PART 1 : Introduction

Hello Friends…….

I am Prof Yogesh Chaba from Deptt of Computer Sc & Engineering, Guru

Jambheshwar University of Sc & Technolgy, HISAR, Haryana.

Today in this lecture we will study about WiFi Security protocols.

First of all please see the Contents which I shall cover: ……….. After covering brief
introduction about three basic WiFi security protocols I shall cover each one by
one. First in this series will be Wired Equivalent Privacy WEP followed by WiFi
Protected Access WPA and WPA2. In last I shall compare WPA and WPA2.

Wi-Fi Security Protocol

 Introduction
 Wired Equivalent Privacy -- WEP
 Wi-Fi Protected Access – WPA/ WPA2
 Comparison of WPA and WPA2

The wireless networking is becoming very popular among large number of internet
users. Because of the popularity of the wireless networking technology, large number
of wireless networking products and protocols are available for the home and business
use. Wireless transmissions are available to authorized users and also to the
unauthorized users like hackers. The IEEE 802.11 standard offers some level of
protection. This protection, known as the Wired Equivalent Privacy (WEP) protocol,
defines a set of instructions and rules by which wireless data can be transmitted over
the airwaves with some amount of security. Wired Equivalent Privacy WEP Protocol
is a basic security feature in the IEEE 802.11 standard, intended to provide
confidentiality over a wireless network by encrypting information sent over the
network. Very soon WEP was replaced by WiFi Protocol Access due a flaw in WEP
of getting cracked in a few minutes with the aid of automated tools.
Wi-Fi Protected Access WPA and WPA2 is a wireless security protocol designed to
address and fix the known security issues in WEP.
Any way this was very brief about basic security techniques used for WiFi.
Now let us see each one by one

Part 2: Wired Equivalent Privacy -- WEP

Wired Equivalent Privacy (WEP) is a security algorithm for IEEE
802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in
1997, its intention was to provide data confidentiality comparable to that of a traditional
wired network. The design objectives of WEP as per IEEE 802.11 standard
states the following:

• “Reasonably strong: The security afforded by the algorithm should relies on

the difficulty of discovering the secret key through a brute-force attack.
This in turn is related to the length of the secret key and the frequency of
changing keys”
• “Self-synchronizing: WEP should be self-synchronizing for each message.
This property is critical for a data-link-level encryption algorithm, where
"best effort" delivery is assumed and packet loss rates may be high.”
• “Efficient: The WEP algorithm should be efficient and may be implemented
in either hardware or software.”
• “Exportable: Every effort should be made to design the WEP system
operation so as to maximize the chances of approval, by the U.S. Govt for
exporting this technology.”
• “Optional: The implementation and use of WEP in IEEE 802.11 should be
optional.”

From the above objectives, it's clear that WEP was not designed to provide
a high military level
security. The intention was to make it hard to break-in as opposed to
impossible to break-in.
 WEP Design Objectives
 Reasonably strong
 Self-synchronizing
 Efficient
 Exportable
 Optional

Now let us move on to the technical details of WEP

WEP security involves two parts, Authentication and Encryption.

Authentication in WEP involves authenticating a device when it first
joins the LAN. The authentication process in the wireless networks
using WEP is to prevent devices/stations joining the network unless
they know the WEP key. Two methods of authentication can be used with
WEP: Open System authentication and Shared Key authentication.

WEP
 Authentication
o Open System Authentication
o Shared Key Authentication
 Encryption

In Open System authentication, the WLAN client need not provide its credentials to the
Access Point during authentication. Any client can authenticate with the Access Point
and then attempt to associate. In effect, no authentication occurs. Subsequently WEP
keys can be used for encrypting data frames. At this point, the client must have the
correct keys.
In Shared Key authentication, the WEP key is used for authentication in a four-step
challenge-response handshake as shown in figure :

1. Wireless device sends authentication request to the wireless

access point.

2. In response wireless access point sends 128 bit random

authentication challenge in a clear text to the requesting wireless

device.

3. The wireless device uses the shared secret key to sign the

challenge and send this in form of authentication response to

the wireless access point.

4. Wireless access point decrypts the signed message using the

shared secret key and verifies the challenge that it has sent

before. If the challenge matches, then authentication succeeds

otherwise not. If authentication succeeds then authentication

success message is send from access point to wireless device.

In WEP-based security, Unfortunately, no secret key is exchanged after

authentication. The same secret key or shared key is used for both

authentication and encryption. So there is no way to tell whether the

subsequent messages come from the trusted device or from an impostor.

This kind of authentication is prone to man in the middle attack.

