Don't forget that on Monday, May 21, INE begins our 5-Day CCNA Wireless course.
If you haven't signed up yet, there's still time to do so here.
The course will be streamed live, online here.
Look forward to seeing everyone on Monday.
The WiFi Alliance introduced Wi-Fi Protected Access (WPA) in 2003 as a replacement technology for WEP. WPA is based on the 802.11i draft version 3. This improved technology relies upon Temporal Key Integrity Protocol (TKIP) to automate the changing of keys. Remember that a huge issue for WEP was the single, static key in use. Interestingly, WPA uses the RC4 encryption algorithm like WEP; although Advanced Encryption Standard (AES) can also be used if desired.
WPA can be implemented using two authentication modes:
WPA Enterprise Mode features the following steps:
WPA was engineered to be implemented in devices that had previously only supported WEP. These devices (in most cases) merely required a firmware update in order to support the much stronger security protocol.
In this series of blog posts, we will examine WLAN security mechanisms in an even greater detail than in our popular 5-Day CCNA Wireless course. We will begin with one that is now considered legacy due to major weaknesses that were quickly discovered in its implementation.
This security mechanism receives the least coverage in the CCNA Wireless materials and exam, because, as we stated, it is indeed considered legacy. The official title for this technology is Preshared Key Authentication with Wired Equivalent Privacy. This name tells us a lot. We are not really truly authenticating someone using this approach, we are just ensuring that they possess a piece of information, the preshared key (password). Notice the Wired Equivalent Privacy portion of the name tells us that the creators of the technology were really trying to sell it to WLAN designers and implementers!
The WEP process consists of a series of steps as follows:
The big issue with WEP is the fact that it is very susceptible to a Man in the Middle attack. The attacker captures the clear-text challenge and then the authentication packet reply. The attacker then reverses the RC4 encryption in order to derive the static WEP key. Yikes!
As you might guess, the designers attempted to strengthen WEP using the approach of key lengths. The native Windows client supported a 104-bit key as opposed to the initial 40-bit key. The fundamental weaknesses in the WEP process still remained however.
We hope you are excited to learn more about the next generations WLAN security mechanisms that resulted...