Understanding WEP
Wireless security with the methods of Wired Equivalent Privacy (WEP)
WEP is a security & encryption standard first used on the wireless, WEP (Wired Equivalent Privacy) is a method of securing wireless networks, also called Shared Key Authentication. Shared Key Authentication is the authentication method that requires the use of WEP. WEP encryption uses a key that is inserted (by the administrator) to a client or access point. This key must match the given access point to the client, with the included client to authenticate to the access point, and has a standard 802.11b WEP.
Shared Key Authentication Process:
1. Client has asked the association to the access point, this step is the same as the Open System Authentication.
2. Access point sends challenge text to the client transparently.
3. Client will respond by encrypting the challenge text using the WEP key and sends back to the access point.
4. Access point responded to client feedback, access point will perform to decrypt encrypted responses from the client to verify that the encrypted challenge text using the appropriate WEP key. In this process, the access point will determine whether the client has given the appropriate WEP key. If the WEP key provided by the client are correct, then the access point will respond positively and directly to the client authentication. However, if the client entered the WEP key is incorrect, then the access point and client may respond negatively to will not be authenticated. Thus, the client will not be authenticated and not associated.
WEP has many flaws, among others:
1. The problem of weak keys, the RC4 algorithm used can be solved.
2. WEP uses a static key
3. Problem initialization vector (IV) WEP
4. Problem of message integrity Cyclic Redundancy Check (CRC-32)
WEP consists of two levels, namely 64 bit key, and 128 bits. Actually, the secret key in the WEP key 64 bit only 40 bit, 24bit is an Initialization Vector (IV). Likewise, the 128-bit WEP, 104bit secret key consists of.
WEP weaknesses include:
1. The attack on the weaknesses of the initialization vector (IV), often called the FMS attack. FMS stands for the third name the inventor of weakness IV Fluhrer, Mantin, and Shamir. This attack was done by collecting a weak IV as much as possible. The more weak IV is obtained, the sooner discovered the key that is used
2. Get a unique IV data obtained through the packet to be processed for WEP key cracking process more quickly. This method is called chopping attack, first discovered by h1kari. This technique only requires a unique IV thus reducing the need for IV are weak in WEP cracking.
3. Both of the above attacks require considerable time and packet, to shorten the time, the hackers usually do traffic injection. Traffic Injection is often done by collecting the ARP packet and then sends back to the access point. This resulted in the collection of initial vectors is easier and faster. Unlike the first and second, to attack traffic injection, required specification of tools and applications that start rarely found in stores, ranging from chipsets, firmware version, and versions of drivers, and not infrequently have to do the patching of drivers and applications.
Excess WEP
When users want to connect the laptop, the user does not change any settings, everything is automatic, and when you first about browsing, the user will be prompted to enter a username and password
Almost all wireless components already support this protocol.
Understanding WPA
Wireless Apliccation abbreviated protocol WAP is an open international standard for applications that use wireless communication. The main objective for building applications that can access the Internet from mobile phones or PDAs.
Abbreviated as WAP.
Standard protocol for wireless applications (such as those used in mobile phones). WAP is a protocol or a technique messaging service that allows a digital phone or a mobile terminal having a WAP facility, see / read the contents of a site on the internet in a special text format. This web site should be a site with a WAP facility.
This technology is the result of cooperation between industries to create an open standards (open standards) and based on Internet standards, as well as several protocols that have been optimized for wireless environments.
This technology works in text mode with a speed of about 9.6 kbps. Later also developed the GPRS protocol which has several advantages over WAP.
Wireless Application Protocol is a protocol development of wireless protocol data already exist. Phone.com created a version of the standard HTML (HyperText Markup Language) Internet protocols specifically designed to transfer information between mobile networks efficiently. Wireless terminal with HDML (Handheld Device Markup Language) microbrowser, and Handheld Device Transport Protocol (HDTP) from Phone.com connected with UP.Link Server Suite is so connected to the Internet or intranet where the information needed to be. The technology was later known as WAP.
Wireless security with the methods Accsess WI-FI Protected (WPA)
Is common knowledge if WEP (Wired Equivalent Privacy) is no longer able to be relied on to provide a wireless connection (wireless) are safe from nosy people act or want to take advantage of what we have-known hackers jargon. Not long after the development process of WEP, the fragility of the cryptography aspects emerge.
Various studies have been conducted on WEP and obtained the conclusion that although a wireless network protected by WEP, third parties (hackers) can still be breaking into. A hacker who has a makeshift wireless equipment and software equipment used to collect and analyze enough data, can know the encryption key used.
Addressing the weaknesses that are owned by WEP, has developed a new security technique known as WPA (WiFi Protected Access). WPA technique is a model compatible with the IEEE 802.11i draft standard specification. This technique has several goals in its design, the sturdy, interoperates, can be used to replace WEP, can be implemented on a home or corporate user, and is available to the public as quickly as possible. The existence of WPA "replace" WPE, is it true feeling of "calm" is obtained? There are many pros and cons comments about it. Some say, WPA has a stronger encryption mechanism. However, there are pessimistic because of the communication path used is not safe, where the engineering man-in-the-middle can be used to outsmart the process of sending data. In order for WPA goal is achieved, at least two major security development done. WPA technique was established to provide development data encryption WEP is a weak point, and provides user authentication, which seems lost on developing the concept of WEP.
