Page 221 - DCAP311_DCAP607_WIRELESS_NETWORKS
P. 221
Unit 13: Wireless Networks Security
Notes
Notes A flaw in a feature added to Wi-Fi, called Wi-Fi Protected Setup, allows WPA and
WPA2 security to be bypassed and effectively broken in many situations. WPA and WPA2
security implemented without using the Wi-Fi Protected Setup feature are unaffected by
the security vulnerability.
A flaw in a feature added to Wi-Fi, called Wi-Fi Protected Setup, allows WPA and WPA2 security
to be bypassed and effectively broken in many situations. WPA and WPA2 security implemented
without using the Wi-Fi Protected Setup feature are unaffected by the security vulnerability.
WPA and WPA 2
The Wi-Fi Alliance intended WPA as an intermediate measure to take the place of WEP
pending the availability of the full IEEE 802.11i standard. WPA could be implemented
through firmware upgrades on wireless network interface cards designed for WEP that began
shipping as far back as 1999. However, since the changes required in the wireless access
points (APs) were more extensive than those needed on the network cards, most pre-2003 APs
could not be upgraded to support WPA.
The WPA protocol implements much of the IEEE 802.11i standard. Specifically, the Temporal
Key Integrity Protocol (TKIP), was adopted for WPA. WEP used a 40-bit or 104-bit encryption
key that must be manually entered on wireless access points and devices and does not change.
TKIP employs a per-packet key, meaning that it dynamically generates a new 128-bit key for each
packet and thus prevents the types of attacks that compromised WEP.
WPA also includes a message integrity check. This is designed to prevent an attacker from
capturing, altering and/or resending data packets. This replaces the cyclic redundancy
check (CRC) that was used by the WEP standard. CRC's main flaw was that it did not provide
a sufficiently strong data integrity guarantee for the packets it handled. Well tested message
authentication codes existed to solve these problems, but they required too much computation to
be used on old network cards. WPA uses a message integrity check algorithm called Michael to
verify the integrity of the packets. Michael is much stronger than a CRC, but not as strong as the
algorithm used in WPA2. Researchers have since discovered a flaw in WPA that relied on older
weaknesses in WEP and the limitations of Michael to retrieve the keystream from short packets
to use for re-injection and spoofing.
WPA2 has replaced WPA. WPA2, which requires testing and certification by the Wi-Fi Alliance,
implements the mandatory elements of IEEE 802.11i. In particular, it introduces CCMP, a
new AES-based encryption mode with strong security. Certification began in September, 2004;
from March 13, 2006, WPA2 certification is mandatory for all new devices to bear the Wi-Fi
trademark
13.7.3 Virtual Private Network (VPN)
A virtual private network (VPN) extends a private networkacross a public network, such as
the Internet. It enables a computer to send and receive data across shared or public networks as if it
were directly connected to the private network, while benefitting from the functionality, security
and management policies of the private network. This is done by establishing a virtual point-to-
point connection through the use of dedicated connections, encryption, or a combination of the
two.
A VPN connection across the Internet is similar to a wide area network (WAN) link between the
sites. From a user perspective, the extended network resources are accessed in the same way as
resources available from the private network.
LOVELY PROFESSIONAL UNIVERSITY 215
