Академический Документы
Профессиональный Документы
Культура Документы
By The Cable Guy The original IEEE 802.11 standard provided the following set of security features to secure wireless LAN communication:
y y y
Two different authentication methods: Open system and shared key The Wired Equivalent Privacy (WEP) encryption algorithm An Integrity Check Value (ICV), encrypted with WEP, which provided data integrity
Over time, these security features proved to be insufficient to protect wireless LAN communication in common scenarios. To address the security issues of the original IEEE 802.11 standard, the following additional technologies are used:
The IEEE 802.1X Port-Based Network Access Control standard is an optional method for authenticating 802.11 wireless clients. IEEE 802.1X provides per-user identification and authentication, extended authentication methods, and, depending on the authentication method, encryption key management dynamic, per-station or per-session key management and rekeying.
Wi-Fi Protected Access (WPA) is an interim standard adopted by the Wi-Fi Alliance to provide more secure encryption and data integrity while the IEEE 802.11i standard was being ratified. WPA supports authentication through 802.1X (known as WPA Enterprise) or with a preshared key (known as WPA Personal), a new encryption algorithm known as the Temporal Key Integrity Protocol (TKIP), and a new integrity algorithm known as Michael. WPA is a subset of the 802.11i specification.
The IEEE 802.11i standard formally replaces Wired Equivalent Privacy (WEP) and the other security features of the original IEEE 802.11 standard. WPA2 is a product certification available through the Wi-Fi Alliance that certifies wireless equipment as being compatible with the 802.11i standard. The goal of WPA2 certification is to support the additional mandatory security features of the 802.11i standard that are not already included for products that support WPA. Like WPA, WPA2 offers both Enterprise and Personal modes of operation. Windows Vista, Windows XP with SP3, and Windows Server 2008 support WPA2. For WPA2 support in Windows XP with SP2, install the Wireless Client Update for Windows XP with Service Pack 2. This article describes the features of WPA2 security and the support for WPA2 included with Windows XP SP3 and the Wireless Client Update for Windows XP with SP2.
WPA2 authentication
For WPA2 Enterprise, WPA2 requires authentication in two phases; the first is an open system authentication and the second uses 802.1X and an Extensible Authentication Protocol (EAP) authentication method. For environments without a Remote Authentication Dial-In User Service (RADIUS) infrastructure such as small office/home office (SOHO) networks, WPA2 Personal supports the use of a preshared key (PSK).
WPA2 key management Like WPA, WPA2 requires the determination of a mutual pairwise master key (PMK) based on the EAP or PSK authentication processes and the calculation of pairwise transient keys through a 4-way handshake. For more information, see Wi-Fi Protected Access Data Encryption and Integrity.
Advanced Encryption Standard WPA2 requires support for the Advanced Encryption Standard (AES) using the Counter Mode-Cipher Block Chaining (CBC)-Message Authentication Code (MAC) Protocol (CCMP). AES Counter Mode is a block cipher that encrypts 128-bit blocks of data at a time with a 128-bit encryption key. The CBC-MAC algorithm produces a message integrity code (MIC) that provides data origin authentication and data integrity for the wireless frame. A Packet Number field included in the WPA2-protected wireless frame and incorporated into the encryption and MIC calculations provides replay protection. AES encryption meets the Federal Information Processing Standard (FIPS) 140-2 requirement.
PMK Caching
As a wireless client roams from one wireless AP to another, it must perform a full 802.1X authentication with each wireless AP. WPA2 allows the wireless client and the wireless AP to cache the results of a full 802.1X authentication so that if a client roams back to a wireless AP with which it has previously authenticated, the wireless client needs to perform only the 4-way handshake and determine new pairwise transient keys. In the Association Request frame, the wireless client includes a PMK identifier that was determined during the initial authentication and stored with both the wireless client and wireless AP's PMK cache entries. PMK cache entries are stored for a finite amount of time, as configured on the wireless client and the wireless AP. To make the transition faster for wireless networking infrastructures that use a switch that acts as the 802.1X authenticator, the WPA2/WPS IE Update calculates the PMK identifier value so that the PMK as determined by the 802.1X authentication with the switch can be reused when roaming between wireless APs that are attached to the same switch. This practice is known as opportunistic PMK caching. For information about controlling PMK caching behavior with registry values, see The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) update for Windows XP with Service Pack 2 is available.
