Technical seminar Presentation

Wi-Fi Protected Access

National Institute of Science & Technology

Wi-Fi Protected Access

Presented by :
Swadhin Kumar Bohidar Roll#CS200117017

Under the Guidance of

Mr. Rabindra Kumar Shial

Presented By: Swadhin Kumar Bohidar [1/12]

 Technical seminar Presentation
Wi-Fi Protected Access
National Institute of Science & Technology

INTRODUCTION
• Brought by the Wi-Fi Alliance, working in
conjunction with the IEEE.
• Standards-based, interoperable security
specification
• Significantly increases the level of data
protection and access control for existing and
future wireless LAN systems

Presented By: Swadhin Kumar Bohidar [2/12]

 Technical seminar Presentation
Wi-Fi Protected Access
National Institute of Science & Technology

WPA at a Glance
• WPA is a subset of the 802.11i draft standard and
will maintain forward compatibility
• It addresses all known vulnerabilities in WEP to
ensure data authenticity on wireless LANs
• It provides an effective deterrent against almost all
known attacks.

Presented By: Swadhin Kumar Bohidar [3/12]

 Technical seminar Presentation
Wi-Fi Protected Access
National Institute of Science & Technology

WEP at a Glance
• Wired Equivalency Privacy, was intended to provide
wireless users with the same level of privacy inherent
in wired networks.
The WEP flaws :
• Weak Keys
• Initialization Vector (IV) Reuse
• Known plaintext attacks
• Denial of Service attacks

Presented By: Swadhin Kumar Bohidar [4/12]

 Technical seminar Presentation
Wi-Fi Protected Access
WPA: How It Works
National Institute of Science & Technology

WPA’s strength comes from

• An integrated sequence of operations that encompass 802.1X/EAP
authentication and
• Sophisticated key management and encryption techniques.
Its major operations include:
• Network security capability determination : This occurs at the
802.11 level and is communicated through WPA information
elements in Beacon, Probe Response, and (Re) Association
Requests.

continued…
Presented By: Swadhin Kumar Bohidar [5/12]
 Technical seminar Presentation
Wi-Fi Protected Access
WPA: How It Works (continued…)
National Institute of Science & Technology

• Authentication: EAP over 802.1X is used for authentication

• Key management: Keys are generated after successful
authentication and through a subsequent 4-way handshake
between the station and Access Point .
• Data Privacy (Encryption): TKIP is used to wrap WEP in
sophisticated cryptographic and security techniques to overcome
most of its weaknesses.
• Data integrity: TKIP includes a message integrity code (MIC) at
the end of each plaintext message to ensure messages are not being
spoofed.

Presented By: Swadhin Kumar Bohidar [6/12]

 Technical seminar Presentation
Wi-Fi Protected Access
National Institute of Science & Technology

Security mechanisms in WPA

• One of WEP’s chief weaknesses was that it used a
small static key to initiate encryption.
• WPA uses a greatly enhanced encryption scheme,
Temporal Key Integrity Protocol (TKIP).
• TKIP increases the size of the key from 40 to 128 bits
and replaces WEP’s single static key with keys that
are dynamically generated and distributed by the
authentication server.

Presented By: Swadhin Kumar Bohidar [7/12]

 Technical seminar Presentation
Wi-Fi Protected Access
National Institute of Science & Technology

Security mechanisms in WPA (continued…)

• Together with 802.1X/EAP authentication, TKIP
employs a key hierarchy that greatly enhances
protection.
• It also adds a Message Integrity Check (MIC,
sometimes called “Michael”) to protect against packet
forgeries.
• The Message Integrity Check (MIC) is designed to
prevent an attacker from capturing data packets,
altering them and resending them.

Presented By: Swadhin Kumar Bohidar [8/12]

 Technical seminar Presentation
Wi-Fi Protected Access
The Future: WPA2
National Institute of Science & Technology

• TKIP encryption, 802.1X/EAP authentication and PSK

technology in WPA are features that have been brought
forward from WPA2.
• Additionally, WPA2 provides a new, encryption scheme,
the Advanced Encryption Standard (AES).
• AES uses a mathematical ciphering algorithm that
employs variable key sizes of 128-, 192- or 256-bits.
• WPA2 offers a highly secure “mixed mode” that supports
both WPA and WPA2 client workstations.

Presented By: Swadhin Kumar Bohidar [9/12]

 Technical seminar Presentation
Wi-Fi Protected Access
National Institute of Science & Technology

Is It Perfect?
WPA, however, is not without its vulnerabilities.
• It is susceptible to denial of service (DoS) attacks.
• If the access point receives two data packets that fail
the Message Integrity Code (MIC) check within 60
seconds of each other then the network is under an
active attack .
• This may just prove that no single security tactic is
completely invulnerable. But WPA is a definite step
forward in WLAN security.

Presented By: Swadhin Kumar Bohidar [10/12]

 Technical seminar Presentation
Wi-Fi Protected Access
Conclusion
National Institute of Science & Technology

• As a subset of WPA2, WPA presents users with a

solution that is both forward- and backward-
compatible with present and future wireless
standards.
• It offers enterprise-grade protection and, most
importantly, it is available today.
• WPA allows users, whether they are at home or at
work, to enjoy all the mobility and flexibility that Wi-
Fi wireless computing has to offer, knowing that their
data is safely protected beyond the reach of intruders.

Presented By: Swadhin Kumar Bohidar [11/12]

 Technical seminar Presentation
Wi-Fi Protected Access
National Institute of Science & Technology

Presented By: Swadhin Kumar Bohidar [12/12]