Connectivity is crucial in the current digital era, and while wired networks provide some intrinsic safety because of their physical limitations, wireless networks provide a distinct set of difficulties.
Wireless networks, such as WLAN (Wireless Local Area Network), based on the 802.11 standards, can be accessed from a distance, in contrast to cable connections, which are frequently restricted by physical access points. Thus, making sure that access is safe becomes crucial.
The WiFi Alliance is a worldwide non-profit organization that certifies WiFi equipment and advocates for the finest wireless security practices. Their standards, which guarantee the security of our personal and professional data in an increasingly linked environment, have influenced the way we think about wireless protection.
In this tutorial, we’ll discuss the wireless authentication protocols.
2. WEP (Wired Equivalent Privacy)
Wired Equivalent Privacy, or WEP, was one of the first security protocols created in 1997 as part of the original IEEE 802.11 standard and intended to provide a level of security equivalent to that of wired networks. Its fitting moniker highlights the goal of giving wireless networks security features comparable to those of wired networks.
At its core, WEP utilized an encryption scheme based on the RC4 stream cipher. The encryption process involved using a secret key, which combined with an Initialization Vector (IV) of 24 bits to produce a keystream. This keystream was then XORed (a bitwise operation) with the plaintext of the data to produce the ciphertext, which was transmitted over the airwaves. On the receiving end, the process was reversed, using the same secret key and IV to decrypt the received data.
But even with its novel method at the time, WEP had serious security shortcomings that surfaced as processing power and cryptography research advanced. A primary drawback was the short IV length. There are only 16.7 million potential IVs with just 24 bits. These IVs may be swiftly repurposed in a busy network, which facilitates the detection of trends and attack launches by adversaries.
The weak IV issue, which exposed portions of the secret key to attackers, was one of the most notorious security flaws. If an attacker collected enough traffic data, they could statistically ascertain the WEP key. During the early 2000s, even novice hackers could quickly get access to WEP-protected networks with the help of applications like AirSnort and WEPCrack.
2.2. Finding a Solution
The software community took notice, particularly in the wake of significant hacking campaigns that exposed WEP’s weaknesses. One of the incidents that garnered a lot of attention was the breach of major corporations’ networks, which believed WEP secured them. This emphasized the need for improved security measures as well as the need to comprehend and implement cutting-edge security policies.
Because of WEP’s severe security weaknesses, it was evident that a new protocol was necessary. Leaders in the cybersecurity sector and business world realized that patching WEP wouldn’t be enough and that a more complete solution was needed.
Based on this, WEP is no longer in use in the majority of modern applications.
3. WPA (Wi-Fi Protected Access)
Introduced in 2003, WPA (Wi-Fi Protected Access) was developed as an interim solution to address the glaring vulnerabilities associated with WEP, hence serving as a significant stepping stone in the evolution of wireless security.
WPA led to several improvements that greatly strengthened wireless security. The biggest change was the inclusion of the Temporal Key Integrity Protocol (TKIP). TKIP solved the issue with WEP by offering a unique encryption key for every data packet sent over the network, hence reducing the likelihood of successful brute-force attacks. Key collisions were less common with TKIP because it used a more sophisticated 48-bit Initialization Vector (IV) than WEP, which only had 24 bits. The Michael Message Integrity Code, a powerful integrity-checking tool introduced by WPA, made sure that data packets were not altered while in transit.
Moreover, introducing a handshake protocol, which required user authentication before allowing them to join a network, was another crucial aspect of WPA. The Wi-Fi Protected Setup (WPS) protocol made sure that only authorized devices could join, greatly enhancing network security.
Although the basic goal of both WPA and WEP was to create a secure wireless environment, WPA took a very different approach, relying on more sophisticated encryption and authentication methods to guarantee strong security.
Despite its advantages, WPA was not without flaws. Its continuous reliance on the same stream encryption used in WEP, RC4, was one of its major weaknesses. With time, flaws in RC4 became more noticeable, making it less secure. Moreover, despite its benefits, WPS featured a design flaw that allowed the 8-digit PIN required for network access to be divided and brute-forced into two halves, speeding up and increasing the accessibility of the assault for attackers.
In short, WPA remained a transitional security protocol even though it was a vast improvement over WEP. As the race between cybersecurity experts and bad actors intensified, it paved the way for the creation of even more secure wireless protection systems.
4. WPA2 (Wi-Fi Protected Access II)
With its 2004 release, WPA2 was hailed as the next step forward in wireless security, seeking to address the shortcomings of WPA. WPA2 was developed on top of the foundations of WPA and introduced a number of improvements that led to it being the industry standard for wireless protection for a long time.
4.1. Improvements from WPA
The most notable change was the Advanced Encryption Standard (AES) and Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP), taking the place of the TKIP and RC4 stream cipher. The U.S. government adopted AES as a block cipher, which is a significantly better encryption technique and makes WPA2 far safer against future intrusions. The use of CCMP provided an additional degree of security by guaranteeing the preservation of data integrity and confidentiality.
WPA2 also provided support for enterprise and personal modes. For authentication, the personal mode—fit for users at home—used a pre-shared key (PSK). On the other hand, the enterprise mode used 802.1X, which gives organizations a better level of security by enabling integration with RADIUS servers and a variety of extensible authentication methods.
4.2. The KRACK Vulnerability
In 2017, a notable weakness in WPA2’s defense was revealed. Mathy Vanhoef, a security researcher, discovered a weakness in the WPA2 protocol that he named KRACK, or “Key Reinstallation AttaCK.”
The four-way handshake that is performed when a client wants to join a secured Wi-Fi network was the focus of the KRACK vulnerability. When utilized correctly, KRACK allowed attackers to compel key reinstallation and tamper with the third step of this handshake. This action resets some encryption keys, which allows the attacker to decode packets, inject malicious material, or potentially take over connections.
KRACK’s wide reach was what was most concerning. Smartphones, computers, and Internet of Things devices were all potentially vulnerable as long as they used WPA2. In an effort to address the vulnerability, manufacturers and software developers moved quickly to deliver patches.
5. WPA3 (Wi-Fi Protected Access 3)
WPA3, the successor to WPA2, was introduced in 2018 with the aim of further enhancing wireless network security. It addressed several key issues in its predecessor, WPA2:
- Robust Encryption: WPA3 significantly enhanced encryption. It uses the more secure 256-bit encryption in place of the old Advanced Encryption Standard (AES) of WPA2. As a result, it’s far more difficult for attackers to break the encryption and enter the network without authorization
- Protection Against Brute Force Attacks: Simultaneous Authentication of Equals (SAE) was implemented in WPA3 to provide a defense against offline dictionary attacks. With many login tries, this feature increases the difficulty for attackers to guess the Wi-Fi password
- WPA3 also includes forward secrecy, which makes sure that even if an attacker manages to intercept encrypted data and then gets their hands on the network password, they will still be unable to decode the data that they have already intercepted
In this tutorial, we discussed the wireless authentication protocols. To guarantee the highest level of security, businesses and individuals must maintain vigilance and update their Wi-Fi infrastructure.