Preauthentication
With preauthentication, a WPA2 wireless client can optionally perform 802.1X authentications with other wireless APs within its range, while connected to its current wireless AP. The wireless client sends preauthentication traffic to the additional wireless AP over its existing wireless connection. After preauthenticating with a wireless AP and
storing the PMK and its associated information in the PMK cache, a wireless client that connects to a wireless AP with which it has preauthenticated needs to perform only the 4-way handshake. WPA2 clients that support preauthentication can only preauthenticate with wireless APs that advertise their preauthentication capability in Beacon and Probe Response frames. For information about controlling preauthentication behavior with registry values, see The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) update for Windows XP with Service Pack 2 is available.
y y y
When you are connected to a WPA2-capable wireless network, the type of network is displayed as WPA2 in the Choose a wireless network dialog box. The following figure shows an example.
If your browser does not support inline frames, click here to view on a separate page. On the Association tab for the properties of a wireless network, the Network Authentication drop-down box has the additional options: WPA2 (for WPA2 Enterprise) and WPA2-PSK (for WPA2 Personal). These options will be present only if the wireless network adapter and its driver support WPA2.
The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) update for Windows XP with Service Pack 2 is available
To continue receiving security updates for Windows, make sure you're running Windows XP with Service Pack 3 (SP3). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows
On This Page
y y y o o o o o
SUMMARY INTRODUCTION MORE INFORMATION Important information about this update WPA2 Registry values that control preauthentication and PMK caching PMKCacheMode PMKCacheTTL PMKCacheSize PreAuthMode PreAuthThrottle Wireless Provisioning Services Information Element (WPS IE) Additional changes in the WPA2/WPS IE Update <style>#tocTitle, #tocDiv{display: none;}</style> Expand all | Collapse all SUMMARY
This article describes the Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) Update. You can install this update on a computer that is running Windows XP with Service Pack 2. The update supports the additional mandatory security features of the IEEE 802.11i standard that are not already included for products that support WPA. Additionally, after you install the update, Windows XP will display previously hidden Service Set Identifiers (SSIDs) in the Choose A Wireless Network dialog box. This functionality makes it easier for you to connect to public Wi-Fi networks to which you have not previously connected. Back to the top INTRODUCTION
The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) Update for computers that are running Microsoft Windows XP with Service Pack 2 (SP2) is available. This update enhances the Windows XP wireless client software with support for the new Wi-Fi Alliance certification for wireless security. The update also makes it easier to connect to secure public spaces that are equipped with wireless Internet access. These locations are otherwise known as "Wi-Fi hotspots." Back to the top MORE INFORMATION
WPA2
WPA2 is a product certification that is available through the Wi-Fi Alliance. WPA2 certifies that wireless equipment is compatible with the IEEE 802.11i standard. The WPA2 product certification formally replaces Wired Equivalent Privacy (WEP) and the other security features of the original IEEE 802.11 standard. The goal of WPA2 certification is to support the additional mandatory security features of the IEEE 802.11i standard that are not already included for products that support WPA.
y y
WPA2 Enterprise using IEEE 802.1X authentication and WPA2 Personal using a preshared key (PSK). The Advanced Encryption Standard (AES) using the Counter Mode-Cipher Block Chaining (CBC)Message Authentication Code (MAC) Protocol (CCMP) that provides data confidentiality, data origin authentication, and data integrity for wireless frames.
The optional use of Pairwise Master Key (PMK) caching and opportunistic PMK caching. In PMK caching, wireless clients and wireless access points cache the results of 802.1X authentications. Therefore, access is much faster when a wireless client roams back to a wireless access point to which the client already authenticated.
