Published on

Published in: Technology
1 Comment
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Wi-Fi Protected Access 2 (WPA2)<br />Eng. MshariAlabdulkarim<br />
  2. 2. Wi-Fi Protected Access 2 (WPA2)<br />Outline:<br /><ul><li> Introduction.
  3. 3. WPA2 Process.
  4. 4. WPA2 Authentication.
  5. 5. WPA2 Encryption.
  6. 6. WPA2 Pros and Cons.
  7. 7. Procedures to improve the Wi-Fi security.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />Introduction:<br />Wireless Equivalent Privacy (WEP):<br /><ul><li>WEP is consider as the original system for securing a wireless Wi-Fi network.
  8. 8. It uses the RC4 encryption protocol to secure the data.
  9. 9. It uses CRC-32 checksum to verify integrity of the data.</li></ul>Plain Text<br />Message<br />CRC<br />Key stream = RC4(v, k)<br />Cipher text<br />V<br />Transmitted Data<br />
  10. 10. Wi-Fi Protected Access 2 (WPA2)<br />Introduction (2):<br />Wi-Fi Protected Access (WPA):<br /><ul><li>Constructed by Wi-Fi Alliance and IEEE.
  11. 11. It uses the RC4 encryption protocol to secure the data.
  12. 12. It uses MIC (Message Integrity Code) and frame counter to verify integrity of the data.
  13. 13. It uses EAP(Extended Authentication Protocol) to authenticate the clients.
  14. 14. More secure than WEP.</li></li></ul><li>WPA2 Versions<br />Wi-Fi Protected Access 2 (WPA2)<br />Introduction (3):<br />Enterprise<br />Wi-Fi Protected Access 2 (WPA2):<br /><ul><li>Based on the IEEE 802.11i standard.
  15. 15. The primary enhancement over WPA is the use of the AES (Advanced Encryption Standard) algorithm.</li></ul>Personal<br />
  16. 16. Wi-Fi Protected Access 2 (WPA2)<br />Introduction (4):<br /><ul><li>The encryption in WPA2 is done by utilizing one of two methods, either by using the AES or TKIP (Temporal Key Integrity Protocol).
  17. 17. The Personal mode uses a PSK (Pre-Shared Key) and doesn't require a separate authentication of users.
  18. 18. The Enterprise mode requires the users to be separately authenticated by using the Extended EAP (Extensible Authentication Protocol). </li></li></ul><li>EAP-TLS<br /><ul><li>EAP-Transport Layer Security</li></ul>Wi-Fi Protected Access 2 (WPA2)<br />EAP-TTLS<br /><ul><li>EAP-Tunneled Transport Layer Security</li></ul>Extensible Authentication Protocol Standards<br />PEAPv0/EAP-MSCHAPv2<br /><ul><li>Protected EAP vo/EAPMicrosoft’s Challenge Handshake Authentication Protocol v2</li></ul>PEAPv1<br />/EAPGTC<br /><ul><li>Protected EAP v1/EAP-Generic Token Card</li></ul>EAPSIM<br /><ul><li>EAP-Subscriber Identity Module of the Global System of Mobile Communications</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />802.11 Security Solutions <br />
  19. 19. Wi-Fi Protected Access 2 (WPA2)<br />
  20. 20. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Process<br />WPA2 establishes a secure communication context in four phases:<br /><ul><li>Phase (1):The AP and the client will agree on the security policy (authentication and pre-authentication method).
  21. 21. Phase (2):Generate the master key.
  22. 22. Phase (3):Creating temporary keys in regular manner.
  23. 23. Phase (4):All keys generated in phase (3) will be used by the CCMP protocol to provide data confidentiality and integrity.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Process (2)<br />Phase (1):<br /><ul><li>The access point advertises the security policies which it supports through the Beacon or through the probe respond message.
  24. 24. After the standard open authentication, the client will send his response in the association request message which will be validated by an association response from the access point.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />Agreeing on the security policy (Phase (1))<br />Prop Request<br />Prop Response + RSN IE<br />CCMP Mcast, CCMP Ucast, 802.1x auth<br />802.11 Open system authentication<br />802.11 Open system authentication - Success<br />Association Request + RSN IE<br />STA Request CCMP Mcast, CCMP Ucast, 802.1x auth<br />Association Response - Success<br />
  25. 25. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Process (3)<br />The security policy information is included in the RSN IE (Information Element) field, and it contains the following:<br /><ul><li>The supported authentication methods (802.1X, Pre-Shared Key (PSK)).
