Chapter 11 - 02 - Understand Wireless Network Encryption Mechanisms - 02_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Wi-Fi Protected Access (WPA) Encryption O WPA s a security protocol defined by 802.11i standards; it uses a Temporal Key Integrity Protocol (TKIP) that utilizes the RC4 stream cipher encryption with 128-bit keys and 64-bit MIC integrity check to provide stronger encryption and authentication O WPA uses TKIP to eliminate the weaknesses of WEP by including per-packet mixing functions, message integrity checks, extended initialization vectors, and re-keying mechanisms Data to Transmit iH | Temporal EncryptionKey |J :: N = H | Workes 2 |H owsou " TSC(IV + EIV) H | A Key v How WPA - H s FLCITTTTITTERY, > : o Michael |....... Algorithm s P > MSDU + MIC an— » CRC32 e.............. Copyright © by uncil Al Rights Reserved. Reproductionis Strictly Prohibited. Wi-Fi Protected Access (WPA) Encryption Wi-Fi Protected Access (WPA) is a security protocol defined by the 802.11i standard. In the past, the primary security mechanism used between wireless APs and wireless clients was WEP encryption, which has a major drawback in that it uses a static encryption key. An attacker can exploit this weakness using tools that are freely available on the Internet. IEEE defines WPA as “an expansion to the 802.11 protocols that can allow for increased security.” Nearly every Wi-Fi manufacturer provides WPA. WPA has better data encryption security than WEP because messages pass through a Message Integrity Check (MIC) using the Temporal Key Integrity Protocol (TKIP), which utilizes the RC4 stream cipher encryption with 128-bit keys and 64-bit MIC to provide strong encryption and authentication. WPA is an example of how 802.11i provides stronger encryption and enables pre-shared key (PSK) or EAP authentication. WPA uses TKIP for data encryption, which eliminates the weaknesses of WEP by including per-packet mixing functions, MICs, extended IVs and re-keying mechanisms. How WPA Works = A TK, transmit address, and TKIP sequence counter (TSC) are used as input to the RC4 algorithm to generate a keystream. o The IV or TK sequence, transmit address or MAC destination address, and TK are o This key is then combined with RC4 to produce the keystream, which should be of the same length as the original message. combined with a hash function or mixing function to generate a 128-bit and 104-bit key. Module 11 Page 1433 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 = The MAC service data unit (MSDU) and message integrity check (MIC) are combined using the Michael algorithm. * The combination of MSDU and MIC is fragmented to generate the MAC protocol data unit (MPDU). = A 32-bit ICV is calculated for the MPDU. = The combination of MPDU and ICV is bitwise XORed with the keystream to produce the encrypted data. = The IVis added to the encrypted data to generate the MAC frame. Data to Transmit [ g Tscoveem ] >wing i ol N...................................... _ (““““““r“] MPDU SO IV SRRy L _— tation v Check g iiiiininnas XOR Algorithm ?...................................................................... V @ | v P e o [ Keystream ] [ Mac Header