The optional use of preauthentication. In preauthentication, a WPA2 wireless client can perform an 802.1X authentication with other wireless access points in its range when it is still connected to its current wireless access point.
You must use the WPA2/WPS IE Update together with the following:
y y y
Wireless access points that support WPA2. Wireless network adaptors that support WPA2. Windows XP wireless network adaptor drivers that support the passing of WPA2 capabilities to Windows Wireless Auto Configuration.
When you are connected to a WPA2 capable wireless network, the type of network is displayed as WPA2 in the Choose A Wireless Network dialog box.
On the Association tab for the properties of a wireless network, the Network Authentication list has the following additional options:
o o
Note These options are not present if the wireless network adaptor driver does not support WPA2.
For more information about WPA2 security features, see the "Wi-Fi Protected Access 2 (WPA2) Overview" topic at the following Microsoft Web site: http://technet.microsoft.com/en-us/library/bb878054.aspx Back to the top
y y y y y
PMKCacheMode
Value type: REG_DWORD - Boolean Valid range: 0 (disabled), 1 (enabled) Default value: 1 Present by default: No Description: Specifies whether a Windows XP-based wireless client will perform PMK caching. By default, PMKCacheMode is enabled.
PMKCacheTTL
Value type: REG_DWORD Valid range: 5-1440 Default value: 720 Present by default: No Description: Specifies the number of minutes that an entry in the PMK cache can exist before being removed. The maximum value is 1440 (24 hours). The default value is 720 (12 hours).
PMKCacheSize
Value type: REG_DWORD Valid range: 1-255 Default value: 100 Present by default: No Description: Specifies the maximum number of entries that can be stored in the PMK cache. By default, the PMK cache has 16 entries.
PreAuthMode
Value type: REG_DWORD - Boolean Valid range: 0 (disabled), 1 (enabled) Default value: 0 Present by default: No Description: Specifies whether a Windows XP-based wireless client will try preauthentication. By default, PreAuthMode is disabled.
PreAuthThrottle
Value type: REG_DWORD Valid range: 1-16 Default value: 3 Present by default: No Description: Specifies the number of top candidate wireless access points with which the Windows XP-based
computer will try preauthentication. The value is based on the ordered list of the most favored wireless access points, as reported by the wireless network adaptor driver. By default, PreAuthThrottle has a value of 3. Note Changes to any one or more of these registry entry values do not take effect until the next time that you restart the wireless service or the next time that you restart the computer. Back to the top
Note Wireless network names are also known as Service Set Identifiers (SSIDs).
Some wireless access points that are available today can advertise multiple SSIDs and support multiple logical network configurations at the same time. However, because of hardware limitations, the vast majority of the wireless access points that are deployed today in public Wi-Fi hotspots only permit one SSID to be included in the broadcast Beacon and Probe Response frames. This behavior effectively hides secondary SSIDs from wireless client computers. Therefore, it is much more difficult for you to discover and connect to public Wi-Fi network names that you have not previously connected to. Without wireless AP support to advertise multiple SSIDs in broadcast Beacon and Probe Response frames, the additional wireless networks must either be implemented by using an additional set of physical wireless access points, or users must manually configure their wireless clients by using the names of hidden SSIDs. The implementation of an additional set of wireless access points is not cost effective for WISPs. The manual configuration of wireless clients is difficult for customers, and does not scale to a large WISP network.
The WPS IE is a newly defined 802.11 information element that solves the hidden SSID problem for WISPs. The WPS IE also provides a way for wireless access points to advertise additional SSIDs in the broadcast Beacon and Probe Request frames. The WPS IE includes the SSID and additional details, such as:
y y
Whether IEEE 802.1X authentication is required. Whether the wireless network can provide provisioning information to the wireless client.
