Wi-Fi Protected Access
Wi-Fi Protected Access ( WPA ) is an encryption method for a wireless network ( Wireless LAN ). After the Wired Equivalent Privacy (WEP) of the IEEE standard 802.11 had proven to be insecure and the adoption of the new security standard IEEE 802.11i was delayed, the Wi-Fi Alliance anticipated a subset of IEEE 802.11i and referred to it as WPA Pseudo-standard established. Certification according to this standard began in April 2003. The successors are WPA2 and WPA3.
WPA contains the architecture of WEP , but provides additional protection through dynamic keys based on the Temporal Key Integrity Protocol (TKIP) and offers pre-shared key (PSK) or Extensible Authentication Protocol (EAP) via IEEE 802.1 for the authentication of participants X on.
WPA is based on the RC4 - stream cipher that has already been used for WEP. In contrast to WEP, WPA not only uses a 48-bit long initialization vector (IV), but also uses a new key for each data packet ( per-packet key mixing and re-keying ), as well as a message integrity check (MIC).
Authentication via EAP is mostly used in large wireless LAN installations, as it requires an authentication instance in the form of a server (e.g. a RADIUS server ). In smaller networks, such as those often found in the SoHo area (small office, home office), PSK (pre-shared keys) are mostly used. The PSK must therefore be known to all participants in the wireless LAN, since it is used to generate the session key.
On February 3, 2004, the expansion of WPA was announced with WPA2 . WPA2 not only implements the full IEEE 802.11i standard, it also uses a different encryption algorithm with AES ( Advanced Encryption Standard ). But there are also WPA-capable devices that can handle AES without supporting WPA2.
On January 8, 2018, the Wi-Fi Alliance again announced WPA3, which will supplement the current standard. The new functionalities are supposed to protect passwords better, even if they do not correspond to the typical complexity rules. In addition, the process of configuration is simplified on devices with a small or nonexistent display. In addition, user privacy in open networks is to be strengthened through individualized encryption and a 192-bit security suite is to be introduced, from which networks with higher security requirements, such as those required by governments or companies, will benefit.
When using pre-shared keys , the quality of the password used must be observed. An attacker can guess the password using the brute force method or a dictionary attack and thus generate all possible variants of the pre-shared key . In order to see which of the generated keys fits, a login process, which can be initiated by an attacker at any time, must be monitored. A key exchange takes place with every login, which is secured via an MD5 hash and with the help of which one can check the generated keys for their correctness.
A proof of concept for dictionary attacks has existed since April 28, 2004 , which was implemented in the Mac OS X program KisMAC . Another program, WPA Cracker for Linux , has also existed since November 2004 , which carries out an offline dictionary attack using logged packets and is available in the source code. A brute force or dictionary attack on the recorded four-way handshake of the TKIP protocol is possible with the Cowpatty program .
In August 2008, a program was published in the Nvidia developer forum that can massively accelerate brute force attacks against WPA by using the computing power of GPGPU- enabled graphics cards. The shader processors , which are relatively low clocked but are housed in large numbers on modern graphics cards, are used to convert multiple passwords into their respective keys at the same time. The program has since been publicly available under the free GPL license. In October 2008, a provider also released a commercial product that can attack WPA with similar technology using graphics cards.
In November 2008 a rumor arose that WPA1-TKIP was partially cracked. In doing so, it is possible to decrypt individual packets with greater effort and to channel them into the connection in a manipulated manner. The discoverer Erik Tews presented details on November 12, 2008 in Tokyo as part of the PacSec conference.
In August 2009, Toshihiro Ohigashi (University of Hiroshima) and Masakatsu Morii (University of Kobe) explained in a technical paper how to accelerate the attack by Erik Tews. In the best case scenario, the attack takes one minute.
When installing a wireless network, the WPA and WPA2 process should be avoided if possible, even with authentication of participating stations via PSK (pre-shared key). User authentication when entering the network via EAP is preferred if:
- a larger number of mobile devices and access points are used, so changing the PSK when it is compromised is no longer practical
- the loss of a device is not noticed within a reasonable time or
- Devices are used temporarily or permanently in an untrustworthy environment (e.g. loaned to third parties)
Due to the attacks against WPA and WPA2-PSK methods, WPA3 is to be preferred. General security measures can be found in the Basic Security Measures section of the main article Wireless Local Area Network .
- Roland Bless et al .: Secure network communication . Springer Verlag, 2005, ISBN 3-540-21845-9 .
- TU-Chemnitz - Diploma thesis - Investigation and evaluation of network access controls based on the 802.1x standard (PDF; 689 kB)
- Article on Heise Security - attacks on WPA
- Example of how a WLAN secured with WPA can be "cracked"
- Article on Heise - Attack on WPA refined August 27, 2009
- Wi-Fi Alliance Launches WPA2 Enhancements and Debuts WPA3 . In: Dark Reading . ( darkreading.com [accessed January 11, 2018]).
- Announcement to attack WPA-PSK with the help of GPUs in the Nvidia developer forum
- Open source project regarding attack on WPA with the help of GPUs: Pyrite
- Allround-PC.com: WPA2 encryption cracked ( Memento of the original from October 18, 2008 in the Internet Archive ) Info: The archive link was automatically inserted and not yet checked. Please check the original and archive link according to the instructions and then remove this notice. , November 6, 2008
- Once thought safe, WPA Wi-Fi encryption is cracked . Archived from the original on June 5, 2009. Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. Retrieved March 8, 2011.
- Heise: WPA supposedly crackable in less than 15 minutes
- Erik Tews
- Battered, but not broken: understanding the WPA crack
- A Practical Message Falsification Attack on WPA (PDF; 547 kB) Retrieved October 18, 2017.
- Heise: attack on WPA refined
- https://hashcat.net/forum/thread-7717.html New attack on WPA / WPA2 using PMKID August 4, 2018