SlideShare a Scribd company logo

WPA2 Wireless Security Standard Explained

Download as PPTX, PDF
Tushar Anand
Tushar Anand

This document discusses wireless security using WPA2. It begins by describing the types of wireless security including open networks, WEP, WPA, and WPA2. It then provides an overview of WPA2, including how it uses AES for encryption and integrity checking. The document compares WEP, WPA, and WPA2 and describes WPA2 authentication in personal and enterprise modes. It details how WPA2 generates keys through a 4-way handshake and uses AES in counter mode for encryption and CBC-MAC for integrity. The document concludes by discussing benefits and vulnerabilities of WPA2 as well as procedures to improve wireless security.

Education
1 of 22
WIRELESS SECURITY USING WPA2 BY : TUSHAR ANAND KUMAR ECE-”D”, REGD. NO.: 1151016015
CONTENTS • Types of security in WLAN • Comparison of WEP,WPA,WPA2 • Evolution of wireless security standards • WPA 2 authentication ,encryption & decryption • Benefits & vulnerabilities • Solutions & conclusion
TYPES OF SECURITY IN WLAN • OPEN : No security configured X • WEP : Wired Equivalent privacy X • WPA: Wi-Fi Protected Access • WPA2: Advance Wi-Fi Protected Access
WIRELESS SECURITY STANDARDS
WPA2 OVERVIEW • Wi-Fi Protected Access 2 • Security standard developed by the Wi-Fi Alliance and is an implementation of IEEE’s 802.11i • Uses Advance Encryption Standard (AES) protocol • AES in Counter-Mode for encryption • AES in Cipher Block Chaining-Message Authentication Code (CBC-MAC) for integrity checking
WI-FI PROTECTED ACCESS 2 Table: two types of WPA2
COMPARING WEP, WPA ,and WPA 2
AUTHENTICATION Two types of authentication • Personal mode • Enterprise mode
PERSONAL MODE AUTHENTICATION • Authentication performed between client and access point • PSK(Pre Shared Key) & SSID(Service Set Identification) is used • AP generates 256 bit from plain text pass phrase • PMK(Pairwise Master Key) is generated after authentication
ENTERPRISE MODE AUTHENTICATION • • Based on IEEE 802.1x standard Authentication performed between :- 1. Client 2. Access Point 3. Authentication Server • After authentication MK(Master Key) Is generated
WPA 2 KEY GENERATION • 4 way handshake initiated by AP • Confirms client’s knowledge of PMK in personal mode & MK in enterprise mode • Pairwise Transient Key created at client’s • Fresh PTK is derived at AP 1. Key confirmation key 2. Key encryption key 3. Temporal key
WPA 2 KEY GENERATION • Install encryption and integrity key • Control port are unblocked
WPA2 ENCRYPTION • Two Process happens 1. Data encryption 2. Data integrity • AES is used in encryption & authentication is a block symmetric cipher • CCM is new mode of operation for block cipher • Two underlying modes of CCM  Counter mode(CTR) achieves data encryption  Cipher block chaining message authentication code(CBCMAC) to provide data integrity
MESSAGE INTEGRITY CODE(MIC) • IV(Initialization Vector) encrypted with AES & TK to produce 128 bit result • 128 bit result is XOR with next 128 bits of data • Result of XOR is continued until all IV are exhausted • At end,first 64 bits are used to produce MIC Figure :AES CBC-MAC
WPA2 ENCRYPTION • Counter mode algorithm encrypts the data with MIC • Initialize counter for first time or increment counter. • First 128 bits are encrypted using AES & TK to produce 128 bits. • XOR is performed on result and first message block to give an first encrypted block. • Repeat until all 128 bit of blocks has been encrypted. Figure: AES counter mode
WPA2 DECRYPTION • It works in reverse using same algorithm for encryption the counter value is derived. • By using the counter mode algorithm and TK , the MIC and decrypted data are found out. • The data is processed by CBC-MAC to recalculate MIC • If MIC does not match then packet is dropped otherwise data is sent to network stack and to client
BENEFITS OF WPA2 • Provides solid wireless security model(RSN) • Encryption accomplished by a block cipher • Block cipher used is Advanced Encryption Standard (AES) • IEEE 802.11i authentication and key management is accomplished by IEEE 802.1x standard • Key-caching • Pre-authentication
WPA2 VULNERABILITIES  Can’t stand in front of the physical layer attacks: RF jamming Data flooding Access points failure  Vulnerable to the Mac addresses spoofing
PROCEDURES TO IMPROVE WIRELESS SECURITY  Use wireless intrusion prevention system (WIPS)  Enable WPA-PSK  Use a good passphrase  Use WPA2 where possible  Change your SSID every so often  Wireless network users should use or upgrade their network to the latest security standard released
FUTURE SCOPE • A new standard IEEE 802.1W task group(TG) approved in March,2005  Main Goals Improve security by protecting the management frames and also being able to identify Spoofed management frames normally used to launch DoS attack
THANK YOU!
REFRENCES • “Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2)” Paul By Arana • “The Evolution of 802.11 Wireless Security” INF 795 - Kevin Benton • “Wireless LAN Security Issues and Solutions” by Pan Feng at 2012 IEEE Symposium on Robotics and Applications(ISRA) • Security Improvements of IEEE 802.11i 4-way Handshake Scheme by Xiaodong Zha and Maode Ma ©2010 IEEE