The WPS IE must be included in the broadcast Beacon and Probe Request frames, and must be recognized and processed by wireless client computers. Frequently, you can add WPS IE support to wireless access points through a firmware update. Therefore, you typically do not have to replace existing wireless access points or install additional ones. Verify with your wireless AP vendor documentation or your vendor's Web site to determine whether a firmware update for your wireless AP is available. For a Windows XP with SP2based wireless client, you must install the WPA2/WPS IE Update.
When you install the WPA2/WPS IE Update on wireless client computers that are running Windows XP with SP2, the wireless components of Windows XP recognize the WPS IE in the broadcast Beacon or Probe Response frames. This functionality makes the previously hidden SSIDs visible to the user in the Choose A Wireless Network dialog box. Windows XP-based wireless client computers without the WPA2/WPS IE Update installed do not recognize the WPS IE and do not display the hidden SSIDs.
To successfully deploy support for the WPS IE, you must have the following:
Wireless access points that support the configuration of additional SSIDs and their advertisement with the WPS IE. For example, Cisco has released firmware updates for its wireless access points to support the new WPS IE. For information, visit the following Cisco Web site:
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps430/prod_bulletin0900aecd801b83b 0_ps6087_Products_Bulletin.html
Wireless client computers that are running Windows XP with SP2 and the WPA2/WPS IE Update.
After the update is deployed, the use of the WPS IE provides the following benefits:
Enables easy and cost-effective migration from nonsecure public Wi-Fi hotspot wireless connections to secure public Wi-Fi hotspot wireless connections. The secure public Wi-Fi hotspots must use 802.1X authentication, encryption, and Wireless Provisioning Services (WPS) to provision wireless settings, using the same set of wireless access points.
Lets wireless users easily discover and choose whether they want nonsecured or secured wireless connections. Additionally, wireless users can quickly configure wireless settings.
For more information about WPS, see the "Deploying Wireless Provisioning Services (WPS) Technology" white paper. To download the white paper, visit the following Microsoft Web site: http://go.microsoft.com/fwlink/?LinkId=42996
Windows XP now prompts you to validate whether you want to create a nonsecured preferred wireless network. Nonsecured is defined as an Open system authenticated connection that does not use encryption to help protect data. Additionally, when connected to a nonsecured wireless network, the wireless network is displayed with the label Unsecured. These changes were added to make sure that you are aware that you are connecting to a wireless network that is susceptible to security attacks.
The Choose A Wireless Network dialog box in Windows XP with SP2 merged infrastructure and ad-hoc networks by using the same wireless network name so that only one appeared in the list of available networks. This issue has been corrected. With the update installed, the Choose A Wireless Network dialog box now displays both types of wireless networks in the available networks list as separate entries.
The static provisioning interface API for Wireless Provisioning Services (WPS) has been updated so that you can specify WPA2 as an authentication method. For more information about this API, visit the following Microsoft Web site:
http://msdn2.microsoft.com/en-us/library/ms940173.aspx
Previously, there was a one-minute connection delay when you started the computer if you connected to a WPS-provisioned wireless network. This issue has been corrected.
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
By The Cable Guy Wi-Fi Protected Access (WPA), as described in the Wi-Fi Protected Access (WPA) Overview Cable Guy article, is an interim industry standard that makes 802.11 wireless LAN networking secure through a firmware upgrade to 802.11-based wireless network adapters and wireless access points (APs). WPA replaces Wired Equivalent Privacy (WEP) with the combination of the Temporal Key Integrity Protocol (TKIP), which provides data confidentiality through encryption, and Michael, which provides data integrity. This article describes the details of TKIP and Michael and the WPA encryption and decryption processes.
Weak data integrity WEP data integrity consists of performing the Cyclic Redundancy Check-32 (CRC-32) checksum calculation on the bytes in the unencrypted 802.11 payload and then encrypting its value with WEP. Even encrypted, it is relatively easy to change bits in the encrypted payload and then properly update the encrypted CRC32 result, preventing the receiving node from detecting that the frame contents have changed.
