2.2 – Wireless Security - Wireless Encryption

Questions and Answers

What is the primary reason for encrypting data transmitted over a wireless network?

• To reduce the amount of radio frequency interference.
• To improve the range of the wireless signal.
• To prevent unauthorized access and interception of data. (correct)
• To increase the speed of data transmission.

Which of the following is a key benefit of using WPA3 over WPA2 for wireless network security?

• Higher data transfer rates.
• Protection against brute-force attacks on pre-shared keys. (correct)
• Simpler setup and configuration.
• Wider compatibility with older wireless devices.

What does the message integrity check (MIC) provide in wireless communication?

• Compression of the data to reduce bandwidth usage.
• Encryption of the transmitted data.
• Verification that the data has not been altered during transmission. (correct)
• Authentication of the user connecting to the network.

In WPA2, what vulnerability exists concerning pre-shared keys (PSK)?

The four-way handshake can be captured and the hash cracked offline via brute force. (A)

Which authentication method used in WPA3 prevents the transmission of key information across the network?

Simultaneous Authentication of Equals (SAE) (C)

What type of encryption does WPA2 use?

AES with CCMP (C)

What is the function of the dragonfly handshake in the context of WPA3?

To derive a shared key without transmitting it across the network. (C)

Which of the following wireless authentication methods is typically used in enterprise environments?

802.1X (D)

Why is it important to authenticate users before they connect to a wireless network?

To ensure only authorized individuals access network resources and data. (C)

What is the name of the new type of block cipher mode introduced in WPA3?

GCMP (C)

What is the key exchange method used in WPA3 also known as?

Dragonfly handshake (B)

Which of the following is NOT a typical option for authentication on a wireless network?

WEP (C)

What is the significance of mutual authentication in WPA3?

It ensures both the access point and the user are verified. (B)

If an attacker captures the four-way handshake in a WPA2 network, what type of attack can they perform?

Brute-force attack (C)

What is the primary function of the RADIUS server in an enterprise wireless network?

To manage and centralize user authentication. (D)

Why is using a pre-shared key (PSK) at home considered less secure than using 802.1X in an enterprise environment?

All users on a home network share the same key, increasing the risk if the key is compromised. (B)

Which security protocol does WPA3 use to prevent attackers from capturing the hash and performing a brute-force attack?

SAE (B)

What does CCMP provide in WPA2?

Data confidentiality and message integrity check. (B)

What is the main advantage of using a different session key for each conversation on a WPA3 network, even when using the same pre-shared key?

It prevents attackers from decrypting multiple sessions if one key is compromised. (D)

Which of the following is the MOST important factor when choosing an authentication method for your wireless network?

The level of security required. (D)

Flashcards

Message Integrity Check (MIC)

Verifies data integrity in wireless communication, ensuring data remains unaltered during transmission.

WPA2

A security protocol introduced in 2004 for wireless networks, uses CCMP block cipher mode.

CCMP

Block cipher mode used by WPA2, providing data confidentiality and integrity check.

WPA3

Latest version of Wi-Fi Protected Access, introduced in 2018, uses GCMP for stronger encryption.

GCMP

Block cipher mode used in WPA3, offering stronger encryption than WPA2's CCMP.

Mutual Authentication

Method where both the access point and user authenticate each other before connection.

Simultaneous Authentication of Equals (SAE)

Key exchange method in WPA3 that creates session keys without transmitting key information.

Diffie-Hellman

Key exchange protocol allowing two parties to create a shared key over an insecure channel.

Dragonfly Handshake

Another name for the key exchange method used in WPA3.

Open System

Wireless network without required authentication.

WPA2/WPA3-Personal (PSK)

Wireless security setting for personal use, requiring a single pre-shared key.

Enterprise/802.1X

Wireless security for organizations, uses individual logins and a central authentication server.

Study Notes

• Wireless network security focuses on maintaining data confidentiality and ensuring authorized access.
• Authentication is required before connecting, often involving usernames, passwords, and multi-factor authentication.
• Encryption is crucial to protect data transmitted over the air, preventing eavesdropping.
• Message Integrity Check (MIC) verifies data integrity during wireless communication.

Wireless Encryption: WPA2

• Wi-Fi Protected Access version 2 (WPA2) was introduced in 2004.
• WPA2 uses a block cipher mode called CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) for data encryption.
• CCMP uses AES for encryption.
• CCMP provides data confidentiality and includes a message integrity check using CBC-MAC for verification.

Wireless Encryption: WPA3

• WPA3 was introduced in 2018 as a stronger encryption method.
• WPA3 uses a block cipher mode called GCMP (Galois/Counter Mode Protocol).
• GCMP is more robust than WPA2's CCMP.
• Similar to WPA2, WPA3 also employs AES for encryption.
• The message integrity check in WPA3 uses Galois Message Authentication Code (GMAC).

Authentication Methods

• In corporate environments, 802.1X authentication with individual usernames and passwords is common.
• Home networks often utilize pre-shared keys (PSK).

WPA2 Vulnerability With Pre-Shared Keys

• WPA2 has a security weakness related to pre-shared keys.
• A four-way handshake during WPA2 network connections can be intercepted.
• Interception allows attackers to capture a hash and perform offline brute force attacks to discover the pre-shared key.
• Once discovered, the attacker can access the wireless network.
• Brute-force attacks have become more efficient due to advancements in technology like faster GPUs and cloud-based password cracking.

WPA3 Enhanced Security

• WPA3 uses a mutual authentication method named Simultaneous Authentication of Equals (SAE) to enhance security with pre-shared keys.
• SAE ensures both the access point and the user are authenticated.
• Session keys are created without transmitting key information, eliminating the four-way handshake.
• The absence of a transmitted hash prevents brute force attacks.
• SAE is sometimes referred to as the dragonfly handshake

Authentication Options

• Open System: No authentication required, common in public spaces.
• WPA2/WPA3-Personal (PSK): Uses a single pre-shared key for all users.
• Enterprise/802.1X: Requires individual logins, using a backend authentication server like RADIUS.