Topic :- Wi-Fi Protected Access (WPA and WPA2) is a certification program

developed by the Wi-Fi Alliance to indicate compliance with the security

protocol created by the Wi-Fi Alliance to secure wireless computer networks.

Submitted to:-
Dinesh Sir
Submitted by :-
Name: Yogesh
Gandhi
Roll No: RC2801B48
Section: C2801
Reg No: 10808452
 ACKNOWLEDGEMENT

I take this opportunity to present my votes of thanks to all those guidepost who really acted
as lightening pillars to enlighten our way throughout this project that has led to successful
and satisfactory completion of this study.

We are really grateful to our teacher for providing us with an opportunity to undertake this
project in this university and providing us with all the facilities. We are highly thankful to
Mr. Dinesh Sir for her active support, valuable time and advice, whole-hearted guidance,
sincere cooperation and pains-taking involvement during the study and in completing the
assignment of preparing the said project within the time stipulated.

Lastly, We are thankful to all those, particularly the various friends , who have been
instrumental in creating proper, healthy and conductive environment and including new and
fresh innovative ideas for us during the project, their help, it would have been extremely
difficult for us to prepare the project in a time bound framework.

Name-Yogesh Gandhi

Regd.No-10808452

Rollno-RC2801B48
Table of Content

Wi-Fi Protected Access

 First of all what is Wi-Fi?

 What is wireless Networking?

 What is Network security?

 What is WPA?
 What is WPA2?

 Summary

 Reference
Wi-Fi Protected Access
Wi-Fi Protected Access (WPA
and WPA2) is a certification
program developed by the Wi-Fi
Alliance to indicate compliance
with the security protocol created
by the Wi-Fi Alliance to secure
wireless computer networks. The
Alliance defined the protocol in
response to several serious
weaknesses researchers had found
in the previous system, WEP
(Wired Equivalent Privacy).
The WPA protocol implements
the majority of the IEEE 802.11i
standard. The Wi-Fi Alliance
intended WPA as an intermediate
measure to take the place of WEP
pending the preparation of
802.11i. Specifically, the
Temporal Key Integrity Protocol
(TKIP), was brought into WPA.
TKIP could be implemented on
pre-WPA wireless network
interface cards that began shipping
as far back as 1999 through
firmware upgrades. Because the
changes required fewer
modifications on the client than on
the wireless access points (APs),
most pre-2003 APs could not be
upgraded to support WPA with
TKIP. Researchers have since
discovered a flaw in TKIP that
relied on older weaknesses to
retrieve the keystream from short of the Wi-Fi logo does not
packets to use for re-injection and necessarily imply a device is
spoofing. incompatible with Wi-Fi devices.