WPA technique was designed to replace WEP security method, which uses static security key, using TKIP (Temporal Key Integrity Protocol) which can be dynamically changed after 10,000 packets of data transmitted. TKIP protocol will take the primary key as a starting point which is then regularly changed so there is no encryption key is used twice. Background process is automatically carried out without being noticed by the user. By performing encryption key regeneration approximately every five minutes, the WiFi network that uses WPA has been slowing hackers who try to make key cracking earlier.
Although using the standard 64 and 128 bit encryption, like those of technology WEP, WPA TKIP making becomes more effective as an encryption mechanism. However, the problem of decrease in throughput as complained by the users of such wireless networks do not meet the standard answer from the documents sought. Therefore, the problems associated with the throughput is very dependent on the hardware you have, the more specific is the chipset used. The assumption at this time, if the throughput reduction occurs in the implementation of WEP, the rate of decline will be much greater if the WPA and TKIP implemented although some products claim that the decline in throughput has been overcome, of course, with greater use of the chipset capabilities and capacity.
WPA authentication using 802.1x and EAP (Extensible Authentication Protocol). Taken together, these implementations will provide a solid framework on the user authentication process. Framework will be done utilizing a centralized authentication server, such as RADIUS, to authenticate users before joining the wireless network. Also introduced mutual authentication, so users of wireless networks did not knowingly join another network that might steal its network identity.
Mechanism AES encryption (Advanced Encryption Standard) is likely to be adopted WPA with a user authentication mechanism. However, AES is apparently not necessary because the predicted TKIP encryption is able to provide a framework that is very tough, although not yet known for how long the tough can survive.
Target users (authentication key distribution)
• WPA-Personal: Also referred to as WPA-PSK (pre-shared key) mode. Designed for home and small office network and does not require server authentication. Each wireless network device to authenticate with the access point using 256-bit keys are equal.
• WPA-Enterprise: Also referred to as WPA-802.1x mode, and sometimes only WPA (as opposed to WPA-PSK). Designed for corporate networks, and requires a RADIUS authentication server. This requires a more complicated setup, but provide additional security (eg protection against dictionary attacks). An Extensible Authentication Protocol (EAP) is used for authentication, which come in different flavors (eg EAP-TLS, EAP-TTLS, EAP-SIM).
Wireless security with the methods of Wired Equivalent Privacy (WEP)
WEP is a security & encryption standard first used on the wireless, WEP (Wired Equivalent Privacy) is a method of securing wireless networks, also called Shared Key Authentication. Shared Key Authentication is the authentication method that requires the use of WEP. WEP encryption uses a key that is inserted (by the administrator) to a client or access point. This key must match the given access point to the client, with the included client to authenticate to the access point, and has a standard 802.11b WEP.
Shared Key Authentication Process:
1. Client has asked the association to the access point, this step is the same as the Open System Authentication.
2. Access point sends challenge text to the client transparently.
3. Client will respond by encrypting the challenge text using the WEP key and sends back to the access point.
4. Access point responded to client feedback, access point will perform to decrypt encrypted responses from the client to verify that the encrypted challenge text using the appropriate WEP key. In this process, the access point will determine whether the client has given the appropriate WEP key. If the WEP key provided by the client are correct, then the access point will respond positively and directly to the client authentication. However, if the client entered the WEP key is incorrect, then the access point and client may respond negatively to will not be authenticated. Thus, the client will not be authenticated and not associated.
WEP has many flaws, among others:
1. The problem of weak keys, the RC4 algorithm used can be solved.
2. WEP uses a static key
3. Problem initialization vector (IV) WEP
4. Problem of message integrity Cyclic Redundancy Check (CRC-32)
WEP consists of two levels, namely 64 bit key, and 128 bits. Actually, the secret key in the WEP key 64 bit only 40 bit, 24bit is an Initialization Vector (IV). Likewise, the 128-bit WEP, 104bit secret key consists of.
WEP weaknesses include:
1. The attack on the weaknesses of the initialization vector (IV), often called the FMS attack. FMS stands for the third name the inventor of weakness IV Fluhrer, Mantin, and Shamir. This attack was done by collecting a weak IV as much as possible. The more weak IV is obtained, the sooner discovered the key that is used
2. Get a unique IV data obtained through the packet to be processed for WEP key cracking process more quickly. This method is called chopping attack, first discovered by h1kari. This technique only requires a unique IV thus reducing the need for IV are weak in WEP cracking.
3. Both of the above attacks require considerable time and packet, to shorten the time, the hackers usually do traffic injection. Traffic Injection is often done by collecting the ARP packet and then sends back to the access point. This resulted in the collection of initial vectors is easier and faster. Unlike the first and second, to attack traffic injection, required specification of tools and applications that start rarely found in stores, ranging from chipsets, firmware version, and versions of drivers, and not infrequently have to do the patching of drivers and applications.
