11i standard was approved in June 2004.

The Wi-Fi Alliance has developed the version with 802.1x / EAP authentication, such as the pre-shared key version WPA-Personal and WPA-Enterprise. Manufacturers began to produce next-generation access points supported by the WPA2 protocol using the AES (Advanced Encryption Standard) encryption algorithm.

With this algorithm, it will be possible to meet the FIPS140-2 security requirements of the US government. “WPA2 is ideal for both private and public sector companies. WPA2-certified products reassure IT managers that technology meets interoperability standards,” said Frank Hazlik, Managing Director of Wi-Fi Alliance. Said. It is important to emphasize that WPA-certified products are still safe under the provisions of the 802.11i standard, although some organizations expect these new generation AES-based products.

WPA2 (IEEE 802.11i)

802.11i is the new IEEE standard for providing security in WLAN networks. Its specifications are not public, so the amount of information currently available is minimal. WPA2 includes the new AES (Advanced Encryption Standard) encryption algorithm developed by NIS. It is a block encryption algorithm with a 128-bit key (RC4 is a stream). It will require powerful hardware to perform its algorithms. This feature means that older devices without sufficient processing capabilities cannot add WPA2.

To ensure the integrity and authenticity of messages, WPA2 uses Counter Mode / Cipher Block Chaining / Message Authentication Code Protocol (CCMP) instead of MIC codes. Another improvement over WPA is that WPA2 includes support not only for BSS mode but also for IBSS mode (ad-hoc networks).

Security WPA2 Attacks

Both WPA version 1 and version 2 are based on the transmission of supported authentications in the case of WPA 1, the Microsoft proprietary tag, and the information item supported in the case of WPA2 in the standard 802.11i RSN tag. During the RSN connection process, if the client does not support the authentications specified by the AP (access point), it will be disconnected so that it can experience a specific DoS attack on WPA.

There is also the possibility of catching a 4-way handshake that was changed during the authentication process on a secure network. PSK (pre-shared) keys are vulnerable to dictionary attacks (not the RADIUS server, as the RADIUS server generates these keys randomly). There are free projects that use the GPU with specific languages, such as CUDA (NVIDIA) and Stream (AMD), to perform brute force attacks 100 times faster than ordinary computers.

Security in wireless networks is a critical issue that cannot be ignored. As transfers pass through an unsafe environment, mechanisms are necessary to ensure the integrity and originality of the data as well as its confidentiality. To ensure security, the WEP system in the IEEE 802.11 standard has different weaknesses that do not provide security, so alternatives should be sought.

Both WPA specifications and IEEE 802.11i fix all known WEP flaws and are currently considered to be reliable solutions. The advantage of WPA is that it does not require hardware updates on computers. Unless there are any security issues in WPA, it may be sufficient on devices.