SlideShare a Scribd company logo

Wireless security using wpa2

Download as PPTX, PDF
Tushar Anand
Tushar Anand

This document discusses wireless security using WPA2. It begins by describing the types of wireless security including open networks, WEP, WPA, and WPA2. It then provides an overview of WPA2, including how it uses AES for encryption and integrity checking. The document compares WEP, WPA, and WPA2 and describes WPA2 authentication in personal and enterprise modes. It details how WPA2 generates keys through a 4-way handshake and uses AES in counter mode for encryption and CBC-MAC for integrity. The document concludes by discussing benefits and vulnerabilities of WPA2 as well as procedures to improve wireless security.

Education
1 of 22
WIRELESS SECURITY USING WPA2 BY : TUSHAR ANAND KUMAR ECE-”D”, REGD. NO.: 1151016015
CONTENTS • Types of security in WLAN • Comparison of WEP,WPA,WPA2 • Evolution of wireless security standards • WPA 2 authentication ,encryption & decryption • Benefits & vulnerabilities • Solutions & conclusion
TYPES OF SECURITY IN WLAN • OPEN : No security configured X • WEP : Wired Equivalent privacy X • WPA: Wi-Fi Protected Access • WPA2: Advance Wi-Fi Protected Access
WIRELESS SECURITY STANDARDS
WPA2 OVERVIEW • Wi-Fi Protected Access 2 • Security standard developed by the Wi-Fi Alliance and is an implementation of IEEE’s 802.11i • Uses Advance Encryption Standard (AES) protocol • AES in Counter-Mode for encryption • AES in Cipher Block Chaining-Message Authentication Code (CBC-MAC) for integrity checking
WI-FI PROTECTED ACCESS 2 Table: two types of WPA2
COMPARING WEP, WPA ,and WPA 2
AUTHENTICATION Two types of authentication • Personal mode • Enterprise mode
PERSONAL MODE AUTHENTICATION • Authentication performed between client and access point • PSK(Pre Shared Key) & SSID(Service Set Identification) is used • AP generates 256 bit from plain text pass phrase • PMK(Pairwise Master Key) is generated after authentication
ENTERPRISE MODE AUTHENTICATION • • Based on IEEE 802.1x standard Authentication performed between :- 1. Client 2. Access Point 3. Authentication Server • After authentication MK(Master Key) Is generated
WPA 2 KEY GENERATION • 4 way handshake initiated by AP • Confirms client’s knowledge of PMK in personal mode & MK in enterprise mode • Pairwise Transient Key created at client’s • Fresh PTK is derived at AP 1. Key confirmation key 2. Key encryption key 3. Temporal key
WPA 2 KEY GENERATION • Install encryption and integrity key • Control port are unblocked
WPA2 ENCRYPTION • Two Process happens 1. Data encryption 2. Data integrity • AES is used in encryption & authentication is a block symmetric cipher • CCM is new mode of operation for block cipher • Two underlying modes of CCM  Counter mode(CTR) achieves data encryption  Cipher block chaining message authentication code(CBCMAC) to provide data integrity
MESSAGE INTEGRITY CODE(MIC) • IV(Initialization Vector) encrypted with AES & TK to produce 128 bit result • 128 bit result is XOR with next 128 bits of data • Result of XOR is continued until all IV are exhausted • At end,first 64 bits are used to produce MIC Figure :AES CBC-MAC
WPA2 ENCRYPTION • Counter mode algorithm encrypts the data with MIC • Initialize counter for first time or increment counter. • First 128 bits are encrypted using AES & TK to produce 128 bits. • XOR is performed on result and first message block to give an first encrypted block. • Repeat until all 128 bit of blocks has been encrypted. Figure: AES counter mode
WPA2 DECRYPTION • It works in reverse using same algorithm for encryption the counter value is derived. • By using the counter mode algorithm and TK , the MIC and decrypted data are found out. • The data is processed by CBC-MAC to recalculate MIC • If MIC does not match then packet is dropped otherwise data is sent to network stack and to client
BENEFITS OF WPA2 • Provides solid wireless security model(RSN) • Encryption accomplished by a block cipher • Block cipher used is Advanced Encryption Standard (AES) • IEEE 802.11i authentication and key management is accomplished by IEEE 802.1x standard • Key-caching • Pre-authentication
WPA2 VULNERABILITIES  Can’t stand in front of the physical layer attacks: RF jamming Data flooding Access points failure  Vulnerable to the Mac addresses spoofing
PROCEDURES TO IMPROVE WIRELESS SECURITY  Use wireless intrusion prevention system (WIPS)  Enable WPA-PSK  Use a good passphrase  Use WPA2 where possible  Change your SSID every so often  Wireless network users should use or upgrade their network to the latest security standard released
FUTURE SCOPE • A new standard IEEE 802.1W task group(TG) approved in March,2005  Main Goals Improve security by protecting the management frames and also being able to identify Spoofed management frames normally used to launch DoS attack
THANK YOU!
REFRENCES • “Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2)” Paul By Arana • “The Evolution of 802.11 Wireless Security” INF 795 - Kevin Benton • “Wireless LAN Security Issues and Solutions” by Pan Feng at 2012 IEEE Symposium on Robotics and Applications(ISRA) • Security Improvements of IEEE 802.11i 4-way Handshake Scheme by Xiaodong Zha and Maode Ma ©2010 IEEE