Excess WEP
When users want to connect the laptop, the user does not change any settings, everything is automatic, and when you first about browsing, the user will be prompted to enter a username and password
Almost all wireless components already support this protocol.
Understanding WPA
Wireless Apliccation abbreviated protocol WAP is an open international standard for applications that use wireless communication. The main objective for building applications that can access the Internet from mobile phones or PDAs.
Abbreviated as WAP.
Standard protocol for wireless applications (such as those used in mobile phones). WAP is a protocol or a technique messaging service that allows a digital phone or a mobile terminal having a WAP facility, see / read the contents of a site on the internet in a special text format. This web site should be a site with a WAP facility.
This technology is the result of cooperation between industries to create an open standards (open standards) and based on Internet standards, as well as several protocols that have been optimized for wireless environments.
This technology works in text mode with a speed of about 9.6 kbps. Later also developed the GPRS protocol which has several advantages over WAP.
Wireless Application Protocol is a protocol development of wireless protocol data already exist. Phone.com created a version of the standard HTML (HyperText Markup Language) Internet protocols specifically designed to transfer information between mobile networks efficiently. Wireless terminal with HDML (Handheld Device Markup Language) microbrowser, and Handheld Device Transport Protocol (HDTP) from Phone.com connected with UP.Link Server Suite is so connected to the Internet or intranet where the information needed to be. The technology was later known as WAP.
Wireless security with the methods Accsess WI-FI Protected (WPA)
Is common knowledge if WEP (Wired Equivalent Privacy) is no longer able to be relied on to provide a wireless connection (wireless) are safe from nosy people act or want to take advantage of what we have-known hackers jargon. Not long after the development process of WEP, the fragility of the cryptography aspects emerge.
Various studies have been conducted on WEP and obtained the conclusion that although a wireless network protected by WEP, third parties (hackers) can still be breaking into. A hacker who has a makeshift wireless equipment and software equipment used to collect and analyze enough data, can know the encryption key used.
Addressing the weaknesses that are owned by WEP, has developed a new security technique known as WPA (WiFi Protected Access). WPA technique is a model compatible with the IEEE 802.11i draft standard specification. This technique has several goals in its design, the sturdy, interoperates, can be used to replace WEP, can be implemented on a home or corporate user, and is available to the public as quickly as possible. The existence of WPA "replace" WPE, is it true feeling of "calm" is obtained? There are many pros and cons comments about it. Some say, WPA has a stronger encryption mechanism. However, there are pessimistic because of the communication path used is not safe, where the engineering man-in-the-middle can be used to outsmart the process of sending data. In order for WPA goal is achieved, at least two major security development done. WPA technique was established to provide development data encryption WEP is a weak point, and provides user authentication, which seems lost on developing the concept of WEP.
WPA technique was designed to replace WEP security method, which uses static security key, using TKIP (Temporal Key Integrity Protocol) which can be dynamically changed after 10,000 packets of data transmitted. TKIP protocol will take the primary key as a starting point which is then regularly changed so there is no encryption key is used twice. Background process is automatically carried out without being noticed by the user. By performing encryption key regeneration approximately every five minutes, the WiFi network that uses WPA has been slowing hackers who try to make key cracking earlier.
Although using the standard 64 and 128 bit encryption, like those of technology WEP, WPA TKIP making becomes more effective as an encryption mechanism. However, the problem of decrease in throughput as complained by the users of such wireless networks do not meet the standard answer from the documents sought. Therefore, the problems associated with the throughput is very dependent on the hardware you have, the more specific is the chipset used. The assumption at this time, if the throughput reduction occurs in the implementation of WEP, the rate of decline will be much greater if the WPA and TKIP implemented although some products claim that the decline in throughput has been overcome, of course, with greater use of the chipset capabilities and capacity.
WPA authentication using 802.1x and EAP (Extensible Authentication Protocol). Taken together, these implementations will provide a solid framework on the user authentication process. Framework will be done utilizing a centralized authentication server, such as RADIUS, to authenticate users before joining the wireless network. Also introduced mutual authentication, so users of wireless networks did not knowingly join another network that might steal its network identity.
Mechanism AES encryption (Advanced Encryption Standard) is likely to be adopted WPA with a user authentication mechanism. However, AES is apparently not necessary because the predicted TKIP encryption is able to provide a framework that is very tough, although not yet known for how long the tough can survive.
Target users (authentication key distribution)
• WPA-Personal: Also referred to as WPA-PSK (pre-shared key) mode. Designed for home and small office network and does not require server authentication. Each wireless network device to authenticate with the access point using 256-bit keys are equal.
• WPA-Enterprise: Also referred to as WPA-802.1x mode, and sometimes only WPA (as opposed to WPA-PSK). Designed for corporate networks, and requires a RADIUS authentication server. This requires a more complicated setup, but provide additional security (eg protection against dictionary attacks). An Extensible Authentication Protocol (EAP) is used for authentication, which come in different flavors (eg EAP-TLS, EAP-TTLS, EAP-SIM).
0 comments:
Posting Komentar