Uses the master key rather than a derived key The WEP encryption key, either manually configured or determined through 802.1X authentication, is the only available keying material. Therefore, the WEP encryption key is the master key. Using the master key to encrypt data is less secure than using a key derived from the master key.
No rekeying WEP does not provide for a method to refresh the encryption keys.
No replay protection WEP does not provide any protection against replay attacks, in which an attacker sends a series of previously captured frames in an attempt to gain access or modify data.
The following table shows how TKIP and Michael address the cryptographic weaknesses of WEP.
How weakness is addressed by WPA In TKIP, the IV has been doubled in size to 48 bits. The WEP-encrypted CRC-32 checksum calculation has been replaced with Michael, an algorithm that is designed to provide strong data integrity. The Michael algorithm calculates a 64-bit message integrity code (MIC) value, which is encrypted with TKIP. TKIP and Michael use a set of temporal keys that are derived from a master key and other values. The master key is derived from the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) or Protected EAP (PEAP) 802.1X authentication process. Additionally, the secret portion of the input to the RC4 PRNG is changed with each frame through a packet mixing function. WPA rekeys automatically to derive new sets of temporal keys. TKIP uses the IV as a frame counter to provide replay protection.
y y y y
To derive the pairwise temporal keys, WPA uses the following values: Pairwise Master Key (PMK) A 256-bit key derived from the EAP-TLS or PEAP authentication process. Nonce 1 A random number determined by the wireless AP. MAC 1 The MAC address of the wireless AP. Nonce 2 A random number determined by the wireless client. MAC 2 The MAC address of the wireless client.
y y y y y
For 802.1X authentication using a RADIUS server, the PMK is mutually determined by the wireless client and the RADIUS server, which conveys the PMK to the wireless AP in the RADIUS Access-Accept message. After receiving the PMK, the wireless AP initiates the temporal key message exchange, which consists of the following: 1. EAPOL-Key message sent by the wireless AP that contains Nonce 1 and MAC 1. Because the temporal unicast keys are not yet determined, this message is sent as clear text and without message integrity protection. The wireless client now has all the elements needed to calculate the pairwise temporal keys. 2. EAPOL-Key message sent by the wireless client that contains Nonce 2, MAC 2, and a MIC. Because the wireless client has calculated the pairwise temporal keys, it calculates a MIC using the derived EAPOL-Key integrity key. The wireless AP uses the Nonce 2 and MAC 2 values to derive the pairwise temporal keys and to validate the value of the MIC.
3.
EAPOL-Key message sent by the wireless AP that contains a MIC and a starting sequence number, indicating that the wireless AP is ready to start sending encrypted unicast and EAPOL-Key frames.
4.
EAPOL-Key message sent by the wireless client that contains a MIC and a starting sequence number, indicating that the wireless client is ready to start sending encrypted unicast and EAPOL-Key frames.
This set of messages exchanges the values needed to determine the pairwise temporal keys, verifies that each wireless peer has knowledge of the PMK (by verifying the value of the MIC), and indicates that each wireless peer is ready to begin encrypting and providing message integrity protection for subsequent unicast data frames and EAPOL-Key messages. For multicast and broadcast traffic, the wireless AP derives a 128-bit group encryption key and a 128-bit group integrity key and sends these values to the wireless client using an EAPOL-Key message, encrypted with the EAPOL-Key encryption key and integrity-protected with the EAPOL-Key integrity key. The wireless client acknowledges the receipt of the EAPOL-Key message with an EAPOL-Key message.
y y y y y
The following figure shows the WPA encryption process for a unicast data frame.
If your browser does not support inline frames, click here to view on a separate page. 1. The IV, the DA, and the data encryption key are input into a WPA key mixing function, which calculates the per-packet encryption key. 2. The DA, SA, Priority, the data (the unencrypted 802.11 payload), and the data integrity key are input into the Michael data integrity algorithm to produce the MIC. 3. 4. The ICV is calculated from the CRC-32 checksum. The IV and per-packet encryption key are input into the RC4 PRNG function to produce a key stream that is the same size as the data, the MIC, and the ICV. 5. The key stream is exclusively ORed (XORed) with the combination of the data, the MIC, and the ICV to produce the encrypted portion of the 802.11 payload. 6. The IV is added to the encrypted portion of the 802.11 payload in the IV and Extended IV fields, and the result is encapsulated with the 802.11 header and trailer. The following figure shows the WPA decryption process for a unicast data frame.
