Table of Contents
Definition WPA (Wi-Fi Protected Access)
WPA (Wi-Fi Protected Access) and WPA2 is a class of systems for securing wireless networks. They have created WPA in response to the severe weaknesses of other protocols such as WEP (Wired Equivalent Privacy). It implements most of what conforms to the IEEE 802.11i standard and able to work with all devices for wireless networks, except first-generation access points. WPA2 implements the entire IEEE 802.11i standard, but it does not work with many old devices.
Types of WPA
Wi-Fi Protected Access, Wi-Fi Protected Access II, and Wi-Fi Protected Access 3 are three security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks.
The Wi-Fi Alliance industrial and commercial group created WPA, owners of the Wi-Fi trademark, and certifiers of the devices that have such a name.
Uses
The data uses the RC4 algorithm with a 128-bit key and a 48-bit initialization vector. One of the most outstanding improvements over its predecessor, WEP, is TKIP (Temporary Key Integrity Protocol). Which consists of dynamic change while using the system. When combined with more significant Initialization Vectors, it makes it considerably more challenging to make attacks to obtain keys, as is the case with WEP.
In addition to providing authentication and encryption, WPA provides better payload integrity. The cyclic redundancy verification (CRC or Cyclic Redundancy Check) used in WEP is insecure because it allows altering the payload and updating the cyclic redundancy verification message without knowing the WEP key.
Instead, WPA uses a Message Integrity Code (MIC or Message Integrity Code), which is an algorithm called “Michael,”. Which was the strongest that could be used with older devices for wireless networks so as not to make obsolete these. The WPA Message Integrity Code includes a mechanism that counteracts attack attempts to violate TKIP and temporary blocks.
In summary, WPA makes it harder to violate wireless networks by increasing key sizes and Initialization Vectors, reducing the number of packets sent with related keys. And adding a message verification system.
Protocols
In addition to using a shared key (PSK or Pre-Shared Key). Which supplements the complexity of implementing an 802.1X authentication server in homes and small offices. WPA can use Extensible Authentication Protocols (EAP or (Extensible Authentication Protocol) ), like the following:
- EAP-TLS
- EAP-TTLS / MSCHAPv2
- PEAPv0 / EAP-MSCHAPv2
- PEAPv1 / EAP-GTC
- EAP-SIM
- EAP-LEAP
Among the various servers that are useful for these types of implementations, is FreeRADIUS. Alcance Libre has a modest document for the configuration of this sound equipment.