  26. 26. The security protocols for unicast traffic (CCMP, TKIP etc.) – the pairwise cipher suite.
  27. 27. The security protocols for multicast traffic (CCMP, TKIP etc.) – the group cipher suite.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Process (4)<br />Phase (2):<br /><ul><li>This phase is based on EAP and the authentication method which has been agreed on in phase 1.
  28. 28. The access point will send "request identity" message to the client, then he will response with a message containing the preferred authentication method. </li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Process (5)<br />Phase (2):<br /><ul><li>After that, few messages will be exchanged between the client and the authentication server to generate a common master key (MK).
  29. 29. At the end of this phase, the authentication server will send a "Radius Accept" message to the access point, containing the MK and a final EAP Success message for the client.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />802.1x authentication (Phase (2))<br />802.1X/EAP – Request Identity<br />802.1X/EAP – Response Identity<br />Radius Access<br />Request Identity<br />MK derivation<br />MK derivation<br />EAP messages specific to the chosen method<br />Radius Accept<br />MK distribution<br />802.1X/EAP success<br />
  30. 30. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Process (6)<br />Phase (3):<br />In this phase there are two handshakes:<br /><ul><li>4-Way Handshake for PTK (Pairwise Transient Key) and GTK (Group Transient Key) derivation.
  31. 31. Group Key Handshake for GTK renewal.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Process (7)<br />Phase (3):<br />The PMK (Pairwise Master Key) derivation depends on what we have used on the authentication method:<br /><ul><li>If we used PSK (Pre-Shared Key), then the PMK will be equal to PSK.
  32. 32. If we used an authentication server, then the PMK will be derived from the 802.1X authentication MK.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />Key derivation and distribution<br />Step1: MK transmission from AS to AP<br />Step2: 4 way handshake<br />PTK and GTK derivation and distribution<br />Step3: Group key handshake<br />GTK derivation and distribution<br />(for GTK renewal)<br />
  33. 33. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Authentication<br /><ul><li>WPA2 separates the user authentication from the message integrity and privacy, which makes it provide more flexibility.
  34. 34. The authentication in the WPA2 Personal mode does not require having an authentication server.
  35. 35. WPA2 Enterprise mode consists of the following components:
  36. 36. Supplicant (client).
  37. 37. Authenticator (access point).
  38. 38. Authentication server (RADIUS).</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Authentication (2)<br /><ul><li>The access point makes the PAE (Port Access Entity) by dividing each virtual port into two logical ports:
  39. 39. One for service “only open to allow the successful authentications”.
  40. 40. One for authentication “open to allow any authentication frames”.</li></ul>Communications:<br />Layer 2 EAPoL (EAP over LAN)<br />RADIUS message<br />RADIUS<br />Client<br />Access point<br />
  41. 41. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Authentication (3)<br /><ul><li>As we mentioned before, the key generation in WPA2 is done by using two handshakes: a 4-Way Handshake and a Group Key Handshake.
  42. 42. The 4-Way Handshake is initiated by the access point and it performs many tasks like:
  43. 43. Verify that the client knows about the PMK.
  44. 44. Generate a PTK.
  45. 45. Install encryption and integrity keys.
  46. 46. Encrypt transport of the GTK.
  47. 47. Make sure that the cipher suite the selection.
  48. 48. The Group Key Handshake is used to disassociate a host, renew the GTK or encrypt the GTK by using the KEK.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />Master Key (MK)<br />Pair-wise Transient Key (PTK)<br />Pair-wise Master Key (PMK)<br />Key Conformation Key (KCK)<br />Key Encryption Key (KEK)<br />Temporal Key (TK)<br />PTK bits 0 - 127<br />PTK bits 128 - 255<br />PTK bits 256 - 383<br />
  49. 49. Wi-Fi Protected Access 2 (WPA2)<br />Authentication process (Summary)<br />Start<br />Identity ?<br />Identity<br />Identity<br />Accept<br />Forwarding<br />
  50. 50. CCMP<br />Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Encryption<br />CBC-MAC<br />CTR<br /><ul><li>WPA2 uses AES with a key length of 128 bit to encrypt the data.
  51. 51. The AES uses the Counter-Mode/CBC-MAC Protocol (CCMP).
