Friday, March 2, 2018

Chapter 3 - Security Communications Brief

WPA and WPA2

It's important to remember that these are certifications by the WiFi Alliance and not from the 802.11 standard. This means that they validate that a device uses portions of the security that 802.11 provides. They both come in two forms, Personal and Enterprise. Personal is known as Pre Shared Key because it uses a PSK.

WPA has been depreciated and as such its use should be as well. It used TKIP/RC4 and again, as such, TKIP/RC4 should no longer be used either.

The Enterprise version of both WPA and WPA2 both use the 802.1x framework for authentication and key management. This framework has three primary components.
1.) Supplicant (Client STA)
2.) Authenticator (AP or Controller)
3.) Authentication Server (This is normally your RADIUS server)

The EAPoL protocol is used for communication between the Supplicant and Authenticator, and RADIUS is used between the Authenticator and the Authentication Server.

The process looks something like this

  • Client Authenticates and Associates to an AP
  • Open System Authentication takes place
  • EAP Authentication using the RADIUS server
  • 4-way handshake generates encryption keys for STA and AP
  • Encrypted communications commence.
Carpenter, Tom. CWAP: Certified Wireless Analysis Professional: Official study guide: Edition CWAP-402. Certitrek Publishing, 2016.


RADIUS - Remote Authentication Dial-In User Service

RADIUS Process
  1. Access Request - Username/Password or Certificate
  2. Access Challenge
  3. Access Accept/Reject

No comments:

Post a Comment