Wi-Fi Protected Access (WPA)

Lesson Contents

When you configure a new wireless network, what encryption and authentication protocols and algorithms should you select? Should you use RC4, TKIP, or AES? If you want to use 802.1X, should you use PEAP or EAP-TLS?







The Wi-Fi Alliance is a non-profit organization that promotes wireless networking and aims to help with these questions. They provide the Wi-Fi Protected Access (WPA) industry certifications.

Today, there are three WPA versions:

  • WPA (version 1)
  • WPA2
  • WPA3

When a wireless vendor wants WPA certification, its wireless hardware has to go through a testing process in authorized testing labs. When their hardware meets the criteria, they receive WPA certification.

WPA supports two authentication modes:

  • Personal
  • Enterprise

With personal mode, we use a pre-shared key. The pre-shared key is not used directly over the air. Instead, wireless clients and the AP use a four-way handshake that uses the pre-shared key as input to generate encryption keys. When this process is finished, the wireless client and AP can send encrypted frames to each other.

Enterprise mode uses 802.1X and an authentication server, usually a RADIUS server. WPA doesn’t specify a specific EAP method so you can use what works best for your scenario. All standard EAP methods like PEAP and EAP-TLS are supported.

WPA

The first wireless devices were certified for WPA (version 1) in 2003. WPA is the Wi-Fi Alliance’s answer to replace WEP with all its vulnerabilities.  WEP uses RC4, which is an insecure algorithm.

There are far more secure encryption algorithms like AES, but the problem is that you need hardware support. Back then, most wireless clients and APs only supported RC4 in hardware. We needed a more secure software algorithm, without replacing hardware.

WPA uses Temporal Key Integrity Protocol (TKIP), which recycled some items from WEP; it still uses the RC4 algorithm. Some things are improved; for example, TKIP uses 256-bit keys instead of the 64 and 128-bit keys in WEP. If you are interested, the WPA key hierarchy lesson explains the keys in detail.

Unfortunately, WPA was doomed from the start. It was based on parts of the 802.11i standard, which was still a draft. It was good enough to replace WEP and use existing hardware,  but in the long run, something else was needed.

WPA2

WPA2 is the replacement for WPA and is based on the IEEE 802.11i (ratified) standard. Certification began in 2004, and from March 13, 2006, it was mandatory for all devices if you wanted to use the Wi-Fi trademark. The most significant upgrade is that WPA2 uses AES-CCMP encryption instead of the old RC4 encryption that WEP and WPA use.

For backward compatibility reasons, you can still use TKIP as a fallback mechanism for WPA clients.

WPA2 also introduced Wi-Fi Protected Setup (WPS). If you want to connect to a network that uses a pre-shared key, then you need to know the SSID and the pre-shared key.

With WPS, you only have to push a button or enter a PIN code, and your wireless client automatically configures the SSID and pre-shared key. WPS makes it easier for non-tech savvy users to configure a wireless network, especially when you use long, complex pre-shared keys. However, researchers discovered a vulnerability for WPS in 2011. An attack against WPS can brute force the WPS PIN in a few hours, which results in an exposed pre-shared key.

WPA3

The Wi-Fi Alliance introduced WPA3 the next-generation replacement for WPA2, in 2018. WPA3 still uses AES but replaced CCMP with the Galois/Counter Mode Protocol (GCMP).

The key length for AES has increased. WPA3-personal still uses 128-bit AES, but optionally can use 192-bit. For WPA3-enterprise, it’s a requirement to use 192-bit keys.

WPA2 introduced Protected Management Frames (PMF), but it was optional. WPA3 makes it a requirement. PMF protects:

  • Unicast management frames against eavesdropping and forging.
  • Multicast management frames against forging.

There are also new features:

  • Simultaneous Authentication of Equals (SAE): WPA and WPA2 use a four-way handshake for authentication, which is vulnerable to an offline attack. An attacker can capture the four-way handshake, and then perform an offline dictionary or brute force attack. In WPA3, clients authenticate with SAE instead of the four-way handshake. SAE is resistant to offline attacks.
  • Forward secrecy: With WPA or WPA2, it’s possible to capture wireless traffic and decrypt it later once you have the pre-shared key. With WPA3, this is impossible. Because of forward secrecy, you can’t decrypt wireless traffic afterward, even if you have the pre-shared key.
  • Opportunistic Wireless Encryption (OWE): This is a replacement for open authentication. With open authentication, you don’t have any encryption. OWE adds encryption. The idea is to use a Diffie-Hellman exchange and encrypt traffic between the wireless client and AP. The keys are different for each wireless client, so other clients can’t decrypt your traffic. There is still no authentication, so there is no protection against rogue APs.
  • Device Provisioning Protocol (DPP): This is a replacement for the insecure WPS solution. Many low-end devices (like IoT devices) don’t have an interface you can use to configure a pre-shared key. Instead, they rely on a PC or smartphone to do the configuration for them. DPP allows you to authenticate devices using a QR code or NFC.

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You’ve Ever Spent on Your Cisco Career!
  • Full Access to our 785 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

1455 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags:


Forum Replies

  1. Hi Rene.

    Really great lesson. Hopefully CCNA will not asks too much details of knowledge. There are so many acronyms with funny names: EAP, PEAP (sounds like a mouse…)
    Just one small thing. In the conclusion there is a small typo. CGMP should be GCMP off course

    Regards,
    Robert

  2. Hello Robert

    Great to hear that the lessons are being helpful for you! Also, thanks for pointing out the typo, I’ll let @ReneMolenaar know…

    Laz

  3. Hello,

    I’d like to ask for clarification regarding the following question:

    1. The ENCOR OCG shows the following WLC page (sorry about the grainy image, it’s like that in the book):

    https://cdn-forum.networklessons.com/uploads/default/original/2X/4/4e1613db652dde73884a597aa6509afb282ad41f.jpeg

    WPA2 Policy is selected in this example. However, I see that GCMP encryption types can also be selected. What is the reason why this is offered, if only WPA3 can use GCMP, while the other WPA versions can’t?

    1. This table is from the CCNA OCG:

    https://cdn-forum.networklesson

    ... Continue reading in our forum

  4. Hello Attila

    Happy New Year to you too!

    The GCMP encryption option is listed under WPA2 Encryption in the WLC settings because some WPA2 implementations, particularly those used in 802.11ac and 802.11ax (Wi-Fi 5 and Wi-Fi 6) can actually use GCMP. It’s not common, but it is possible, hence it

    ... Continue reading in our forum

Ask a question or join the discussion by visiting our Community Forum