If your browser does not support inline frames, click here to view on a separate page. 1. The IV value is extracted from the IV and Extended IV fields in the 802.11 frame payload and input along with the DA and data encryption key into the key mixing function, producing the per-packet encryption key. 2. The IV and the per-packet encryption key are input into the RC4 PRNG function to produce a key stream that is the same size as the encrypted data, MIC, and ICV.
3.
The key stream is XORed with the encrypted data, MIC, and ICV to produce the unencrypted data, MIC, and ICV.
4.
The ICV is calculated and compared to the value of the unencrypted ICV. If the ICV values do not match, the data is silently discarded.
5.
The DA, SA, data, and the data integrity key are input into the Michael integrity algorithm to produce the MIC.
6.
The calculated value of the MIC is compared to the value of the unencrypted MIC. If the MIC values do not match, the data is silently discarded. If the MIC values match, the data is passed to the upper networking layers for processing.
By The Cable Guy The original IEEE 802.11 standard provided the following set of security features to secure wireless LAN communication: Two different authentication methods: Open system and shared key The Wired Equivalent Privacy (WEP) encryption algorithm An Integrity Check Value (ICV), encrypted with WEP, which provides data integrity
y y y
Eventually, these original security features would not be sufficient to protect wireless LAN communication in some common scenarios especially large traffic volume environments. The original 802.11 standard has the following security issues: No per-user identification and authentication No support for extended authentication methods (for example, token cards, certificates/smart cards, onetime passwords, biometrics, and so on)
y y y
No support for key management dynamic, per-station or per-session key management and rekeying
To resolve these issues, the IEEE 802.1X Port-Based Network Access Control standard was adopted as an optional mechanism to provide authentication for 802.11 wireless LANs. With 802.1X authentication, the following is supported: Per-user identification and authentication 802.1X uses Extensible Authentication Protocol (EAP), which enforces user-level authentication. In a Windows environment, authentication uses the credentials of a user or computer account in Active Directory.
Support for extended authentication methods (for example, token cards, certificates/smart cards, onetime passwords, biometrics, and so on)
EAP provides an infrastructure to support arbitrary authentication methods. Windows wireless networking supports EAP-Transport Level Security (EAP-TLS) for certificate and smart card-based authentication and Protected EAP-Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MS-CHAP v2) for password-based authentication.
Support for key management dynamic, per-station or per-session key management and rekeying The EAP-TLS and PEAP-MS-CHAP v2 authentication processes derive mutually-determined unicast encryption keys. The unicast encryption key is changed periodically either by the wireless access point (AP) or by the Windows wireless client. Key determination attacks can be prevented through frequent rekeying.
The combination of IEEE 802.11, 802.1X, and the use of either EAP-TLS or PEAP-MS-CHAP v2 authentication provides secure wireless networking in a Windows environment. IEEE 802.11i is a new standard that specifies improvements to wireless LAN networking security and addresses many of the security issues of the original 802.11 specification. While the new IEEE 802.11i standard was being ratified, wireless vendors agreed on an interoperable interim standard known as Wi-Fi Protected Access (WPA). The goals of WPA are the following: To require secure wireless networking As described later in this article, WPA requires secure wireless networking by requiring 802.1X authentication, the use of encryption, and the use of unicast and global encryption key management.
To address the issues with WEP encryption through a software upgrade WPA solves all the remaining security issues with WEP encryption. As discussed later in this article, WPA requires firmware updates in wireless equipment and an update for wireless clients. Existing wireless equipment is not expected to require replacement.