The later WPA2 certification mark As of 2010 an IEEE 802.11 device

indicates compliance with an is installed in many personal
advanced protocol that computers, video game consoles,
smartphones, printers, and other
implements the full standard. This
peripherals, and virtually all
advanced protocol will not work laptop or palm-sized computers.
with some older network cards.
Products that have successfully What is wireless
completed testing by the Wi-Fi Networking?
Alliance for compliance with the
protocol can bear the WPA Wireless or Wi-Fi technology is
certification mark. another way of connecting your
computer to a network without
using wires. Wireless networks
utilize radio waves and/or
microwaves to maintain
communication channels between
First of all what is Wi-Fi? computers. This gives people the
freedom to connect computers
anywhere in your home or office
Wi-Fi is a trademark of the Wi-Fi
network. Wireless networking
Alliance that manufacturers may
works similarly to how cordless
use to brand certified products that
phones work, through radio
belong to a class of wireless local
signals to transmit data from one
area network (WLAN) devices
point A to point B. A basic
based on the IEEE 802.11
wireless design typically consists
standards. Because of the close
of a wireless router that provides
relationship with its underlying
access to the Internet and/or
standard, the term Wi-Fi is often
network and a system that
used as a synonym for IEEE
connects via a wireless adapter.
802.11 technology.
Home wireless networks typically
The Wi-Fi Alliance, a global
consist of at least one Wireless
association of companies,
Access Point/Router and one or
promotes WLAN technology and
more computers that connect to
certifies products if they conform
the wireless router. The Access
to certain standards of
Point/Router is the device that
interoperability. Not every IEEE
systems connect to for access to
802.11-compliant device is
the internet or to another
submitted for certification to the
computer sharing the signal.
Wi-Fi Alliance, sometimes
because of costs associated with
the certification process. The lack
Where it is Used?
Internet access
A roof-mounted Wi-Fi antenna
A Wi-Fi enabled device such as a
personal computer, video game
console, mobile phone, MP3
player or personal digital assistant
can connect to the Internet when
within range of a wireless network
connected to the Internet. The
coverage of one or more
(interconnected) access points —
called a hotspot — can comprise
an area as small as a few rooms or
as large as many square miles.
Coverage in the larger area may
depend on a group of access
points with overlapping coverage.
Wi-Fi technology has been used in
wireless mesh networks, for
example, in London.
In addition to private use in homes
and offices, Wi-Fi can provide
public access at Wi-Fi hotspots
provided either free-of-charge or
to subscribers to various
commercial services.
Organizations and businesses -
such as those running airports,
hotels and restaurants - often
provide free-use hotspots to attract
or assist clients. Enthusiasts or
authorities who wish to provide
services or even to promote
business in selected areas
sometimes provide free Wi-Fi
access. As of 2008 more than 300
metropolitan-wide Wi-Fi (Muni-
Fi) projects had started. As of
May 2008 the Czech Republic had
879 Wi-Fi based Wireless Internet
service providers.
Routers that incorporate a digital
subscriber line modem or a cable
modem and a Wi-Fi access point,
often set up in homes and other
premises, can provide Internet-
access and internetworking to all
devices connected (wirelessly or
by cable) to them. One can also
connect Wi-Fi devices in ad-hoc
mode for client-to-client
connections without a router. Wi-
Fi also enables places that would
traditionally not have network
access to connect, for example
bathrooms, kitchens and garden
sheds.
City-wide Wi-Fi
A municipal wireless antenna in
Minneapolis
In the early 2000s, many cities
around the world announced plans
for city-wide Wi-Fi networks.
This proved to be much more
difficult than their promoters
initially envisioned with the result
that most of these projects were
either canceled or placed on
indefinite hold.
 A few were successful, for
example in 2005, Sunnyvale,
California became the first city in
the United States to offer city-
wide free Wi-Fi. (As of 2009 few
of the Municipal Wi-Fi firms have
entered the field of smart grid
networks.
Campus-wide Wi-Fi
Carnegie Mellon University built
the first wireless Internet network
in the world at their Pittsburgh
campus in 1994, long before Wi-
Fi branding originated in 1999.
Direct computer-to-computer
communications
Wi-Fi also allows
communications directly from one
computer to another without the
involvement of an access point.
This is called the ad-hoc mode of
Wi-Fi transmission. This wireless
ad-hoc network mode has proven
