What are four features of WPA?

vector – integrity – 802 – unic

TKIP and the related WPA standard implement three new security features to address security problems encountered in WEP protected networks.

First, TKIP implements a key mixing function that combines the secret root key with the initialization vector before passing it to the RC4 initialization. WEP, in comparison, merely concatenated the initialization vector to the root key, and passed this value to the RC4 routine.

This permitted the vast majority of the RC4 based WEP related key attacks.

Second, WPA implements a sequence counter to protect against replay attacks. Packets received out of order will be rejected by the access point. Finally, TKIP implements a 64-bit Message Integrity Check (MIC).

To be able to run on legacy WEP hardware with minor upgrades, TKIP uses RC4 as its cipher. TKIP also provides a rekeying mechanism. TKIP ensures that every data packet is sent with a unique encryption key.

Key mixing increases the complexity of decoding the keys by giving an attacker substantially less data that has been encrypted using any one key. WPA2 also implements a new message integrity code, MIC.

The message integrity check prevents forged packets from being accepted. Under WEP it was possible to alter a packet whose content was known even if it had not been decrypted.

Wi-Fi Protected Access (WPA) is a security standard for users of computers equipped with Wi-Fi wireless connection. It is an improvement on and is expected to replace the original Wi-Fi security standard, Wired Equivalent Privacy (WEP).

WPA provides more sophisticated data encryption than WEP and also provides user authentication (WEP’s user authentication is considered insufficient).

WEP is still considered useful for the casual home user, but insufficient for the corporate environment where the large flow of messages can enable eavesdroppers to discover encryption keys more quickly.

WPA’s encryption method is the Temporal Key Integrity Protocol (TKIP). TKIP addresses the weaknesses of WEP by including a per-packet mixing function, a message integrity check, an extended initialization vector, and a re-keying mechanism.

WPA provides “strong” user authentication based on 802.1x and the Extensible Authentication Protocol (EAP). WPA depends on a central authentication server such as RADIUS to authenticate each user.

Wi-Fi Protected Access is a subset of and will be compatible with IEEE 802.11i (sometimes referred to as WPA2), a security standard under development. Software updates that will allow both server and client computers to implement WPA are expected to become widely available during 2003.

Access points (see hot spots) can operate in mixed WEP/WPA mode to sup
port both WEP and WPA clients. However, mixed mode effectively provides only WEP-level security for all users.

Home users of access points that use only WPA can operate in a special home-mode in which the user need only enter a password to be connected to the access point. The password will trigger authentication and TKIP encryption.

48 forge key