Recommended

WPA2
WPA2WPA2
WPA2Mshari Alabdulkarim
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2Nzava Luwawa
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
Wlan security
Wlan securityWlan security
Wlan securitySajan Sahu
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 

Recommended

WPA2
WPA2WPA2
WPA2Mshari Alabdulkarim
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2Nzava Luwawa
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
Wlan security
Wlan securityWlan security
Wlan securitySajan Sahu
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityShital Kat
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 
Wpa3
Wpa3Wpa3
Wpa3Bhavya Dashora
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Securityyousef emami
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected accessLopamudra Das
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi HackingPaul Gillingwater, MBA
 
WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyNapier University
 
WPA 3
WPA 3WPA 3
WPA 3diggu22
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
Cyber security(2018 updated)
Cyber security(2018 updated)Cyber security(2018 updated)
Cyber security(2018 updated)PrabhatChoudhary11
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteIBM Security
 
Implementing 802.1x Authentication
Implementing 802.1x AuthenticationImplementing 802.1x Authentication
Implementing 802.1x Authenticationdkaya
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
WEP
WEPWEP
WEPSudeep Kulkarni
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityAgris Ameriks
 
Wi fi security
Wi fi securityWi fi security
Wi fi securityVirendra Thakur
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacksHuda Seyam
 
Wlan security
Wlan securityWlan security
Wlan securityUpasona Roy
 
4 wifi security
4 wifi security4 wifi security
4 wifi securityal-sari7
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network SecurityInformation Technology
 

More Related Content

What's hot

Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected accessLopamudra Das
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteIBM Security
 
Implementing 802.1x Authentication
Implementing 802.1x AuthenticationImplementing 802.1x Authentication
Implementing 802.1x Authenticationdkaya
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacksHuda Seyam
 

What's hot (20)

Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
 
Wpa3
Wpa3Wpa3
Wpa3
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected access
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
 
WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and Dragonfly
 
WPA 3
WPA 3WPA 3
WPA 3
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
 
Cyber security(2018 updated)
Cyber security(2018 updated)Cyber security(2018 updated)
Cyber security(2018 updated)
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
 
Implementing 802.1x Authentication
Implementing 802.1x AuthenticationImplementing 802.1x Authentication
Implementing 802.1x Authentication
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
WEP
WEPWEP
WEP
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacks
 
Wlan security
Wlan securityWlan security
Wlan security
 

Similar to Wireless security using wpa2

4 wifi security
4 wifi security4 wifi security
4 wifi securityal-sari7
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technologytardeep
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?Tom Isaacson
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_kRama Krishna M
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applicationscmstiernberg
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
 
Wireless security837
Wireless security837Wireless security837
Wireless security837mark scott
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-accessbhanu4ugood1
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting Shah Sheikh
 
Security standard
Security standardSecurity standard
Security standardlyndyv
 
802 11 3
802 11 3802 11 3
802 11 3rphelps
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityVishal Agarwal
 

Similar to Wireless security using wpa2 (20)

4 wifi security
4 wifi security4 wifi security
4 wifi security
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Wifi
WifiWifi
Wifi
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technology
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
 
Iuwne10 S04 L02
Iuwne10 S04 L02Iuwne10 S04 L02
Iuwne10 S04 L02
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applications
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-access
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 
Security standard
Security standardSecurity standard
Security standard
 
Resilience in the ZigBee Residential Mode
Resilience in the ZigBee Residential ModeResilience in the ZigBee Residential Mode
Resilience in the ZigBee Residential Mode
 
802 11 3
802 11 3802 11 3
802 11 3
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
 
WEP .WAP WAP2.pptx
WEP .WAP WAP2.pptxWEP .WAP WAP2.pptx
WEP .WAP WAP2.pptx
 
802.11i
802.11i802.11i
802.11i
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 

Recently uploaded

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 

Recently uploaded (20)