Recommended

WPA2
WPA2WPA2
WPA2Mshari Alabdulkarim
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2Nzava Luwawa
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityShital Kat
 
WPA 3
WPA 3WPA 3
WPA 3diggu22
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Securityyousef emami
 
Wpa3
Wpa3Wpa3
Wpa3Bhavya Dashora
 

Recommended

WPA2
WPA2WPA2
WPA2Mshari Alabdulkarim
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2Nzava Luwawa
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityShital Kat
 
WPA 3
WPA 3WPA 3
WPA 3diggu22
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Securityyousef emami
 
Wpa3
Wpa3Wpa3
Wpa3Bhavya Dashora
 
WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyNapier University
 
WEP
WEPWEP
WEPSudeep Kulkarni
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?Tom Isaacson
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
Wi fi security
Wi fi securityWi fi security
Wi fi securityVirendra Thakur
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kalin|u - The Open Security Community
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless HackingVIKAS SINGH BHADOURIA
 
Switch security
Switch securitySwitch security
Switch securitynullowaspmumbai
 
Meraki Cloud Networking Workshop
Meraki Cloud Networking WorkshopMeraki Cloud Networking Workshop
Meraki Cloud Networking WorkshopCisco Canada
 
AAA Protocol
AAA ProtocolAAA Protocol
AAA ProtocolNetwax Lab
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+Netwax Lab
 
Ipsec
IpsecIpsec
IpsecRupesh Mishra
 
Firewall fundamentals
Firewall fundamentalsFirewall fundamentals
Firewall fundamentalsThang Man
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingarushi bhatnagar
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi HackingPaul Gillingwater, MBA
 
KRACK attack
KRACK attackKRACK attack
KRACK attackVadimDavydov3
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
4 wifi security
4 wifi security4 wifi security
4 wifi securityal-sari7
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network SecurityInformation Technology
 

More Related Content

What's hot

WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?Tom Isaacson
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Meraki Cloud Networking Workshop
Meraki Cloud Networking WorkshopMeraki Cloud Networking Workshop
Meraki Cloud Networking WorkshopCisco Canada
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+Netwax Lab
 
Firewall fundamentals
Firewall fundamentalsFirewall fundamentals
Firewall fundamentalsThang Man
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 

What's hot (20)

WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and Dragonfly
 
WEP
WEPWEP
WEP
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking Security
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS Protocols
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kali
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
Switch security
Switch securitySwitch security
Switch security
 
Meraki Cloud Networking Workshop
Meraki Cloud Networking WorkshopMeraki Cloud Networking Workshop
Meraki Cloud Networking Workshop
 
AAA Protocol
AAA ProtocolAAA Protocol
AAA Protocol
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+
 
Ipsec
IpsecIpsec
Ipsec
 
Firewall fundamentals
Firewall fundamentalsFirewall fundamentals
Firewall fundamentals
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
 
KRACK attack
KRACK attackKRACK attack
KRACK attack
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
 

Similar to WPA2 Wireless Security Standard Explained

4 wifi security
4 wifi security4 wifi security
4 wifi securityal-sari7
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technologytardeep
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_kRama Krishna M
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applicationscmstiernberg
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
 
Wireless security837
Wireless security837Wireless security837
Wireless security837mark scott
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-accessbhanu4ugood1
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting Shah Sheikh
 
Security standard
Security standardSecurity standard
Security standardlyndyv
 
802 11 3
802 11 3802 11 3
802 11 3rphelps
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityVishal Agarwal
 

