Download presentation
Presentation is loading. Please wait.
1
IEEE i Dohwan Kim
2
Table of contents WEP WPA1 WPA2 Conclusion
3
Wireless network security
802.11 WEP 802.11i WPA1 At first, WEP is used as wireless network security. But WEP had serious problem, so IEEE working group make task group i. IEEE i make wireless network security protocols which are WPA1 and WPA2. WPA2
4
WEP (Wired Equivalent Privacy)
IEEE RC4, CRC-32 IV (initialization vector) : 24 bit WEP-40 – 64bit, WEP-104 – 128bit Static method Not recommend Alternative : dynamic WEP WEP is a security algorithm for IEEE wireless networks. WEP uses the stream cipher RC4 for confidentiality, and the CRC-32 checksum for integrity. Standard WEP-40 has 40 bit key and 24bit initialization vector. In WEP, RC4 generate key stream by using initialization vector and key. And cipher text is generated by calculating XOR between keystream and cipher text. But WEP is not recommended because WEP use static key. Recently, everyone can crack WEP key. Alternative is dynamic WEP. Dynamic WEP use dynamic key which is changed frequently. So dynamic WEP can prevent cracking.
5
WPA (Wi-Fi Protected Access)
Enterprise mode Authentication : IEEE 802.1x/EAP Encryption : TKIP/MIC Personal mode Authentication : PSK WPA means wi-fi protected access. WPA consists of enterprise mode and personal mode. In enterprise mode, WPA use IEEE 802.1x and EAP for authentication. In personal mode, WPA use PSK for authentication. And WPA use TKIP and MIC for encryption.
6
WPA - authentication IEEE 802.1x/EAP
In enterprise mode, WPA use IEEE 802.1x and EAP. IEEE 802.1x is authentication method for WPA in enterprise mode. And EAP means extensible authentication protocol. When device access to AP, AP access RADIUS server for authentication. Radius server means remote authentication dial-in user services, and it can decide authentication of user. IEEE 802.1x needs radius server, so this method can only use in enterprise.
7
WPA - authentication PSK (Pre Shared Keying) AP has pre-shared key.
If supplicant want access to AP, supplicant must know AP’s PSK. PSK means pre shared keying. In PSK, AP has pre-shared key. And if supplicant want access to AP, supplicant must know AP’s PSK.
8
WPA - encryption TKIP/MIC Difference from WEP Based on WEP
RC4 encryption Difference from WEP Master keys MIC TKIP is encryption method based on WEP. So TKIP use RC4 encryption. But TKIP has some differences from WEP. First, WEP has only one master key, but TKIP has several master keys by mixing key and initialization vector. Second, TKIP use MIC which means message integrity check.
9
WPA2 Enterprise mode Personal mode Authentication : IEEE 802.1x/EAP
Encryption : AES-CCMP Personal mode Authentication : PSK WPA2 is more robust than WPA1. WPA2 and WPA use same authentication, IEEE 802.1x and EAP in enterprise mode, and PSK in personal mode. But WPA2 use encryption which is AES-CCMP. WPA1’s TKIP is more robust than WEP, but TKIP is also limited to encrypt data. So AES-CCMP is used in WPA2.
10
WPA2 - encryption CCMP is encryption method based on AES.
AES is a type of symmetric cryptographic technique. CCMP is encryption method based on AES. AES is a type of symmetric cryptographic technique. This is figure about symmetric cryptographic technique.
11
WPA2 – encryption (AES) Low memory Easy implementation Robust
AES has many advantage. First, AES use low memory, and second, implementation of AES is easy. Moreover, AES is very robust. This figure show process of AES. In AES, there are 4 process such as sub bytes, shift rows, mix columns, and add round key.
12
Conclusion WEP and WPA1 (TKIP) is not recommended.
Drawback of AES is researched, so beyond AES receives attention. WEP and WPA1 is not recommended. 802.11i only recommend CCMP. And drawback of AES is researched, so beyond AES receives attention.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.