The WPA/WPA2 standards described two methods of user authentication. They are 802.1X EAP/EAPOL mechanism Pre-Shared Key (EAPOL) Mechanism Both the above authentication mechanisms involve authenticating the user and also generating a set of encryption keys that could be used for data security. The WLAN association and authentication mechanism can be broken into three phases. The […]

In the Pre-Shared Key Mechanism, the upper layer handshake as performed in 802.1X mechanism is not performed as the Pair-wise Master Key is generated by utilizing a user supplied Pass-phrase. The 802.11 user enters a passphrase which has to be a minimum of 8 characters and can be a maximum of 63 characters. The Passphrase […]

The below  example shows how an 802.11 authentication occurs via the Pre-Shared Key Authentication Mechanism. For an understanding of the Pre-Shared key Mechanism refer here <802.11 Pre-Shared Key Mechanism>.  The below example shows a WPA-PSK example. AP sends a beacon packet with the WPA Information element with the Authentication Key Management as PSK and in […]

The current article outlines the packet exchange between an Access Point and a WLAN station till association partaking in an 802.1X authentication mechanism. The WPA mechanism is shown here The Access Point sends a beacon indicating support of 802.1X authentication in the WPA element Authentication key management field The WLAN station sends a Probe request […]

The Pre-shared Key mechanism till association was described here <Wireless Capture Example – Pre-shared Key Part 1>. In the Pre-shared Key mechanism – the Master Key material for the 4-way EAPOL handshake is obtained from the secret passphrase that is known a-priori between the Access Point and the WLAN station. The reader can understand the […]

The reader can understand the association mechanism between a WLAN station and Access point for 802.1X authentication here <Wireless Capture Example – EAP Handshake – Part 1> There are a number of 802.1X EAP mechanisms that are used in WLAN. The number of EAP exchanges depend on the EAP Method employed. The Frame exchanges that […]

The TKIP encapsulation process is shown below FIG Courtesy – 802.11 Standard Description of the parameters TA – Transmitter address TK – Temporal Key TSC – TKIP Sequence Counter Priority – QoS TID Priority – set to 0 if QoS control field is not present MIC Key – MIC transmitter Key (64 bits) obtained during […]

The TKIP decapsulation Process is shown below FIG Courtesy: 802.11 Standard Description of the parameters TA – Transmitter address TK – Temporal Key TSC – TKIP Sequence Counter Priority – QoS TID Priority – set to 0 if QoS control field is not present MIC Key – MIC Receiver Key (64 bits) obtained during EAPOL […]

The TKIP Michael Integrity check prevents forgery attacks. The MIC is a 64 bit (8 byte) value. The MIC in itself is weak and hence is encrypted and sent along with the MSDU. Since the ICV (Integrity Check Value) is computed on an MPDU in the MAC layer, The Michael Integrity check provides an upper […]

The RSN information element was brought out by the IEEE 802.11i Task Group. RSN stands for Robust Security Network and it made AES cipher mandatory with the use of Robust Security Network. The TKIP cipher can be used as Multicast/Broadcast cipher and so can WEP-40/WEP104, but if the authentication method is 802.1X then WEP-40/WEP-104/TKIP are […]