popular with multiplayer handheld
game consoles, such as the
Nintendo DS, digital cameras, and
other consumer electronics
devices.
Similarly, the Wi-Fi Alliance
promotes a pending specification
called Wi-Fi Direct for file
transfers and media sharing
through a new discovery- and
security-methodology.
Future directions
As of 2010 Wi-Fi technology has
spread widely within business and
industrial sites. In business
environments, just like other
environments, increasing the
number of Wi-Fi access-points
provides network redundancy,
support for fast roaming and
increased overall network-
capacity by using more channels
or by defining smaller cells. Wi-Fi
enables wireless voice-
applications (VoWLAN or
WVOIP). Over the years, Wi-Fi
implementations have moved
toward "thin" access-points, with
more of the network intelligence
housed in a centralized network
appliance, relegating individual
access-points to the role of mere
"dumb" radios. Outdoor
applications may utilize true mesh
topologies. As of 2007 Wi-Fi
installations can provide a secure
computer networking gateway,
firewall, DHCP server, intrusion
detection system, and other
functions.
What is Network security?
The main issue with wireless
network security is its simplified
access to the network compared to
traditional wired networks such as
ethernet. With wired networking
one must either gain access to a
building (physically connecting
into the internal network) or break
through an external firewall. Most
business networks protect
sensitive data and systems by
attempting to disallow external
access. Thus gaining wireless
connectivity provides an attack
vector, particularly if the network
lacks encryption or if the intruder
can defeat any encryption.
Attackers who have gained access
to a Wi-Fi network can use DNS
spoofing attacks very effectively
against any other user of the
network, because they can see the
DNS requests made, and often
respond with a spoofed answer
before the queried DNS server has
a chance to reply.
Securing methods
A common but unproductive
measure to deter unauthorized
users involves suppressing the
access point's SSID broadcast,
"hiding" it. This is ineffective as a
security method because the SSID
is broadcast in the clear in
response to a client SSID query.
Another unproductive method is
to only allow computers with
known MAC addresses to join the
network. But intruders can defeat
this method because they can
often (though not always) set
MAC addresses with minimal
effort (MAC spoofing). If
eavesdroppers have the ability to
change their MAC address, then
they may join the network by
spoofing an authorized address.
Wired Equivalent Privacy (WEP)
encryption was designed to protect
against casual snooping, but is
now deprecated. Tools such as
AirSnort or Aircrack-ng can
quickly recover WEP encryption
keys. Once it has seen 5-10
million encrypted packets,
AirSnort can determine the
encryption password in under a
second; newer tools such as
aircrack-ptw can use Klein's attack
to crack a WEP key with a 50%
success rate using only 40,000
packets.
To counteract this in 2002, the
Wi-Fi Alliance approved Wi-Fi
Protected Access (WPA) which
uses TKIP as a stopgap solution
for legacy equipment. Though
more secure than WEP, it has
outlived its designed lifetime, has
known attack vectors and is no
longer recommended.
In 2004, the IEEE ratified the full
IEEE 802.11i (WPA2) encryption
standards. If used with a 802.1X
server or in pre-shared key mode
with a strong and uncommon
passphrase WPA2 is still
considered secure, as of 2009.
What is WPA?
Wireless Access Protocol (WAP)
is an open international standard
for application-layer network
communications in a wireless-
communication environment.
Most use of WAP involves
accessing the mobile web from a
mobile phone or from a PDA.
A WAP browser provides all of
the basic services of a computer-
based web browser but simplified
to operate within the restrictions
of a mobile phone, such as its
smaller view screen. Users can
connect to WAP sites: websites
written in, or dynamically
converted to, WML (Wireless
Markup Language) and accessed
via the WAP browser.
Before the introduction of WAP,
service providers had extremely
limited opportunities to offer
interactive data services, but
needed interactivity to support
now-commonplace activities such
as:
• Email by mobile phone
• Tracking of stock-market
prices
• Sports results
• News headlines
• Music downloads
The Japanese i-mode system
offers another major competing
wireless data protocol.
SECURITY MECHANISMS IN
WPA
One of WEP’s chief weaknesses
was that it used a small static key
to initiate encryption. This 40-bit
key is entered manually on the AP
and on all clients that
communicate with the AP. It does
not change unless it is manually
re-entered on all devices, a
daunting labor-intensive task in a
large organization. Cryptographic
