WPA2

from Wikipedia, the free encyclopedia
WPA2 protocols

Wi-Fi Protected Access 2 ( WPA2 ) is the implementation of a security standard for wireless networks based on the WLAN standards IEEE 802.11a , b , g , n and ac and is based on the Advanced Encryption Standard (AES). It is the successor to WPA , which in turn is based on Wired Equivalent Privacy (WEP) , which is now considered unsafe . WPA2 implements the basic functions of the new security standard IEEE 802.11i . The term Robust Security Network ( RSN ) is also used in this context . The successor is WPA3.

background

To protect the data transmitted in a WLAN and the participating clients, the Wired Equivalent Privacy (WEP) security standard was introduced. After a relatively short period of time, this standard turned out to be vulnerable to attacks. The network key can be determined by recording and analyzing larger amounts of data. The authentication integrated in WEP is also not a significant obstacle for attackers.

A further, very extensive standard for security in WLANs ( IEEE 802.11i ) was being worked on at the time, but adoption was not in sight. Therefore, an intermediate standard based on more or less approved parts was created: WPA . With functions such as dynamic keys, sensible authentication and support of Radius authentication, the radio network was able to restore its security.

With the advancing development of the IEEE 802.11i standard, which is based on the AES encryption algorithm , efforts have also been made to integrate AES into WPA. This resulted in the WPA2 standard . The manufacturers' association Wi-Fi Alliance began on September 1, 2004 as the first to certify WLAN devices with WPA2.

For a long time, only password attacks were known for WPA and WPA2. For this reason it is strongly recommended to use a sufficiently long password (at least 20 characters long with upper and lower case letters as well as special characters and numbers), which if possible does not consist entirely of meaningful words (see dictionary attack ). Some manufacturers allow the password key to be transferred to the clients to be connected using a USB stick using proprietary procedures; this does not need to be changed after the one-time installation. A wireless router with a sufficiently long password protected with WPA2 encryption and CCMP as well as deactivated WPS is from today's perspective, in contrast to WEP, relatively secure.

Differences to first generation WPA

WPA2 uses the AES encryption standard when CCMP is used as the protocol. WPA, on the other hand, only supports the stream cipher RC4 used with WEP , which, however, is used with TKIP . CCMP is to replace TKIP in the long term.

A simple changeover from WEP or WPA to WPA2 by means of a firmware update is possible with many, but not all, devices. Sometimes the hardware is too slow to implement AES encryption in software. The only remedy is new end devices with more computing power or special hardware for AES.

Technical key data

Encryption

The encryption is based on the Advanced Encryption Standard (AES).

Authentication

Both a secret text (the pre-shared key PSK) and a RADIUS server can be used to authenticate the client at the access point and vice versa .

Authentication with a pre-shared key is often used in small installations, as is the case with private users, and is therefore also referred to as "personal".

In larger networks, the use of RADIUS enables central user administration including accounting. In this case, the access point forwards the client's authentication request to the RADIUS server and - depending on success - allows access. This variant of WPA2 is often referred to as "Enterprise". The Extensible Authentication Protocol (EAP) is used for authentication .

compatibility

WPA2 and WPA can usually only be used separately. However, some access points support the simultaneous use of both types of encryption within a network.

All devices to be certified for WPA2 by the Wi-Fi Alliance must meet the IEEE 802.11i standard.

safety

WPA2 fulfills the strict security regulations for data exchange in US authorities according to FIPS 140-2. According to the Federal Court of Justice (BGH), WPA already meets the necessary security standard in Germany. In the decision, however, the BGH explicitly referred to the technical status of 2006.

Key reinstallation attacks

In October 2017, scientists at the KU Leuven published an attack possibility on connections secured with WPA2. The attack known as the Key Reinstallation Attack (KRACK) exploits a weakness in the four-way handshake to negotiate keys when establishing a connection. Thus can be decrypted and, among other data packets replay attacks , TCP - hijacking attacks or HTTP be performed -Injection attacks. In the worst case, the key used can be replaced by all zeros and the encryption can be completely canceled. The security gap affects the client-side implementation of IEEE 802.11s and the access points with IEEE 802.11r in "MESH roaming" and not just individual implementations . Primarily, Android - and GNU / Linux affected -Implementationen. Windows and Apple devices are only partially affected. With a software update, the security gap can be secured with backwards compatibility . Windows distributed the patch to fix the vulnerability a week before the announcement. Many well-known computer manufacturers have also updated their software.

Safety measures

The first priority for the PSK process should be to choose a secure WPA network key (also known as a passphrase or pre-shared key). This supports a maximum key length of 63 characters. The loose combination of letters, numbers and special characters is important in order to make brute force or dictionary attacks more difficult (see also the corresponding section in the article Password ). However, special characters in the password can cause problems with some operating systems, especially Apple iOS. Particular caution is required with special characters that are not available internationally (e.g. ü, ö, ä or also § ). Depending on the operating system ( Microsoft Windows , Mac OS X , Unix ) these are coded completely differently and are then not compatible with each other. Regularly changing the network key also increases security against long-term eavesdropping.

Further general security measures can be found in the section Basic Security Measures of the main article Wireless Local Area Network .

Web links

Individual evidence

  1. code.google.com
  2. FIPS 140-2 ( Memento of the original dated August 11, 2006 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / csrc.nist.gov
  3. Judgment of the Federal Court of Justice of May 12, 2010 - Az. I ZR 121/08 (PDF) - "Summer of our life"
  4. General safety information on lancom.de from October 16, 2017, accessed on October 17, 2017
  5. Critical weak points in WLAN encryption - BSI advises caution on the BSI website from October 16, 2017, accessed on October 17, 2017
  6. ^ Dan Goodin: Serious flaw in WPA2 protocol lets attackers intercept passwords and much more. In: Ars Technica . October 16, 2017, accessed October 16, 2017 .
  7. Mathy Vanhoef, Frank Piessens: Key reinstallation Attacks: Forcing nonce Reuse in WPA2 . In: Proceedings of the 24th ACM Conference on Computer and Communication Security (CCS 2017), Dallas, USA, 30 October - 3 November 2017 . October 2017, p. 1313–1328 , doi : 10.1145 / 3133956.3134027 ( advance publication [PDF; 642 kB ]).
  8. Lawrence Abrams: Microsoft Quietly Patched the Krack WPA2 Vulnerability Last Week. In: Bleeping Computer. October 16, 2017, accessed on August 16, 2018 .
  9. Lawrence Abrams: List of Firmware & Driver Updates for KRACK WPA2 Vulnerability. In: Bleeping Computer. October 16, 2017, accessed on August 16, 2018 .
  10. iOS: Understanding Personal Hotspots .