To provide a secure wireless networking solution for small office/home office (SOHO) wireless users For the SOHO, there is no RADIUS server to provide 802.1X authentication with an EAP type. SOHO wireless clients must use either shared key authentication (not recommended) or open system authentication (recommended) with a single static WEP key for both unicast and multicast traffic. WPA provides a preshared key option intended for SOHO configurations. The preshared key is configured on the wireless AP and each wireless client. The initial unicast encryption key is derived from the authentication process, which verifies that both the wireless client and the wireless AP have the preshared key.
To be forward-compatible with the upcoming IEEE 802.11i standard WPA is a subset of the security features in the proposed IEEE 802.11i standard. There are no features of WPA that are not described in the current draft of the 802.11i standard.
To be available today. WPA upgrades to wireless equipment and for wireless clients were available beginning in February, 2003.
On This Page
y y y
Features of WPA Security Changes Required to Support WPA For More Information
The following sections describe the features of WPA security. WPA Authentication With 802.11, 802.1X authentication is optional. With WPA, 802.1X authentication is required. Authentication with WPA is a combination of open system and 802.1X authentication, which uses two phases: The first phase uses open system authentication and indicates to the wireless client that it can send frames to the wireless AP.
y y
For environments without a RADIUS infrastructure, WPA supports the use of a preshared key. For environments with a RADIUS infrastructure, WPA supports EAP and RADIUS. WPA Key Management With 802.1X, rekeying of unicast encryption keys is optional. Additionally, 802.11 and 802.1X provide no mechanism to change the global encryption key that is used for multicast and broadcast traffic. With WPA, rekeying of both unicast and global encryption keys is required. The Temporal Key Integrity Protocol (TKIP) changes the unicast encryption key for every frame and each change is synchronized between the wireless client and the wireless AP. For the global encryption key, WPA includes a facility for the wireless AP to advertise changes to the connected wireless clients. Temporal Key Integrity Protocol (TKIP) For 802.11, WEP encryption is optional. For WPA, encryption using TKIP is required. TKIP replaces WEP with a new encryption algorithm that is stronger than the WEP algorithm, yet can be performed using the calculation facilities present on existing wireless hardware. TKIP also provides for: The verification of the security configuration after the encryption keys are determined. The synchronized changing of the unicast encryption key for each frame. The determination of a unique starting unicast encryption key for each preshared key authentication.
y y y
Michael
With 802.11 and WEP, data integrity is provided by a 32-bit ICV that is appended to the 802.11 payload and encrypted with WEP. Although the ICV is encrypted, it is possible through cryptanalysis to change bits in the encrypted payload and update the encrypted ICV without being detected by the receiver. With WPA, a method known as Michael specifies a new algorithm that calculates an 8-byte message integrity code (MIC) with the calculation facilities available on existing wireless hardware. The MIC is placed between the data portion of the 802.11 frame and the 4-byte ICV. The MIC field is encrypted along with the frame data and the ICV. Michael also provides replay protection. A new frame counter in the 802.11 frame is used to prevent replay attacks. AES Support WPA defines the use of AES as an additional optional replacement for WEP encryption. Because adding AES support through a firmware update might not be possible for existing wireless equipment, support for AES on wireless network adapters and wireless APs is not required. Supporting a mixture of WPA and WEP wireless clients To support the gradual transition of a WEP-based wireless network to WPA, it is possible for a wireless AP to support both WEP and WPA clients at the same time. During the association, the wireless AP determines which clients are using WEP and which are using WPA. The disadvantage to supporting a mixture of WEP and WPA clients is that the global encryption key is not dynamic. All other security enhancements for WPA clients are preserved.
y y
Changes to wireless APs Wireless APs must have their firmware updated to support the following: The new WPA information element To advertise their capability to perform WPA, wireless APs send the beacon frame with a new 802.11 WPA information element that contains the wireless AP's security configuration (encryption algorithms, and so on).