studies have demonstrated that an
intruder who collects enough data
can threaten a WEP network in
three ways: by intercepting and
decrypting the data that is being
transmitted over the air, by
altering the data that is
communicated, and by deducing
and forging the WEP key to gain
unauthorized access to network
and Internet services. This could
be accomplished in a matter of
hours on a busy, corporate
WLAN. Also, WEP lacks a means
of authentication, validating user
credentials to ensure that only
those who should be on the
network are allowed to access it.
WPA addresses these flaws and
brings additional safeguards to
Wi-Fi security. WPA uses a
greatly enhanced encryption
scheme, Temporal Key Integrity
Protocol (TKIP). Together with
802.1X/EAP authentication, TKIP
employs a key hierarchy that
greatly enhances protection. It
also adds a Message Integrity
Check (MIC, sometimes called
“Michael”) to protect against
packet forgeries.
Technical specifications
OSI MODEL
7 Application Layer
6 Presentation Layer
5 Session Layer
4 Transport Layer
3 Network Layer
Data Link Layer
2 • LLC sublayer
• MAC sublayer
1 Physical Layer
• The WAP standard
describes a protocol suite
that allows the
interoperability of WAP
 equipment and software
with many different
network technologies, thus
allowing the building of a
single platform for
competing network
technologies such as GSM
and IS-95 (also known as
CDMA) networks.
+---------------------------------------
---+
| Wireless Application
Environment (WAE) |
+---------------------------------------
---+ \
| Wireless Session Protocol
(WSP) | |
+---------------------------------------
---+ |
| Wireless Transaction Protocol
(WTP) | | WAP
+---------------------------------------
---+ | protocol
| Wireless Transport Layer
Security (WTLS) | | suite
+---------------------------------------
---+ |
| Wireless Datagram Protocol
(WDP) | |
+---------------------------------------
---+ /
| *** Any Wireless Data
Network *** |
+---------------------------------------
---+
• The bottom-most protocol
in the suite, the WAP
Datagram Protocol
(WDP), functions as an
adaptation layer that
makes every data network
look a bit like UDP to the
upper layers by providing
unreliable transport of data
with two 16-bit port
numbers (origin and
destination). All the upper
layers view WDP as one
and the same protocol,
which has several
"technical realizations" on
top of other "data bearers"
such as SMS, USSD, etc.
On native IP bearers such
as GPRS, UMTS packet-
radio service, or PPP on
top of a circuit-switched
data connection, WDP is
in fact exactly UDP.
• WTLS, an optional layer,
provides a public-key
cryptography-based
security mechanism
similar to TLS.
• WTP provides transaction
support (reliable
request/response) adapted
to the wireless world.
WTP supports more
effectively than TCP the
problem of packet loss,
which occurs commonly in
2G wireless technologies
in most radio conditions,
but is misinterpreted by
TCP as network
congestion.
• Finally, one can think of
WSP initially as a
compressed version of
HTTP.
This protocol suite allows a
terminal to transmit requests that
have an HTTP or HTTPS
equivalent to a WAP gateway; the
gateway translates requests into
plain HTTP.
Wireless Application
Environment (WAE)
The WAE space defines
application-specific markup
languages.
For WAP version 1.X, the primary
language of the WAE is WML,
which has been designed by
Santhosh Kumar from scratch for
hand-held devices with phone-
specific features. In WAP 2.0, the
primary markup language is
XHTML Mobile Profile.
History
The WAP Forum dates from 1997.
It aimed primarily to bring
together the various wireless
technologies in a standardised
protocol.[
In 2002 the WAP Forum was
consolidated (along with many
other forums of the industry) into
OMA (Open Mobile Alliance),
which covers virtually everything
in future development of wireless
data services.
WAP 1.X
The WAP 1.0 standard, released
in April 1998, described a
complete software stack for
mobile internet access.
WAP version 1.1 came out in
1999. WAP 1.2, the final update
of the 1.X series was released in
June 2000. The most important
addition in version 1.2 was WAP
push.
WAP Push Process
WAP Push has been incorporated
into the specification to allow
WAP content to be pushed to the
mobile handset with minimum
user intervention. A WAP Push is
basically a specially encoded
message which includes a link to a
WAP address.
WAP Push is specified on top of
WDP; as such, it can be delivered
over any WDP-supported bearer,
such as GPRS or SMS. Most
GSM networks have a wide range
of modified processors, but GPRS
activation from the network is not
generally supported, so WAP
Push messages have to be
delivered on top of the SMS
bearer.
On receiving a WAP Push, a
WAP 1.2 or later enabled handset
will automatically give the user
the option to access the WAP
