{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Lecture 8 - wireless Part 2

Lecture 8 - wireless Part 2 - Understanding and Attacking...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
http://www.foundstone.com IX-1 © 2010 by Foundstone - All rights reserved. Duplication of this material is expressly prohibited Understanding and Attacking WPA Ultimate Hacking Wireless www.foundstone.com Copyright © 2010 McAfee, Inc. Understanding and Attacking WPA 9-2 Overview About WPA WPA Enterprise Authentication WPA Encryption Attacking WPA Authentication Attacking WPA Encryption EAP Attack surface www.foundstone.com Copyright © 2010 McAfee, Inc. Understanding and Attacking WPA 9-3 About WPA IEEE 802.11i (or IEEE 802.11-2007) head2right History Draft in 2003, ratified in 2004 Latest version is 802.11-2007 head2right Encryption Needed to address the issues in WEP » Introduced TKIP and AES RC4 – TKIP (Temporal Key Integrity Protocol) » Major improvement over WEP but still based on RC4 » Developed so that WEP devices could be easily upgraded AES – CCMP (Advanced Encryption Standard) » (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) » Complete redesign of encryption mechanisms » Developed to completely replace WEP and TKIP www.foundstone.com Copyright © 2010 McAfee, Inc. Understanding and Attacking WPA 9-4 About WPA IEEE 802.11i (or IEEE 802.11-2007) head2right WPA Certification by the WiFi Alliance Hastily released in 2003 to certify devices up to the current (at the time) 802.11i draft Implies at least TKIP support head2right WPA2 Certification by the WiFi Alliance Released in 2004 once the 802.11i draft was ratified Full compliance with the standard, support for AES and TKIP www.foundstone.com Copyright © 2010 McAfee, Inc. Understanding and Attacking WPA 9-5 About WPA TKIP and AES Security Improvements head2right RC4 – TKIP Increases the size of the Initialization Vector to 48-bit and the key size to 128-bit Message Integrity Check (MIC) within the frame Dynamic Key Rotation head2right AES – CCMP Complete redesign, no longer uses RC4 (uses AES) Re-keys automatically to derive new sets of temporal keys Uses Packet Number field as a counter to provide replay protection www.foundstone.com Copyright © 2010 McAfee, Inc.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}