WPA (Wi-Fi Protected Access) was introduced by the Wi-Fi Alliance to address vulnerabilities in WEP (Wired Equivalent Privacy) encryption. It uses TKIP (Temporal Key Integrity Protocol) to dynamically generate encryption keys and add integrity checking to messages to prevent attacks. WPA also supports 802.1X/EAP authentication and pre-shared keys for access control. While an improvement over WEP, WPA is still susceptible to denial of service attacks. However, it provides a secure transition method to the more robust WPA2 standard for wireless network security.

1. Wi-Fi Protected Access Presented by : Swadhin Kumar Bohidar Roll#CS200117017 Under the Guidance of Mr. Rabindra Kumar Shial

2. INTRODUCTION Brought by the Wi-Fi Alliance, working in conjunction with the IEEE. Standards-based, interoperable security specification Significantly increases the level of data protection and access control for existing and future wireless LAN systems

3. WPA at a Glance WPA is a subset of the 802.11i draft standard and will maintain forward compatibility It addresses all known vulnerabilities in WEP to ensure data authenticity on wireless LANs It provides an effective deterrent against almost all known attacks.

4. WEP at a Glance Wired Equivalency Privacy, was intended to provide wireless users with the same level of privacy inherent in wired networks. The WEP flaws : Weak Keys Initialization Vector (IV) Reuse Known plaintext attacks Denial of Service attacks

5. WPA: How It Works WPA’s strength comes from An integrated sequence of operations that encompass 802.1X/EAP authentication and Sophisticated key management and encryption techniques. Its major operations include: Network security capability determination : This occurs at the 802.11 level and is communicated through WPA information elements in Beacon, Probe Response, and (Re) Association Requests. continued…

6. Authentication : EAP over 802.1X is used for authentication Key management : Keys are generated after successful authentication and through a subsequent 4-way handshake between the station and Access Point . Data Privacy (Encryption): TKIP is used to wrap WEP in sophisticated cryptographic and security techniques to overcome most of its weaknesses. Data integrity : TKIP includes a message integrity code (MIC) at the end of each plaintext message to ensure messages are not being spoofed. WPA: How It Works (continued…)

7. Security mechanisms in WPA One of WEP’s chief weaknesses was that it used a small static key to initiate encryption. WPA uses a greatly enhanced encryption scheme, Temporal Key Integrity Protocol (TKIP). TKIP increases the size of the key from 40 to 128 bits and replaces WEP’s single static key with keys that are dynamically generated and distributed by the authentication server.

8. Security mechanisms in WPA (continued…) Together with 802.1X/EAP authentication, TKIP employs a key hierarchy that greatly enhances protection. It also adds a Message Integrity Check (MIC, sometimes called “Michael”) to protect against packet forgeries. The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering them and resending them.

9. TKIP encryption, 802.1X/EAP authentication and PSK technology in WPA are features that have been brought forward from WPA2. Additionally, WPA2 provides a new, encryption scheme, the Advanced Encryption Standard (AES). AES uses a mathematical ciphering algorithm that employs variable key sizes of 128-, 192- or 256-bits. WPA2 offers a highly secure “mixed mode” that supports both WPA and WPA2 client workstations. The Future: WPA2

10. Is It Perfect? WPA, however, is not without its vulnerabilities. It is susceptible to denial of service (DoS) attacks. If the access point receives two data packets that fail the Message Integrity Code (MIC) check within 60 seconds of each other then the network is under an active attack . This may just prove that no single security tactic is completely invulnerable. But WPA is a definite step forward in WLAN security.

11. Conclusion As a subset of WPA2, WPA presents users with a solution that is both forward- and backward-compatible with present and future wireless standards. It offers enterprise-grade protection and, most importantly, it is available today. WPA allows users, whether they are at home or at work, to enjoy all the mobility and flexibility that Wi-Fi wireless computing has to offer, knowing that their data is safely protected beyond the reach of intruders.

12. THANK YOU