Next we shall takeup Encryption part of WEP

Please see figure which shows step by step implementation of encryption process.
WEP uses RC4 stream cipher to encrypt data between access point and wireless
device. WEP uses 8-bit RC4 and operates on 8-bit values by creating an array with
256 8-bit values for a lookup table. WEP uses CRC for the data integrity and
accordingly performs CRC (Cyclic Redundancy Check) checksum operation on the
plaintext and generates CRC value. This CRC value is concatenated to the plaintext.
The secret key is concatenated to the Initialization Vector(IV) and fed into the RC4.
Based on the secret key and IV, RC4 generates keystream. The keystream and
plaintext+CRC message are XOR'ed together. The result is the ciphertext. The same
Initialization Vector that was used before, is prepended in clear text to the resultant
ciphertext. The Initialization Vector IV + Ciphertext along with the frame headers are
then transmitted over the air.
In this encryption method as we have seen, some part of the secret key is used with
different exposed values, an attacker can generate the secret part by analyzing some
portion of number of bits in the first few bytes of the keystream with relatively less
work. Another problem with WEP is that the secret shared key is concatenated with
the visible IV value. This weakness is known as “IV weakness.
In the beginning it was believed that WEP offers impenetrable resistance to
eavesdroppers and hackers. However, as wireless networks began to grow in
popularity, many crypt analysts and researchers discovered flaws in the original WEP
design. Many believe that there was little peer review performed on the WEP protocol.
Many of the WEP flaws would have been caught in the early design phase if it's
design and implementation specifications had been reviewed thoroughly. For most of
the wireless networking users (especially home users), WEP is the only choice
available until new security mechanisms are added to the IEEE 802.11 standard. But
as people say “something is better than nothing”, even with it's known weaknesses,
WEP is still more effective than no security at all. Atleast it will provide some
security against unauthorized use of one's wireless network and eating up the
bandwidth.
There are many solutions available to overcome the weaknesses of WEP.
Some of them are:
• The bigger size of the Initialization Vector (IV) can be chosen.
• The hashed value of IV can be prepended or appended to the ciphertext
instead of the
clear text.
• Instead of using CRC checksum, different method can be used for the
data integrity
verification. i.e. Hash functions
• Change secret key regularly, dynamically using secure symmetric key
distribution
protocols.
• Better key management using security handshake protocols .
• New authentication mechanisms using the Extensible Authentication
Protocol (EAP).

Solution to Overcome Weekness

• The bigger size of the Initialization Vector (IV) can be chosen.
• The hashed value of IV can be prepended or appended to the ciphertext
instead of the
clear text.
• Instead of using CRC checksum, different method can be used for the data
integrity
verification. i.e. Hash functions
•
Inspite of implementation of these improvements there was a flaw in WEP of getting

cracked in a few minutes with the aid of automated tools. So, instead of just
•
relying on the WEP security alone additional measures must to be taken to
•

provide better security among wireless devices. In 2003 the Wi-Fi

Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA).
In 2004, with the ratification of the full 802.11i standard (i.e. WPA2), the IEEE declared
that both WEP have been deprecated.

Part 3: Wi-Fi Protected Access – WPA/WPA2

Wi Fi Alliance decided to implement IEEE 802.11i standard to overcome the
problems in WEP. IEEE 802.11i was implemented in two steps. Wi-Fi Protected
Access (WPA) and WiFi Protected Access 2 that is WPA2. The Wi-Fi Alliance
intended WPA as an intermediate measure to take the place of WEP pending the
availability of the full IEEE 802.11i standard. WPA could be implemented
through firmware upgrades on wireless network interface cards designed for WEP.

As WPA was an intermediate solution for hardware that could not support WPA2 so to
implement WPA, an interim software-implementable solution was designed, for WEP that
could delay immediate deployment of new hardware. To add support for WPA or WPA2,
some old Wi-Fi access points might need to be replaced or have their firmware upgraded.

WPA sometimes referred to as the draft IEEE 802.11i standard became available in 2003.
WPA2 became available in 2004 and is a commonly known as full IEEE 802.11i or IEEE
802.11i-2004 standard.

WEP to WPA / WPA2

 WEP to be replaced by IEEE 802.11i
 IEEE 802.11i was implemented in two steps. WPA and WPA2.
 WPA implemented in 2003 is an intermediate measure implemented through
software upgradation.
 WPA2 implemented in 2004 with hardware upgradation.
 WPA  Draft IEEE 802.11i standard
 WPA2  Full IEEE 802.11i or IEEE 802.11i-2004 standard.

