1 / 10

NETW 05A: APPLIED WIRELESS SECURITY 802.11i & Wi-Fi Protected Access

NETW 05A: APPLIED WIRELESS SECURITY 802.11i & Wi-Fi Protected Access. By Mohammad Shanehsaz Spring 2005. 802.11i. IEEE standards board approved the 802.11i security standard on Thursday, June 24, 2004.

lester
Download Presentation

NETW 05A: APPLIED WIRELESS SECURITY 802.11i & Wi-Fi Protected Access

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. NETW 05A: APPLIED WIRELESS SECURITY 802.11i & Wi-Fi Protected Access By Mohammad Shanehsaz Spring 2005

  2. 802.11i • IEEE standards board approved the 802.11i security standard on Thursday, June 24, 2004. • The new 802.11i standard, or WPA2, supports the 128-bit Advanced Encryption Standard (AES) • This new standard specifies use of Temporal Key Integrity Protocol (TKIP) and 802.1x/EAP with mutual authentication • 802.1x authentication and key-management features for the various 802.11 Wi-Fi flavors. • AES supports 128-bit, 192-bit and 256-bit keys. • Any wireless LAN equipment complying with this standard will require a hardware upgrade due to AES encryption

  3. Wi-Fi Protected Access (WPA) • Wi-Fi Protected Access was co-developed by the Wi-Fi Alliance and IEEE 802.11 Task Group 1 as an interim security solution while 802.11i task group addresses the details involved with securing wireless LANs • WPA was designed to run on existing hardware as a security upgrade firmware patch • The goals were strong data encryption through TKIP and mutual authentication through 802.1x/EAP solution • WPA v1.0 was a subset of the IEEE 802.11i standard • WPA2 is the name chosen by the Wi-Fi Alliance to identify IEEE 802.11i standard gear.

  4. Wi-Fi Protected Access (WPA) • WPA v1.0 did not include the following 802.11i items: • Secure IBSS (Independent Basic Service Set ad-hoc mode) • Secure fast handoff • Secure de-authentication and disassociation • Advanced Encryption Standard

  5. WPA Pre-Shared Key (PSK) • WPA PSK runs in SOHO environment where there is no authentication server and no EAP framework • Allows the use of manually entered keys or passwords and is designed to be easily implemented • All the home user needs to do is enter a password in their AP or home wireless gateway and each PC associated to the WI-Fi wireless networks, WPA takes over automatically from that point • Password keeps out eavesdroppers and starts TKIP encryption process

  6. WPA Mixed Mode Deployment • Useful in large networks with many clients with several types of authentications and encryption solutions in place during transition between legacy and leading edge security standards • Supports clients running both Wi-Fi protected access and original WEP security

  7. Deployment and Limitations • As part of the Wi-Fi product certification, the Alliance will initially allow vendors to ship units with WPA disabled, but easily enabled and configured • Now WPA is included as a mandatory part of Wi-Fi certification testing, devices must ship with WPA enabled, a user will have to configure a master key or authentication server

  8. Limitations • TKIP is built around WEP • Government deployments require that encryption technology be certified to comply with the Federal Information Processing Standard (FIPS) 140 standard published by National Institute of Standards and Technology (NIST) • These restrictions push manufacturers toward standardization on security solutions that implement data encryption through the use of 3DES or AES

  9. Resources • CWSP certified wireless security professional, from McGraw-Hill

More Related