Similar to WPA2 Wireless Security Standard Explained (20)

4 wifi security
4 wifi security4 wifi security
4 wifi security
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Wifi
WifiWifi
Wifi
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technology
 
Iuwne10 S04 L02
Iuwne10 S04 L02Iuwne10 S04 L02
Iuwne10 S04 L02
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applications
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-access
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 
Security standard
Security standardSecurity standard
Security standard
 
Resilience in the ZigBee Residential Mode
Resilience in the ZigBee Residential ModeResilience in the ZigBee Residential Mode
Resilience in the ZigBee Residential Mode
 
802 11 3
802 11 3802 11 3
802 11 3
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
 
WEP .WAP WAP2.pptx
WEP .WAP WAP2.pptxWEP .WAP WAP2.pptx
WEP .WAP WAP2.pptx
 
802.11i
802.11i802.11i
802.11i
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Iuwne10 S04 L05
Iuwne10 S04 L05Iuwne10 S04 L05
Iuwne10 S04 L05
 

Recently uploaded

4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
CHEST Proprioceptive neuromuscular facilitation.pptx
CHEST Proprioceptive neuromuscular facilitation.pptxCHEST Proprioceptive neuromuscular facilitation.pptx
CHEST Proprioceptive neuromuscular facilitation.pptxAneriPatwari
 
Sulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesSulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesVijayaLaxmi84
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Projectjordimapav
 
How to Manage Buy 3 Get 1 Free in Odoo 17
How to Manage Buy 3 Get 1 Free in Odoo 17How to Manage Buy 3 Get 1 Free in Odoo 17
How to Manage Buy 3 Get 1 Free in Odoo 17Celine George
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1GloryAnnCastre1
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxSayali Powar
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...DhatriParmar
 
MS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMr Bounab Samir
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDecoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDhatriParmar
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptxmary850239
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvRicaMaeCastro1
 
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQ-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQuiz Club NITW
 
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQ-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQuiz Club NITW
 
Indexing Structures in Database Management system.pdf
Indexing Structures in Database Management system.pdfIndexing Structures in Database Management system.pdf
Indexing Structures in Database Management system.pdfChristalin Nelson
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operationalssuser3e220a
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research DiscourseAnita GoswamiGiri
 

Recently uploaded (20)

4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
CHEST Proprioceptive neuromuscular facilitation.pptx
CHEST Proprioceptive neuromuscular facilitation.pptxCHEST Proprioceptive neuromuscular facilitation.pptx
CHEST Proprioceptive neuromuscular facilitation.pptx
 
Sulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their usesSulphonamides, mechanisms and their uses
Sulphonamides, mechanisms and their uses
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Project
 
Mattingly "AI & Prompt Design: Large Language Models"
Mattingly "AI & Prompt Design: Large Language Models"Mattingly "AI & Prompt Design: Large Language Models"
Mattingly "AI & Prompt Design: Large Language Models"
 
How to Manage Buy 3 Get 1 Free in Odoo 17
How to Manage Buy 3 Get 1 Free in Odoo 17How to Manage Buy 3 Get 1 Free in Odoo 17
How to Manage Buy 3 Get 1 Free in Odoo 17
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
 
MS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdfMS4 level being good citizen -imperative- (1) (1).pdf
MS4 level being good citizen -imperative- (1) (1).pdf
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDecoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
 
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITWQ-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
Q-Factor HISPOL Quiz-6th April 2024, Quiz Club NITW
 
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITWQ-Factor General Quiz-7th April 2024, Quiz Club NITW
Q-Factor General Quiz-7th April 2024, Quiz Club NITW
 
Indexing Structures in Database Management system.pdf
Indexing Structures in Database Management system.pdfIndexing Structures in Database Management system.pdf
Indexing Structures in Database Management system.pdf
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operational
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research Discourse
 