content. This is also known as
WAP Push SI (Service
Indication).
The network entity that processes
WAP Pushes and delivers them
over an IP or SMS Bearer is
known as a Push Proxy Gateway
(PPG).
WAP 2.0
WAP 2.0, released in 2002, a re-
engineered WAP, uses a cut-down
version of XHTML with end-to-
end HTTP (i.e., dropping the
gateway and custom protocol suite
used to communicate with it). A
WAP gateway can be used in
conjunction with WAP 2.0;
however, in this scenario, it is
used as a standard proxy server.
The WAP gateway's role would
then shift from one of translation
to adding additional information
to each request. This would be
configured by the operator and
could include telephone numbers,
location, billing information, and
handset information.
Mobile devices process XHTML
Mobile Profile (XHTML MP), the
markup language defined in WAP
2.0. It is a subset of XHTML and
a superset of XHTML Basic. A
version of cascading style sheets
(CSS) called WAP CSS is
supported by XHTML MP
• Dresden and TU Darmstadt) -
security in pre-shared
key mode
Pre-shared key mode (PSK, also
known as Personal mode) is
designed for home and small
office networks that don't require
the complexity of an 802.1X
authentication server.Each
wireless network device encrypts
the network traffic using a 256 bit
key. This key may be entered
either as a string of 64
hexadecimal digits, or as a
passphrase of 8 to 63 printable
ASCII characters. If ASCII
characters are used, the 256 bit
key is calculated by applying the
PBKDF2 key derivation function
to the passphrase, using the SSID
as the salt and 4096 iterations of
HMAC-SHA1.
Shared-key WPA remains
vulnerable to password cracking
attacks if users rely on a weak
passphrase. To protect against a
brute force attack, a truly random
passphrase of 13 characters
(selected from the set of 95
permitted characters) is probably
sufficient. Lookup tables have
been computed by the Church of
WiFi (a wireless security research
group) for the top 1000 SSIDs for
a million different WPA/WPA2
passphrases. To further protect
against intrusion the network's
SSID should not match any entry
in the top 1000 SSIDs.
In November 2008 Erik Tews and
Martin Beck - reseachers at two
German technical universities (TU
uncovered a WPA weaknesswhich
relied on a previously known flaw
in WEP that could be exploited
only for the TKIP algorithm in
WPA. The flaw can only decrypt
short packets with mostly known
contents, such as ARP messages,
and 802.11e, which allows Quality
of Service packet prioritization as
defined. The flaw does not lead to
key recovery, but only a
keystream that encrypted a
particular packet, and which can
be reused as many as seven times
to inject arbitrary data of the same
packet length to a wireless client.
For example, this allows someone
to inject faked ARP packets which
makes the victim send packets to
the open Internet. This attack was
further optimised by two Japanese
computer scientists Toshihiro
Ohigashi and Masakatu Morii.
They developed a way to break
the stopgap WPA system that uses
the Temporal Key Integrity
Protocol (TKIP) algorithm,
whereas WPA2 systems that use
the stronger CCMP algorithm are
not affected. In October 2009,
Halvorsen with others made a
further progress, enabling
attackers to inject larger malicious
packets (596 bytes, to be more
specific) within approximately 18
minutes and 25 seconds.
WPA2
WPA2 has replaced WPA; WPA2
requires testing and certification
by the Wi-Fi Alliance. WPA2
implements the mandatory
elements of 802.11i. In particular,
it introduces a new AES-based
algorithm, CCMP, which is
considered fully secure.
Certification began in September,
2004; from March 13, 2006,
WPA2 certification is mandatory
for all new devices to bear the Wi-
Fi trademark. TKIP encryption,
802.1X/EAP authentication and
PSK technology in WPA are
features that have been brought
forward from WPA2.
Additionally, WPA2 will provide
a new, encryption scheme, the
Advanced Encryption Standard
(AES). AES has already been
adopted as an official government
standard by the U.S. Department
of Commerce and the National
Institute of Standards and
Technology (NIST). AES will be
defined in counter cipher-block
chaining mode (CCM) and will
support the Independent Basic
Service Set (IBSS) to enable
security between client
workstations operating in ad hoc
mode. AES uses a mathematical
ciphering algorithm
that employs variable key sizes of
128-, 192- or 256-bits.
Like WPA, WPA2 will use the
802.1X/EAP framework as part of
the infrastructure that ensures
centralized mutual authentication
and dynamic key management. It,
too, offers a pre-shared key for
use in home and small office
environments. Like WPA, WPA2
is designed to secure all versions
of 802.11 devices, including
802.11b, 802.11a, and 802.11g,
multi-band and multi-mode.
Enterprises building new WLANs
will find AES attractive. However,
