Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
WIRELESS SECURITY USING
WPA2

BY :
TUSHAR ANAND KUMAR
ECE-”D”, REGD. NO.:
1151016015
CONTENTS
• Types of security in WLAN
• Comparison of WEP,WPA,WPA2
• Evolution of wireless security standards
• WPA 2 authe...
TYPES OF SECURITY IN WLAN
• OPEN : No security configured X
• WEP : Wired Equivalent privacy X
• WPA: Wi-Fi Protected Acce...
WIRELESS SECURITY STANDARDS
WPA2 OVERVIEW
• Wi-Fi Protected Access 2
•

Security standard developed by the Wi-Fi Alliance and is an
implementation of ...
WI-FI PROTECTED ACCESS 2

Table: two types of WPA2
COMPARING WEP, WPA ,and WPA 2
AUTHENTICATION

Two types of authentication

• Personal mode
• Enterprise mode
PERSONAL MODE AUTHENTICATION
•

Authentication performed between
client and access point

•

PSK(Pre Shared Key) &
SSID(Se...
ENTERPRISE MODE AUTHENTICATION
•
•

Based on IEEE 802.1x standard
Authentication performed between
:-

1. Client
2. Access...
WPA 2 KEY GENERATION
• 4 way handshake initiated by AP
• Confirms client’s knowledge of
PMK in personal mode & MK in
enter...
WPA 2 KEY GENERATION
• Install encryption and integrity
key

• Control port are unblocked
WPA2 ENCRYPTION
• Two Process happens
1. Data encryption
2. Data integrity

• AES is used in encryption & authentication i...
MESSAGE INTEGRITY CODE(MIC)
• IV(Initialization Vector) encrypted
with AES & TK to produce 128
bit result

• 128 bit resul...
WPA2 ENCRYPTION
• Counter mode algorithm encrypts
the data with MIC

• Initialize counter for first time or
increment coun...
WPA2 DECRYPTION
• It works in reverse using same algorithm for encryption the counter
value is derived.

• By using the co...
BENEFITS OF WPA2
• Provides solid wireless security model(RSN)
• Encryption accomplished by a block cipher
• Block cipher ...
WPA2 VULNERABILITIES

 Can’t stand in front of the physical layer attacks:
RF jamming
Data flooding
Access points fail...
PROCEDURES TO IMPROVE WIRELESS
SECURITY
 Use wireless intrusion prevention system (WIPS)
 Enable WPA-PSK
 Use a good pa...
FUTURE SCOPE
• A new standard IEEE 802.1W task group(TG) approved in
March,2005
 Main Goals
Improve security by protectin...
THANK YOU!
REFRENCES
• “Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2)”
Paul