WPA2 Wireless Security Standard Explained

  • 1. WIRELESS SECURITY USING WPA2 BY : TUSHAR ANAND KUMAR ECE-”D”, REGD. NO.: 1151016015
  • 2. CONTENTS • Types of security in WLAN • Comparison of WEP,WPA,WPA2 • Evolution of wireless security standards • WPA 2 authentication ,encryption & decryption • Benefits & vulnerabilities • Solutions & conclusion
  • 3. TYPES OF SECURITY IN WLAN • OPEN : No security configured X • WEP : Wired Equivalent privacy X • WPA: Wi-Fi Protected Access • WPA2: Advance Wi-Fi Protected Access
  • 5. WPA2 OVERVIEW • Wi-Fi Protected Access 2 • Security standard developed by the Wi-Fi Alliance and is an implementation of IEEE’s 802.11i • Uses Advance Encryption Standard (AES) protocol • AES in Counter-Mode for encryption • AES in Cipher Block Chaining-Message Authentication Code (CBC-MAC) for integrity checking
  • 6. WI-FI PROTECTED ACCESS 2 Table: two types of WPA2
  • 7. COMPARING WEP, WPA ,and WPA 2
  • 8. AUTHENTICATION Two types of authentication • Personal mode • Enterprise mode
  • 9. PERSONAL MODE AUTHENTICATION • Authentication performed between client and access point • PSK(Pre Shared Key) & SSID(Service Set Identification) is used • AP generates 256 bit from plain text pass phrase • PMK(Pairwise Master Key) is generated after authentication
  • 10. ENTERPRISE MODE AUTHENTICATION • • Based on IEEE 802.1x standard Authentication performed between :- 1. Client 2. Access Point 3. Authentication Server • After authentication MK(Master Key) Is generated
  • 11. WPA 2 KEY GENERATION • 4 way handshake initiated by AP • Confirms client’s knowledge of PMK in personal mode & MK in enterprise mode • Pairwise Transient Key created at client’s • Fresh PTK is derived at AP 1. Key confirmation key 2. Key encryption key 3. Temporal key
  • 12. WPA 2 KEY GENERATION • Install encryption and integrity key • Control port are unblocked
  • 13. WPA2 ENCRYPTION • Two Process happens 1. Data encryption 2. Data integrity • AES is used in encryption & authentication is a block symmetric cipher • CCM is new mode of operation for block cipher • Two underlying modes of CCM  Counter mode(CTR) achieves data encryption  Cipher block chaining message authentication code(CBCMAC) to provide data integrity
  • 14. MESSAGE INTEGRITY CODE(MIC) • IV(Initialization Vector) encrypted with AES & TK to produce 128 bit result • 128 bit result is XOR with next 128 bits of data • Result of XOR is continued until all IV are exhausted • At end,first 64 bits are used to produce MIC Figure :AES CBC-MAC
  • 15. WPA2 ENCRYPTION • Counter mode algorithm encrypts the data with MIC • Initialize counter for first time or increment counter. • First 128 bits are encrypted using AES & TK to produce 128 bits. • XOR is performed on result and first message block to give an first encrypted block. • Repeat until all 128 bit of blocks has been encrypted. Figure: AES counter mode
  • 16. WPA2 DECRYPTION • It works in reverse using same algorithm for encryption the counter value is derived. • By using the counter mode algorithm and TK , the MIC and decrypted data are found out. • The data is processed by CBC-MAC to recalculate MIC • If MIC does not match then packet is dropped otherwise data is sent to network stack and to client
  • 17. BENEFITS OF WPA2 • Provides solid wireless security model(RSN) • Encryption accomplished by a block cipher • Block cipher used is Advanced Encryption Standard (AES) • IEEE 802.11i authentication and key management is accomplished by IEEE 802.1x standard • Key-caching • Pre-authentication
  • 18. WPA2 VULNERABILITIES  Can’t stand in front of the physical layer attacks: RF jamming Data flooding Access points failure  Vulnerable to the Mac addresses spoofing
  • 19. PROCEDURES TO IMPROVE WIRELESS SECURITY  Use wireless intrusion prevention system (WIPS)  Enable WPA-PSK  Use a good passphrase  Use WPA2 where possible  Change your SSID every so often  Wireless network users should use or upgrade their network to the latest security standard released
  • 20. FUTURE SCOPE • A new standard IEEE 802.1W task group(TG) approved in March,2005  Main Goals Improve security by protecting the management frames and also being able to identify Spoofed management frames normally used to launch DoS attack
  • 22. REFRENCES • “Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2)” Paul By Arana • “The Evolution of 802.11 Wireless Security” INF 795 - Kevin Benton • “Wireless LAN Security Issues and Solutions” by Pan Feng at 2012 IEEE Symposium on Robotics and Applications(ISRA) • Security Improvements of IEEE 802.11i 4-way Handshake Scheme by Xiaodong Zha and Maode Ma ©2010 IEEE