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 

Wireless security using wpa2

  • 1. WIRELESS SECURITY USING WPA2 BY : TUSHAR ANAND KUMAR ECE-”D”, REGD. NO.: 1151016015
  • 2. CONTENTS • Types of security in WLAN • Comparison of WEP,WPA,WPA2 • Evolution of wireless security standards • WPA 2 authentication ,encryption & decryption • Benefits & vulnerabilities • Solutions & conclusion
  • 3. TYPES OF SECURITY IN WLAN • OPEN : No security configured X • WEP : Wired Equivalent privacy X • WPA: Wi-Fi Protected Access • WPA2: Advance Wi-Fi Protected Access
  • 5. WPA2 OVERVIEW • Wi-Fi Protected Access 2 • Security standard developed by the Wi-Fi Alliance and is an implementation of IEEE’s 802.11i • Uses Advance Encryption Standard (AES) protocol • AES in Counter-Mode for encryption • AES in Cipher Block Chaining-Message Authentication Code (CBC-MAC) for integrity checking
  • 6. WI-FI PROTECTED ACCESS 2 Table: two types of WPA2
  • 7. COMPARING WEP, WPA ,and WPA 2
  • 8. AUTHENTICATION Two types of authentication • Personal mode • Enterprise mode
  • 9. PERSONAL MODE AUTHENTICATION • Authentication performed between client and access point • PSK(Pre Shared Key) & SSID(Service Set Identification) is used • AP generates 256 bit from plain text pass phrase • PMK(Pairwise Master Key) is generated after authentication
  • 10. ENTERPRISE MODE AUTHENTICATION • • Based on IEEE 802.1x standard Authentication performed between :- 1. Client 2. Access Point 3. Authentication Server • After authentication MK(Master Key) Is generated
  • 11. WPA 2 KEY GENERATION • 4 way handshake initiated by AP • Confirms client’s knowledge of PMK in personal mode & MK in enterprise mode • Pairwise Transient Key created at client’s • Fresh PTK is derived at AP 1. Key confirmation key 2. Key encryption key 3. Temporal key
  • 12. WPA 2 KEY GENERATION • Install encryption and integrity key • Control port are unblocked
  • 13. WPA2 ENCRYPTION • Two Process happens 1. Data encryption 2. Data integrity • AES is used in encryption & authentication is a block symmetric cipher • CCM is new mode of operation for block cipher • Two underlying modes of CCM  Counter mode(CTR) achieves data encryption  Cipher block chaining message authentication code(CBCMAC) to provide data integrity
  • 14. MESSAGE INTEGRITY CODE(MIC) • IV(Initialization Vector) encrypted with AES & TK to produce 128 bit result • 128 bit result is XOR with next 128 bits of data • Result of XOR is continued until all IV are exhausted • At end,first 64 bits are used to produce MIC Figure :AES CBC-MAC
  • 15. WPA2 ENCRYPTION • Counter mode algorithm encrypts the data with MIC • Initialize counter for first time or increment counter. • First 128 bits are encrypted using AES & TK to produce 128 bits. • XOR is performed on result and first message block to give an first encrypted block. • Repeat until all 128 bit of blocks has been encrypted. Figure: AES counter mode
  • 16. WPA2 DECRYPTION • It works in reverse using same algorithm for encryption the counter value is derived. • By using the counter mode algorithm and TK , the MIC and decrypted data are found out. • The data is processed by CBC-MAC to recalculate MIC • If MIC does not match then packet is dropped otherwise data is sent to network stack and to client
  • 17. BENEFITS OF WPA2 • Provides solid wireless security model(RSN) • Encryption accomplished by a block cipher • Block cipher used is Advanced Encryption Standard (AES) • IEEE 802.11i authentication and key management is accomplished by IEEE 802.1x standard • Key-caching • Pre-authentication
  • 18. WPA2 VULNERABILITIES  Can’t stand in front of the physical layer attacks: RF jamming Data flooding Access points failure  Vulnerable to the Mac addresses spoofing
  • 19. PROCEDURES TO IMPROVE WIRELESS SECURITY  Use wireless intrusion prevention system (WIPS)  Enable WPA-PSK  Use a good passphrase  Use WPA2 where possible  Change your SSID every so often  Wireless network users should use or upgrade their network to the latest security standard released
  • 20. FUTURE SCOPE • A new standard IEEE 802.1W task group(TG) approved in March,2005  Main Goals Improve security by protecting the management frames and also being able to identify Spoofed management frames normally used to launch DoS attack
  • 22. REFRENCES • “Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2)” Paul By Arana • “The Evolution of 802.11 Wireless Security” INF 795 - Kevin Benton • “Wireless LAN Security Issues and Solutions” by Pan Feng at 2012 IEEE Symposium on Robotics and Applications(ISRA) • Security Improvements of IEEE 802.11i 4-way Handshake Scheme by Xiaodong Zha and Maode Ma ©2010 IEEE