By

Arana

• “The Evolution of 802.11 ...
Upcoming SlideShare
Loading in …5
×

Wireless security using wpa2

2,164 views

Published on

wireless security protocol using WPA 2

Published in: Education
  • Be the first to comment

Wireless security using wpa2

  1. 1. WIRELESS SECURITY USING WPA2 BY : TUSHAR ANAND KUMAR ECE-”D”, REGD. NO.: 1151016015
  2. 2. CONTENTS • Types of security in WLAN • Comparison of WEP,WPA,WPA2 • Evolution of wireless security standards • WPA 2 authentication ,encryption & decryption • Benefits & vulnerabilities • Solutions & conclusion
  3. 3. TYPES OF SECURITY IN WLAN • OPEN : No security configured X • WEP : Wired Equivalent privacy X • WPA: Wi-Fi Protected Access • WPA2: Advance Wi-Fi Protected Access
  4. 4. WIRELESS SECURITY STANDARDS
  5. 5. WPA2 OVERVIEW • Wi-Fi Protected Access 2 • Security standard developed by the Wi-Fi Alliance and is an implementation of IEEE’s 802.11i • Uses Advance Encryption Standard (AES) protocol • AES in Counter-Mode for encryption • AES in Cipher Block Chaining-Message Authentication Code (CBC-MAC) for integrity checking
  6. 6. WI-FI PROTECTED ACCESS 2 Table: two types of WPA2
  7. 7. COMPARING WEP, WPA ,and WPA 2
  8. 8. AUTHENTICATION Two types of authentication • Personal mode • Enterprise mode
  9. 9. PERSONAL MODE AUTHENTICATION • Authentication performed between client and access point • PSK(Pre Shared Key) & SSID(Service Set Identification) is used • AP generates 256 bit from plain text pass phrase • PMK(Pairwise Master Key) is generated after authentication
  10. 10. ENTERPRISE MODE AUTHENTICATION • • Based on IEEE 802.1x standard Authentication performed between :- 1. Client 2. Access Point 3. Authentication Server • After authentication MK(Master Key) Is generated
  11. 11. WPA 2 KEY GENERATION • 4 way handshake initiated by AP • Confirms client’s knowledge of PMK in personal mode & MK in enterprise mode • Pairwise Transient Key created at client’s • Fresh PTK is derived at AP 1. Key confirmation key 2. Key encryption key 3. Temporal key
  12. 12. WPA 2 KEY GENERATION • Install encryption and integrity key • Control port are unblocked
  13. 13. WPA2 ENCRYPTION • Two Process happens 1. Data encryption 2. Data integrity • AES is used in encryption & authentication is a block symmetric cipher • CCM is new mode of operation for block cipher • Two underlying modes of CCM  Counter mode(CTR) achieves data encryption  Cipher block chaining message authentication code(CBCMAC) to provide data integrity
  14. 14. MESSAGE INTEGRITY CODE(MIC) • IV(Initialization Vector) encrypted with AES & TK to produce 128 bit result • 128 bit result is XOR with next 128 bits of data • Result of XOR is continued until all IV are exhausted • At end,first 64 bits are used to produce MIC Figure :AES CBC-MAC
  15. 15. WPA2 ENCRYPTION • Counter mode algorithm encrypts the data with MIC • Initialize counter for first time or increment counter. • First 128 bits are encrypted using AES & TK to produce 128 bits. • XOR is performed on result and first message block to give an first encrypted block. • Repeat until all 128 bit of blocks has been encrypted. Figure: AES counter mode
  16. 16. WPA2 DECRYPTION • It works in reverse using same algorithm for encryption the counter value is derived. • By using the counter mode algorithm and TK , the MIC and decrypted data are found out. • The data is processed by CBC-MAC to recalculate MIC • If MIC does not match then packet is dropped otherwise data is sent to network stack and to client
  17. 17. BENEFITS OF WPA2 • Provides solid wireless security model(RSN) • Encryption accomplished by a block cipher • Block cipher used is Advanced Encryption Standard (AES) • IEEE 802.11i authentication and key management is accomplished by IEEE 802.1x standard • Key-caching • Pre-authentication
  18. 18. WPA2 VULNERABILITIES  Can’t stand in front of the physical layer attacks: RF jamming Data flooding Access points failure  Vulnerable to the Mac addresses spoofing
  19. 19. PROCEDURES TO IMPROVE WIRELESS SECURITY  Use wireless intrusion prevention system (WIPS)  Enable WPA-PSK  Use a good passphrase  Use WPA2 where possible  Change your SSID every so often  Wireless network users should use or upgrade their network to the latest security standard released
  20. 20. FUTURE SCOPE • A new standard IEEE 802.1W task group(TG) approved in March,2005  Main Goals Improve security by protecting the management frames and also being able to identify Spoofed management frames normally used to launch DoS attack
  21. 21. THANK YOU!
  22. 22. REFRENCES • “Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2)” Paul By Arana • “The Evolution of 802.11 Wireless Security” INF 795 - Kevin Benton • “Wireless LAN Security Issues and Solutions” by Pan Feng at 2012 IEEE Symposium on Robotics and Applications(ISRA) • Security Improvements of IEEE 802.11i 4-way Handshake Scheme by Xiaodong Zha and Maode Ma ©2010 IEEE

×