Wireless Encryption - CompTIA Network+ N10-009 - 2.3

Securing a wireless network

• An organization's wireless network can contain confidential information

- Not everyone is allowed access

• Authenticate the users before granting access

- Who gets access to the wireless network?

- Username, password, multi-factor authentication

• Ensure that all communication is confidential

- Encrypt the wireless data

• Verify the integrity of all communication

- The received data should be identical to the

original sent data

- A message integrity check (MIC)

WPA (Wi-Fi protected access)

* 2002: WPA was the replacement for serious cryptographic weaknesses in WEP

- (Wired Equivalent Privacy)

- Don't use WEP

* Needed a short-term bridge between WEP and whatever would be the successor

- Run on existing hardware

* WPA: RC4 with TKIP (Temporal Key Integrity Protocol)

- Initialization Vector (IV) is larger and

an encrypted hash

- Every packet gets a unique 128-bit encryption key

WPA2

Wireless Protected Access 2

CCMP block cipher mode

- Counter mode with cipher block chaining, message authentication code protocol or counter CBC-MAC Protocol

CCMP Security Services\

- Data confidentiality with AES encryption

- Message integrity check (MIC) and CBC-MAC

WPA3 and GCMP

WIFI protected access 3 (WPA3)

GCMP Block Cipher Mode

- Galois/Counter Mode protocol

- A stronger encryption than WPA2

GCMP security services

- Data confidentiality with AES

- Message integrity check (MIC) with Galois

Message Authentication Code (GMAC)