WPA is a wireless security protocol designed to address and fix the known security
issues in WEP. WPA provides users with a higher level of assurance that their data
will remain protected by using Temporal Key Integrity Protocol (TKIP) for data
encryption. Specifically, the Temporal Key Integrity Protocol (TKIP) was adopted for
WPA. WEP used a 40-bit or 104-bit encryption key that must be manually entered on
wireless access points and devices which does not change. But TKIP employs a per-
packet key, meaning that it dynamically generates a new 128-bit key for each packet and
thus p3revents the types of attacks that compromised WEP.

WPA also includes a message integrity check, which is designed to prevent an attacker
from altering and resending data packets. This replaces the cyclic redundancy check
(CRC) that was used by the WEP standard. CRC's main flaw was that it did not provide a
sufficiently strong data integrity guarantee for the packets it handled. Well tested
message authentication codes existed to solve these problems, but they required too
much computation to be used on old network cards. WPA uses a message integrity
check algorithm called Michael to verify the integrity of the packets.

WPA
 WPA is designed to address and fix problems in WEP.
 WPA uses Temporal Key Integrity Protocol (TKIP) for data encryption.
 WEP used a 40-bit or 104-bit encryption key but TKIP employs a dynamically
generated new 128-bit key for each packet
 This 128 bit key prevents the types of attacks that compromised WEP.

 WPA also includes a message integrity check to prevent an attacker from altering
and resending data packets by replacing the cyclic redundancy check (CRC) used by
the WEP standard.
 WPA uses a message integrity check algorithm called Michael to verify the integrity
of the packets.

No doubt Michael is much stronger than a CRC, but still Researchers have discovered a
flaw in WPA due to reason of limitations of Michael to retrieve the keystream from short
packets to use for re-injection and spoofing.

In order to solve such problems in WPA and to completely implement IEEE 802.11i
protocol, a new wireless security protocol WPA2 is implemented, in which only
authorised users can access a wireless device, with features supporting stronger
cryptography, stronger authentication control, key management, replay attack
protection and data integrity.
 WPA2 Technology/Features
 Only authorised users can access a wireless device
 Features supporting
o stronger cryptography,
o stronger authentication control,
o key management,
o replay attack protection and
o data integrity.

Going into technical aspects of WPA2. Instead of TKIP….. Advanced Encryption

Standard AES is used for encryption purpose that has a fixed block size of 128 bits
and three different key sizes, each used in the three different steps of the algorithm. In
the first iteration a 128-bit key is used to perform 9 rounds, in the second a 192-bit
key performs 11 rounds, and in the third iteration a 256- bit key is used to perform 13
rounds. Because AES is a substitution cipher, “within each round bits are substituted
and rearranged and then special multiplication is performed based on the new
arrangement.” The effectiveness of AES cannot be disputed – the time needed to
break it by using a brute force attack with a 128-bit key length is 2.20 x 1017 years.
With a 192-bit key length, the time increases to 1036 years.

WPA2 Encryption
 AES is used instead of TKIP for encryption.
 Three steps of algorithm
o In 1st step 128 bit key used to perform 9 rounds,
o In 2nd step 192 bit key performs 11 rounds,
o In 3rd step 256 bit key performs 13 rounds,
 Substitutions are performed in each round.
 Very effective

Part 4: Comparison of WPA and WPA2

Now after brief technical details let us compare WPA and WPA2
There are some similarities and differences between WPA and WPA2.
Both the security techniques WPA and WPA2 uses the 802.1X/EAP framework as
part of the infrastructure that ensures centralized mutual authentication and dynamic
key management.
Both offers a pre-shared key for use in home and small office environments and both
are designed to secure all versions of 802.11 devices, including 802.11b, 802.11a, and
802.11g.
Coming on to the differences in both techniques.
WPA2 uses a mixed mode that supports both WPA and WPA2 enabled devices on the
same wireless network but WPA supports only WPA.
However, the most significant difference between WPA and WPA2 is that WPA2’s
uses the Advanced Encryption Standard (AES) instead of TKIP for data encryption.
WPA2 is theoretically WPA2 is not hackable but WPA is hackable
WPA2 requires more processing power then WPA.

Comparison of WPA and WPA2

 Both the security techniques WPA and WPA2 uses the 802.1X/EAP framework as part of
the infrastructure that ensures centralized mutual authentication and dynamic key
management.
 Both offers a pre-shared key for use in home and small office environments and both
are designed to secure all versions of 802.11 devices, including 802.11b, 802.11a, and
802.11g.
 WPA2 uses a mixed mode that supports both WPA and WPA2 enabled devices on the
same wireless network but WPA supports only WPA.
 WPA2 uses the Advanced Encryption Standard (AES) instead of TKIP for data encryption.
 WPA2 is theoretically WPA2 is not hackable but WPA is hackable
 WPA2 requires more processing power then WPA.