  52. 52. The CCMP uses the same key for both encryption and authentication, but with different initialization vectors.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Encryption Steps<br />CBC-MAC<br />IV<br />128-bit<br />128-bit<br />128-bit<br />TK<br />AES encryption<br />TK<br />AES encryption<br />TK<br />AES encryption<br />P2<br />PN<br />P1<br />128-bit<br />128-bit<br />128-bit<br />128-bit<br />MIC is the first 64-bit<br />
  53. 53. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Encryption Steps (2)<br />Counter Mode<br />Counter<br />Counter + 1<br />Counter + (N-1)<br />128-bit<br />128-bit<br />128-bit<br />AES encryption<br />AES encryption<br />AES encryption<br />TK<br />TK<br />TK<br />128-bit<br />128-bit<br />128-bit<br />P2<br />PN<br />P1<br />128-bit<br />128-bit<br />128-bit<br />128-bit<br />128-bit<br />128-bit<br />C2<br />CN<br />C1<br />C1<br />C2<br />CN<br />
  54. 54. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Encryption Steps (3)<br />Counter Mode<br />Counter<br />128-bit<br />AES encryption<br />TK<br />C1<br />C2<br />CN<br />C0<br />128-bit<br />MIC<br />128-bit<br />128-bit<br />C0<br />C0<br />
  55. 55. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 decryption Steps<br />Counter Mode<br />Counter<br />Counter + 1<br />Counter + (N-1)<br />128-bit<br />128-bit<br />128-bit<br />AES encryption<br />AES encryption<br />AES encryption<br />TK<br />TK<br />TK<br />128-bit<br />128-bit<br />128-bit<br />C1<br />C2<br />CN<br />128-bit<br />128-bit<br />128-bit<br />128-bit<br />128-bit<br />128-bit<br />P1<br />P2<br />PN<br />P1<br />P2<br />PN<br />
  56. 56. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 decryption Steps (2)<br />Counter Mode<br />Counter<br />128-bit<br />AES encryption<br />TK<br />128-bit<br />C0<br />128-bit<br />128-bit<br />MIC<br />MIC<br />
  57. 57. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 decryption Steps (3)<br />CBC-MAC<br />IV<br />128-bit<br />128-bit<br />128-bit<br />TK<br />AES encryption<br />TK<br />AES encryption<br />TK<br />AES encryption<br />P1<br />P2<br />PN<br />128-bit<br />128-bit<br />128-bit<br />128-bit<br />MIC is the first 64-bit<br />MIC<br />
  58. 58. Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Pros<br /><ul><li>The WPA2 has immunity against many types of hacker attacks, like:
  59. 59. Man-in-the-middle.
  60. 60. Authentication forging.
  61. 61. Replay.
  62. 62. Key collision.
  63. 63. Weak keys.
  64. 64. Packet forging.
  65. 65. Brute–force/dictionary attacks.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Pros (2)<br /><ul><li>WPA2 adds two enhancements to support fast roaming as follow:
  66. 66. Allow the client to reconnect to the access points which he has recently been connected to without needing to re-authenticate because of the PMK caching feature.
  67. 67. Allow the client to pre-authenticate himself with the access point which he is moving toward while he is still connected to the access point which he is moving away from.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Pros (3)<br /><ul><li>WPA2 is based on the Robust Security Network (RSN) which makes it support all the features available in WPA and the following extra features:
  68. 68. It supports strong encryption and authentication for both infrastructure and an ad-hoc network; in contrast WPA just supports the infrastructure networks.
  69. 69. It reduced the overhead of the key derivation process.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Cons<br /><ul><li>Like all Wi-Fi security standard, the WPA2 can't stand in front of the physical layer attacks like:
  70. 70. RF jamming.
  71. 71. Data flooding.
  72. 72. Access points failure.
  73. 73. Also, it can’t protect against layer 2 session hijacking.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />WPA2 Cons (2)<br /><ul><li>The attacker can get and discover lots of network information by analyzing the unprotected control and management frames.
  74. 74. It is vulnerable for the DoS attack.
  75. 75. It is vulnerable to the MAC addresses spoofing and the mass de-authentication attacks.</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />Procedures to improve the Wi-Fi security<br /><ul><li>Manage the access point from central source to protect the information which relate to client roaming.
  76. 76. Good planning for the Wi-Fi coverage will improve the availability and reduce the risk of RF jamming attacks.
  77. 77. Use wireless intrusion prevention system (WIPS).</li></li></ul><li>Wi-Fi Protected Access 2 (WPA2)<br />?<br />Questions<br />