WIRELESS SECURITY USING WPA2

BY :

TUSHAR ANAND KUMAR

ECE-”D”, REGD. NO.: 1151016015

CONTENTS

• Types of security in WLAN

• Comparison of WEP,WPA,WPA2

• Evolution of wireless security standards

• WPA 2 authentication ,encryption & decryption

• Benefits & vulnerabilities

• Solutions & conclusion

TYPES OF SECURITY IN WLAN

• OPEN : No security configured X

• WEP : Wired Equivalent privacy X

• WPA: Wi-Fi Protected Access

• WPA2: Advance Wi-Fi Protected Access

WIRELESS SECURITY STANDARDS

WPA2 OVERVIEW

• Wi-Fi Protected Access 2

• Security standard developed by the Wi-Fi Alliance and is an implementation of IEEE’s 802.11i

• Uses Advance Encryption Standard (AES) protocol

• AES in Counter-Mode for encryption

• AES in Cipher Block Chaining-Message Authentication Code (CBC-MAC) for integrity checking

WI-FI PROTECTED ACCESS 2

Table: two types of WPA2

COMPARING WEP, WPA ,and WPA 2

AUTHENTICATION

Two types of authentication

• Personal mode

• Enterprise mode

PERSONAL MODE AUTHENTICATION

• Authentication performed between client and access point

• PSK(Pre Shared Key) & SSID(Service Set Identification) is used

• AP generates 256 bit from plain text pass phrase

• PMK(Pairwise Master Key) is generated after authentication

ENTERPRISE MODE AUTHENTICATION

• Based on IEEE 802.1x standard

• Authentication performed between :-

1. Client

2. Access Point

3. Authentication Server

• After authentication MK(Master Key)

Is generated

WPA 2 KEY GENERATION

• 4 way handshake initiated by AP

• Confirms client’s knowledge of PMK in personal mode & MK in enterprise mode

• Pairwise Transient Key created at client’s

• Fresh PTK is derived at AP 1. Key confirmation key

2. Key encryption key

3. Temporal key

WPA 2 KEY GENERATION

• Install encryption and integrity key

• Control port are unblocked

WPA2 ENCRYPTION

• Two Process happens 1. Data encryption

2. Data integrity

• AES is used in encryption & authentication is a block symmetric cipher

• CCM is new mode of operation for block cipher

• Two underlying modes of CCM Counter mode(CTR) achieves data encryption

Cipher block chaining message authentication code(CBCMAC) to provide data integrity

MESSAGE INTEGRITY CODE(MIC)• IV(Initialization Vector)

encrypted with AES & TK to produce 128 bit result

• 128 bit result is XOR with next 128 bits of data

• Result of XOR is continued until all IV are exhausted

• At end,first 64 bits are used to produce MIC

Figure :AES CBC-MAC

WPA2 ENCRYPTION• Counter mode algorithm encrypts

the data with MIC

• Initialize counter for first time or increment counter.

• First 128 bits are encrypted using AES & TK to produce 128 bits.

• XOR is performed on result and first message block to give an first encrypted block.

• Repeat until all 128 bit of blocks has been encrypted.

Figure: AES counter mode

WPA2 DECRYPTION

• It works in reverse using same algorithm for encryption the counter value is derived.

• By using the counter mode algorithm and TK , the MIC and decrypted data are found out.

• The data is processed by CBC-MAC to recalculate MIC

• If MIC does not match then packet is dropped otherwise data is sent to network stack and to client

BENEFITS OF WPA2

• Provides solid wireless security model(RSN)

• Encryption accomplished by a block cipher

• Block cipher used is Advanced Encryption Standard (AES)

• IEEE 802.11i authentication and key management is accomplished by IEEE 802.1x standard

• Key-caching

• Pre-authentication

WPA2 VULNERABILITIES

Can’t stand in front of the physical layer attacks:RF jamming

Data flooding

Access points failure

Vulnerable to the Mac addresses spoofing

PROCEDURES TO IMPROVE WIRELESS SECURITY

Use wireless intrusion prevention system (WIPS)

Enable WPA-PSK

Use a good passphrase

Use WPA2 where possible

Change your SSID every so often

Wireless network users should use or upgrade their network to the latest security standard released

FUTURE SCOPE

• A new standard IEEE 802.1W task group(TG) approved in March,2005 Main Goals

Improve security by protecting the management frames and also being able to identify

Spoofed management frames normally used to launch DoS attack

THANK YOU!

REFRENCES

• “Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2)” By Paul Arana

• “The Evolution of 802.11 Wireless Security” INF 795 - Kevin Benton

• “Wireless LAN Security Issues and Solutions” by Pan Feng at 2012 IEEE Symposium on Robotics and Applications(ISRA)

• Security Improvements of IEEE 802.11i 4-way Handshake Scheme by Xiaodong Zha and Maode Ma ©2010 IEEE