y y y y
The WPA two-phase authentication: Open system followed by 802.1X (EAP with RADIUS or WPA preshared key) TKIP Michael AES (optional)
To upgrade your wireless APs to support WPA, you can obtain a WPA firmware update from your wireless AP vendor and upload it to your wireless APs. Changes to wireless network adapters Wireless network adapters must have their firmware updated to support the following: The new WPA information element Wireless clients must be able to process the WPA information element in beacon frames and respond with a specific security configuration.
y y y y
The WPA two-phase authentication: Open system followed by 802.1X (EAP or WPA preshared key) TKIP Michael AES (optional)
To upgrade your wireless network adapters to support WPA, you must upload a WPA firmware update to your wireless network adapter. For Windows wireless clients, you must obtain an updated network adapter driver that supports WPA. For wireless network adapter drivers that are compatible with Windows XP with Service Pack 2 (SP2), Windows XP with Service Pack 1 (SP1), and Windows Server 2003, the updated network adapter driver must be able to pass the adapter's WPA capabilities and security configuration to Windows Wireless Auto Configuration. Microsoft has worked with many wireless vendors to embed the WPA firmware update within the wireless adapter driver. Because of this, updating your Windows wireless client consists of simply obtaining the new WPA-compatible driver and installing it. The firmware is automatically updated when the wireless network adapter driver is loaded into Windows. Changes to wireless client software Wireless client software must be updated to allow for the configuration of WPA authentication (including preshared key) and the new WPA encryption algorithms (TKIP and AES). You must obtain and install a new WPA-compliant configuration tool from your wireless network adapter vendor for wireless clients running the following: Windows 2000
Windows XP with SP2, Windows XP with SP1, and Windows Server 2003, and using a wireless network adapter that does not support the Wireless Auto Configuration
WPA support is provided with Windows XP SP2. For wireless clients running Windows XP with SP1 or Windows Server 2003, and using a wireless network adapter that supports the Wireless Auto Configuration, you must obtain and install the WPA Wireless Security Update in Windows XP a free download from Microsoft. The WPA Wireless Security Update updates the wireless network configuration dialog boxes to support new WPA options. The following figure shows the Association tab for the properties of a wireless network in Windows XP with SP1 and Windows Server 2003. To view the Association tab, obtain the properties of the wireless network adapter in the Network Connections folder, and then click the Wireless Networks tab. Either click a wireless network in the list of available networks, and then click Configure or click a wireless network in the list of preferred networks, and then click Properties.
In the Wireless network key (WEP) section of the Association tab, the first two check boxes are: Data encryption (WEP enabled) This setting enables or disables WEP encryption. By default, WEP encryption is enabled.
Network Authentication (Shared mode) When selected, shared key authentication is performed. When cleared, open system authentication is performed. By default, open system authentication is performed.
Installing Windows XP SP2 or the WPA Wireless Security Update changes the Association tab, as shown in the following figure.
The Wireless network key (WEP) section is now named Wireless network key and the two check boxes previously described are replaced with drop-down boxes. The Data encryption (WEP enabled) check box is replaced with a Data encryption drop-down box that provides the following selections: Disabled Encryption of 802.11 frames is disabled. WEP 802.11 WEP is used as the encryption algorithm. TKIP TKIP is used as the encryption algorithm. AES AES is used as the encryption algorithm. This selection is only available if the wireless network adapter and its driver support the optional AES encryption algorithm. If the wireless network adapter and its driver do not support WPA, you will not see the TKIP and AES options. The Network Authentication (Shared Mode) check box is replaced with a Network Authentication drop-down box that provides the following selections: Open The open system authentication method is used. Shared The shared key authentication method used and the key is typed in Network key and Confirm network key.
y y y y
y y y y
WPA WPA authentication (802.1X) is used with an EAP type configured on the Authentication tab. WPA-PSK WPA authentication (802.1X) is used with a preshared key and the key is typed in Network key and Confirm network key.
If the wireless network adapter and its driver do not support WPA, you will not see the WPA and WPA-PSK options.
http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access