wi-fi protected acces-cs(new)

8/7/2019 wi-fi protected acces-cs(new)

http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 1/13

Wi-Fi Protected Access

WiWi--Fi Protected AccessFi Protected Access

Presented Presented byby ::

NEHA RASHMI NEHA RASHMI

Regd. no:Regd. no:--06012152410601215241

[[11/12]/12]




INTRODUCTION

y Brought by the Wi-Fi Alliance, working in conjunctionwith the IEEE.

y Standards-based, interoperable security specificationy Significantly increases the level of data protection and

access control for existing and future wireless LANsystems

[[22/12]/12]




WPA at a Glance

y WPA is a subset of the 802.11i draft standard and willmaintain forward compatibility

y It addresses all known vulnerabilities in WEP to ensuredata authenticity on wireless LANs

y It provides an effective deterrent against almost allknown attacks.

[[33/12]/12]




WEP at a Glancey Wired Equivalency Privacy, was intended to provide

wireless users with the same level of privacy inherentin wired networks.

The WEP flaws :

y Weak Keys

y Initialization Vector (IV) Reuse

y

Known plaintext attacksy Denial of service attacks

[[44/12]/12]




WPA: How It Works

WPAs strength comes from

y An integrated sequence of operations that

encompass 802.1X/EAP authenticationy Sophisticated key management and encryption

techniques.

Its major operations include:y Network security capability determination : This

occurs at the 802.11 level and is communicatedthrough WPA information elements

[[55/12]/12]

continued«




WPA: How It Works (continued)y Authentication: EAP over 802.1X is used for

authentication

y Key management: Keys are generated after successful

authentication and through a subsequent 4-way handshake between the station and Access Point .

y Data Privacy (Encryption): TKIP is used to wrap WEPin sophisticated cryptographic and security techniques

to overcome most of its weaknesses.y Data integrity: TKIP includes a message integrity code

(MIC) at the end of each plaintext message to ensuremessages are not being spoofed.

[[66/12]/12]




Security mechanisms in WPA

[[77/12]/12]

� One of WEP¶s chief weaknesses was that it used a

small static key to initiate encryption.

� WPA uses a greatly enhanced encryption scheme,Temporal Key Integrity Protocol (TKIP).

� TKIP increases the size of the key from 40 to 128 bits

and replaces WEP¶s single static key with keys that

are dynamically generated and distributed by the

authentication server.




Security mechanisms in WPA (continued)

y Together with 802.1X/EAP authentication, TKIPemploys a key hierarchy that greatly enhancesprotection.

y It also adds a Message Integrity Check (MIC,sometimes called Michael) to protect againstpacket forgeries.

y The Message Integrity Check (MIC) is designed toprevent an attacker from capturing data packets,altering them and resending them.

[[88/12]/12]




The Future: WPA2y TKIP encryption, 802.1X/EAP authentication and

PSK technology in WPA are features that havebeen brought forward from WPA2.

y Additionally, WPA2 provides a new, encryptionscheme, the Advanced Encryption Standard (AES).

y AES uses a mathematical ciphering algorithm thatemploys variable key sizes of 128-, 192- or 256-bits.

y WPA2 offers a highly secure mixed mode thatsupports both WPA and WPA2 clientworkstations.

[[99/12]/12]




Is It Perfect?WPA, however, is not without its vulnerabilities.

y It is susceptible to denial of service (DoS) attacks.

y If the access point receives two data packets thatfail the Message Integrity Code (MIC) checkwithin 60 seconds of each other then the networkis under an active attack .

y This may just prove that no single security tactic iscompletely invulnerable. But WPA is a definitestep forward in WLAN security.

[[1010/12]/12]




Conclusion

y As a subset of WPA2, WPA presents users with asolution that is both forward- and backward-compatible with present and future wirelessstandards.

y It offers enterprise-grade protection and, mostimportantly, it is available today.

y WPA allows users, whether they are at home or atwork, to enjoy all the mobility and flexibility thatWi-Fi wireless computing has to offer, knowingthat their data is safely protected beyond the reachof intruders.

[[1111/12]/12]




[[1212/12]/12]




[[1313/12]/12]

wi-fi protected acces-cs(new)

Documents

Transcript of wi-fi protected acces-cs(new)