Wi-Fi Protected Access Wi Wi- -Fi Protected Acc ess Fi Protec ted Ac cess Presented Presented by by : NEHA RASHMI NEHA RASHMI Regd. no: Regd. no:- -0601215241 0601215241 [ [1 1/12] /12]
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 1/13
Wi-Fi Protected Access
WiWi--Fi Protected AccessFi Protected Access
Presented Presented byby ::
NEHA RASHMI NEHA RASHMI
Regd. no:Regd. no:--06012152410601215241
[[11/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 2/13
Wi-Fi Protected Access
INTRODUCTION
y Brought by the Wi-Fi Alliance, working in conjunctionwith the IEEE.
y Standards-based, interoperable security specificationy Significantly increases the level of data protection and
access control for existing and future wireless LANsystems
[[22/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 3/13
Wi-Fi Protected Access
WPA at a Glance
y WPA is a subset of the 802.11i draft standard and willmaintain forward compatibility
y It addresses all known vulnerabilities in WEP to ensuredata authenticity on wireless LANs
y It provides an effective deterrent against almost allknown attacks.
[[33/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 4/13
Wi-Fi Protected Access
WEP at a Glancey Wired Equivalency Privacy, was intended to provide
wireless users with the same level of privacy inherentin wired networks.
The WEP flaws :
y Weak Keys
y Initialization Vector (IV) Reuse
y
Known plaintext attacksy Denial of service attacks
[[44/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 5/13
Wi-Fi Protected Access
WPA: How It Works
WPAs strength comes from
y An integrated sequence of operations that
encompass 802.1X/EAP authenticationy Sophisticated key management and encryption
techniques.
Its major operations include:y Network security capability determination : This
occurs at the 802.11 level and is communicatedthrough WPA information elements
[[55/12]/12]
continued«
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 6/13
Wi-Fi Protected Access
WPA: How It Works (continued)y Authentication: EAP over 802.1X is used for
authentication
y Key management: Keys are generated after successful
authentication and through a subsequent 4-way handshake between the station and Access Point .
y Data Privacy (Encryption): TKIP is used to wrap WEPin sophisticated cryptographic and security techniques
to overcome most of its weaknesses.y Data integrity: TKIP includes a message integrity code
(MIC) at the end of each plaintext message to ensuremessages are not being spoofed.
[[66/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 7/13
Wi-Fi Protected Access
Security mechanisms in WPA
[[77/12]/12]
� One of WEP¶s chief weaknesses was that it used a
small static key to initiate encryption.
� WPA uses a greatly enhanced encryption scheme,Temporal Key Integrity Protocol (TKIP).
� TKIP increases the size of the key from 40 to 128 bits
and replaces WEP¶s single static key with keys that
are dynamically generated and distributed by the
authentication server.
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 8/13
Wi-Fi Protected Access
Security mechanisms in WPA (continued)
y Together with 802.1X/EAP authentication, TKIPemploys a key hierarchy that greatly enhancesprotection.
y It also adds a Message Integrity Check (MIC,sometimes called Michael) to protect againstpacket forgeries.
y The Message Integrity Check (MIC) is designed toprevent an attacker from capturing data packets,altering them and resending them.
[[88/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 9/13
Wi-Fi Protected Access
The Future: WPA2y TKIP encryption, 802.1X/EAP authentication and
PSK technology in WPA are features that havebeen brought forward from WPA2.
y Additionally, WPA2 provides a new, encryptionscheme, the Advanced Encryption Standard (AES).
y AES uses a mathematical ciphering algorithm thatemploys variable key sizes of 128-, 192- or 256-bits.
y WPA2 offers a highly secure mixed mode thatsupports both WPA and WPA2 clientworkstations.
[[99/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 10/13
Wi-Fi Protected Access
Is It Perfect?WPA, however, is not without its vulnerabilities.
y It is susceptible to denial of service (DoS) attacks.
y If the access point receives two data packets thatfail the Message Integrity Code (MIC) checkwithin 60 seconds of each other then the networkis under an active attack .
y This may just prove that no single security tactic iscompletely invulnerable. But WPA is a definitestep forward in WLAN security.
[[1010/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 11/13
Wi-Fi Protected Access
Conclusion
y As a subset of WPA2, WPA presents users with asolution that is both forward- and backward-compatible with present and future wirelessstandards.
y It offers enterprise-grade protection and, mostimportantly, it is available today.
y WPA allows users, whether they are at home or atwork, to enjoy all the mobility and flexibility thatWi-Fi wireless computing has to offer, knowingthat their data is safely protected beyond the reachof intruders.
[[1111/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 12/13
Wi-Fi Protected Access
[[1212/12]/12]
8/7/2019 wi-fi protected acces-cs(new)
http://slidepdf.com/reader/full/wi-fi-protected-acces-csnew 13/13
Wi-Fi Protected Access
[[1313/12]/12]
Related Documents
