Wireless (WPA)

Hey there... I need some help with Wireless please.
I am trying to understand difference between WEP/WPA/WPA2

My question is... how does WPA use Dynamic keys? The part that confuses me is that I am running WPA at home and never have to change the keys... I enter the key on my Linksys AP, and then enter the same key on the clients in my home (and never change it). So I am not clear on the dynmaic portion of WPA.

I am not too clear on the concept of PSK either... Why do they call it Pre-Shared keys...? Is it because you must pre-share it by entering it on all clients? If that is the case, then how does that differ from WEP. I guess I don't really understand what a PSK is in the first place...

I don't get how WPA keys are dynamic (by using TKIP) if they are entered once and never chaning them still allows you to connect wirelessly (I am comparing to my home set up).

Thank you.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

Xenz

I believe the PSK note is to differentiate the user level (personal) and enterprise level authentication. WPA/WPA2 can be used in conjunction with an authentication server like RADIUS. PSK method requires no centralized database and just requires you to configure a key.

As far as the frame and how you get the dynamic part, it's a fairly complex process. For one, WEP uses a 24 bit IV whereas WPA/WPA2 uses a 48 bit. WEP has the problem of key collisions where they can be reused. WPA doesn't because of the 48 bit IV. It's still easily crackable though especially with programs that use your graphics cards to crack the key. An IV is randomly generated by a computer.

The dynamic portion comes in, double check my understanding/explanation with research cause I'm nowhere near an expert, when TKIP generates a hash based off your PSK and the IV before sending it to the RC4 algorithm. The IV's change so your hash will end up different every time hence the dynamic part. Again, fact check to be sure as it's been forever since I read about this stuff.

TLDR: PSK doesn't require an auth server and the the dynamic part is regarding the hashing function in WEP and WPA. The PSK is used in both and isn't what changes. (anything I've said could be 100% inaccurate so you should fact check it)

new2net

Xenz wrote: »

For one, WEP uses a 24 bit IV

Thanks Xenz!........but what is an IV?

Psoasman

Let me see if I can break this down some:

WEP is used an encyption that is supposed to give you the same basic security as a wired network, that's where the equivalent comes from. It uses a 64 -bit or 128-bit key. You should change the default keys. You should use dynamic WEP.

WPA improves on WEP and I think it uses a 256-bit key.

Preshared keys is where both devices know the shared secret key, its not very secure.

IV is initialization vector.

It will help you the most to get some books and do some research, use technet, etc.

Xenz

Yeah, a book is best to learn from or whitepapers on the subject. The differences between WEP/WPA/WPA2 revolve around the way they use their ciphers. WEP/WPA use RC4 which is a stream cipher. They use them in very different ways which makes WPA a bit more secure than WEP on top of the improvements to the standard, but not secure enough to not be crackable. Like I mentioned above, you should read about WPA cracking while using a video card to help crack it. WPA2 uses AES which is a block cipher.

Initialization Vector is what IV stands for like Psoasman mentioned above. Read a paper on WEP cracking and you'll learn a bit about it.

luke_bibby

Don't think that because you have a password like bob123 configured on your wireless AP and your desktop that bob123 is the encryption key for every packet going between devices. Ciphers have key schedulars which generate session keys based on the master key (the PSK) to do the actual encryption of the traffic. Session keys are used so that an attacker who can capture traffic and attempts to brute force decrypt (trying every possible key in the key space) traffic and is eventually successful will not have the decryption key to all encrypted traffic sent between two devices - this is the dynamic part. From memory a session in WPA/2 is every packet, so each packet is encrypted using a different session key.

Session keys are based on what some other people have said in this thread, like IVs (fixed length pseudo-random numbers) and other more complex techniques like S-Boxes.