in many cases it will require new
investments in hardware. Thus,
the business must weigh the
benefits of the enhanced security
that WPA2 offers against the cost
of new equipment. There is no
reason not to upgrade now to
WPA. While a hardware upgrade
may be needed to deploy the AES
portion of WPA2 on WPA-
enabled devices, the 802.1X
authentication, TKIP encryption,
and PSK components of Wi-Fi
Protected Access make the two
specifications quite compatible.
WPA2 offers a graceful transition
path from WPA that presents a
compelling case for upgrading to
WPA now. WPA2 will offer a
highly secure “mixed mode” that
supports both WPA and WPA2
client workstations. This will
allow for an orderly transition in
large enterprises that cannot
readily upgrade in a short period
of time.
Unlike the WEP/WPA mixed
mode in WPA devices, WPA2’s
mixed mode will support both
WPA and WPA2. It delivers a
high level of security to
enterprises as they make the move
to the even higher level of security
offered in WPA2. Since Wi-Fi
Protected Access already provides
strong encryption, the transition to
WPA2 clients and APs can be
done gradually, seamlessly, and
with a high level of confidence
that security will not be
compromised.
Hardware support
Most newer certified Wi-Fi
devices support the security
protocols discussed above, out-of-
the-box: compliance with this
protocol has been required for a
Wi-Fi certification since
September 2003.
The protocol certified through Wi-
Fi Alliance's WPA program (and
to a lesser extent WPA2) was
specifically designed to also work
with wireless hardware that was
produced prior to the introduction
of the protocol which usually had
only supported inadequate
security through WEP. Many of
these devices support the security
protocol after a firmware upgrade.
Firmware upgrades are not
available for all legacy devices.
Furthermore, many consumer Wi-
Fi device manufacturers have
taken steps to eliminate the
potential of weak passphrase
choices by promoting an
alternative method of
automatically generating and
distributing strong keys when
users add a new wireless adapter
or appliance to a network. The
Wi-Fi Alliance has standardized
these methods and certifies
compliance with these standards
through a program called Wi-Fi
Protected Setup.
EAP extensions under
WPA- and WPA2-
Enterprise
The Wi-Fi alliance has announced
the inclusion of additional EAP
(Extensible Authentication
Protocol) types to its certification
programs for WPA- and WPA2-
Enterprise certification programs.
This was to ensure that WPA-
Enterprise certified products can
interoperate with one another.
Previously, only EAP-TLS
(Transport Layer Security) was
certified by the Wi-Fi alliance.
As of 2010 the certification
program includes the following
EAP types:
• EAP-TLS (previously
tested)
• EAP-TTLS/MSCHAPv2
• PEAPv0/EAP-
MSCHAPv2
• PEAPv1/EAP-GTC
• PEAP-TLS
• EAP-SIM
802.1X clients and servers
developed by specific firms may
support other EAP types. This
certification is an attempt for
popular EAP types to interoperate;
their failure to do so is currently
one of the major issues preventing
rollout of 802.1X on
heterogeneous networks.
Summary
Both WPA and WPA2 offer a
high level of assurance for end-
users and network administrators
that their data will remain private
and access to their network
restricted to authorized users.
Both utilize 802.1X and
Extensible Authentication
Protocol (EAP) for authentication.
Both have Personal and Enterprise
modes of operation that meet the
distinct needs of the two different
consumer and enterprise market
segments.
Like WPA, WPA2 offers both a
Personal and Enterprise mode of
operation. In the Personal mode of
operation, a pre-shared key
(password) is used for
authentication, while in the
Enterprise mode of operation,
authentication is achieved via
802.1X and the EAP. Personal
mode requires only an access
point and client device, while
Enterprise mode typically requires
a RADIUS or other authentication
server on the network.
WPA2™ provides improved
encryption with AES and a high
level of assurance that only
authorized users can access the
network WPA2 able to meet
government and enterprise
security requirements WPA™ is
still a very secure solution First
WPA2 products announced on
September 1st WMM™ enables a
new class of consumer electronics
products based on Wi-Fi® WMM
provides users with enhanced
multimedia Capabilities based
upon IEEE 802.11e standard First
WMM products to be announced
in September.
WPA and WPA2 difference
WPA2 provides a stronger
encryption mechanism through
Advanced Encryption Standard
(AES), which is a requirement for
some corporate and government
users.
References
• http://en.wikipedia.or
g/wiki/Wi-
Fi_Protected_Access
• http://www.wirelessfo
rums.org/alt-internet-
 wireless/wap2-same-
wap-psk-27777.html

• http://www.howstuff
works.com/wireless-
network.htm

• www.wi-fiplanet.com