Walk through the 802.11 standards and the authentication and encryption methodology that has developed over time.
- [Instructor] From the day 802.11 first came out security was a big issue. Now the problem that we've had over the years, is that there have been different types of security standards that have come out, which have then become cracked one way or another, and then they come up with other types of security standards. So we're gonna kinda do a quick run through of all the different types of security standards that have ever been on 802.11. Don't panic, there's not that many, and what we're gonna do with this is understand where some of the weaknesses are, and also, get a lot of terms down that you're gonna see on the exam.
The first thing I wanna talk about with 802.11, when it was invented years ago, they wanted to do something called authentication. So basically if I've got a wireless client, and I wanna get onto an SSID, the thought would be, is that, would you need a username and password? Or something to get to it. With the original 802.11 standard, they had an authentication methodology based on a passphrase. So you would have this magical passphrase, and that allowed you to get on the wireless network.
Once you were on the wireless network, encryption was a separate animal. So even if I have no encryption on this at all, with the original 802.11 standard, you had a passphrase that you could enter in just to get on the wireless network. Forget encryption. Just to get on it. You didn't have to do that. They would have what were known as open systems, that would allow you to just, you could get on. As long as there was no encryption, you could get on and do whatever you wanted. Open. Also known as shared. The other one would be a closed system.
With the closed system, you'd have to use a passphrase. In the late 1990s when they were putting the 802.11 standard together, they decided that they would use a passphrase, which was part of a authentication and encryption tool, known as WEP. Which stands for, Wired Equivalent Privacy. The whole idea of WEP is that it would provide authentication using a passphrase, and then using that same passphrase, it would provide an encryption so people couldn't read over it. They made a little mistake a long time ago, and the WEP standard took that passphrase, and passed it in the clear for authentication.
Pretty much nobody ever used the concept of a closed network and to this day all 802.11 networks are open. There is nothing to stop you from getting onto an open wireless network. If the wireless network is unencrypted, anybody can get on it. And that's true to this day. However, we do have an encryption. With encryption what we're doing is we add some methodology. Sometimes a passphrase, maybe a username and password, maybe a certificate, I don't know, don't care, that allows you to be in on whatever the encryption scheme is for a particular SSID.
So remember, WEP was an authentication, which got thrown out the door, but WEP also had encryption. The original WEP worked great. Except it had a little problem. The problem you have whenever you're working with a wireless communication like this, is that the encryption uses streaming protocol. The original WEP used a streaming protocol known as RC4, which we cover in other episodes. The RC4 protocol is great except the problem is, is that it would keep sending kinda the same data, over and over again, accidentally.
When you're streaming something, you have to put a little starter thing called an initialization vector into the mix. And the problem we ran into with WEP is that it was mathematically able to crack the key, just by trying to look at the data that was coming through. WEP was a disaster, and by the early 2000s, just a few years after 802.11 standards were out, they realized they had a problem. So, wow, what are we gonna do about it? Well, the 802 committee got together, and they came up with a new type of security called 802.11i.
And the 802.11i standard was going to take care of all these problems. It was gonna fix the problem with WEP, is really the big thing it was gonna do. All the people in the industry, they're like, yay, okay we're lookin' forward to this 802.11i. When's it coming out? And the industry said, well, three, four years (laughs). If you're LinkSys or Cisco, and you're supporting wireless networks, and you know WEP is crackable, you are not going to wait years and years for this. So what they did is they came up with a, really it's a sales pitch, called WPA.
WPA is an improvement on WEP. The big thing that WPA has over WEP, is it fixed that initialization vector issue with something called TKIP. Temporal Key Integrity Protocol. The whole idea behind TKIP is that if WEP used a secret decoder ring that kept getting incremented one click every time that we could predict, TKIP kinda spun it every time and made it very, very difficult to predict and a lot more robust than regular 'ole WEP.
In fact, in the old days, we didn't even call WPA, WPA. We called it WEP plus TKIP, because it still used that same RC4 encryption methodology, the only difference is, is that it fixed the initialization vector issue. Well, as years went by, and now we're getting into the late 2010s, around there, we started to recognize that even WPA using TKIP had some vulnerabilities with the way they would connect to each other.
It allowed people to be able to crack it. Not as easy as WEP, but it was crackable. 802.11i still wasn't out, so what they did is they got rid of that RC4 and instead they used AES encryption. Now AES being a block cipher, you could do some pretty cool stuff in terms of how you stir it up. So with WPA2 using AES, we didn't use TKIP, TKIP was for a streaming protocol.
Instead it used something called, you ready? Counter Mode Cipher Block Chaining Message (mumbles) it goes on and on. The bottom line is we call it CCMP. Both WPA and WPA2 were standards that predated 802.11i. WPA certainly fixed the whole issue with WEP's initialization vector using TKIP, but WPA2 took another step further by integrating AES and using CCMP.
The reason I'm bringing this up folks, is on the exam, you will have questions that will not say WPA. They'll say TKIP. And they're not going to say WPA2, they're going to say CCMP. CompTIA, I don't know why you do this to us, but fine. We're ready for ya. The important thing is you remember TKIP is for WPA, and CCMP is for WPA2. Alright, now that we've gone through this, we've got WEP, we've got WPA and we have WPA2. Let's go ahead and take a look on the system and actually do some configuration.
What I've got right now, is I have an SSID called GoogleBigBrother. Right now there's no security at all. So first of all I'm gonna go ahead and do WEP. Right now you have a choice. You can do Auto, Open System or Shared Key. If you do Shared Key, you will transmit the actual key in the open. Let's just go to an Open System, and they're gonna have to know the key. The idea behind WEP is that you had two different key lengths. 64-bit and 128-bit. I'm going to type in a key value for 128.
There we go. And what we've done is we've generated a value which is going to be the key. If we want other people to get onto this network, we're going to have to tell them, verbally say to them, what is the key? And then they're gonna go ahead and get on. There were all kinds of challenges with WEP. So instead of 64-bit or 128-bit, the reality is, is that the initialization vector was 24-bits, so your actual key value was only either 40-bits, or 104-bits.
You just take those values and subtract out the initialization vector. Which made a relatively short key. Plus the initialization vector was predictable. The bottom line is, is I hope this is the last time you ever see anybody use WEP. I can crack a WEP network in about, depending on how much traffic, usually in about five, six minutes. Sometimes a lot less than that. It's interesting that here we are, not that far away from the year 2020, and we've known that this problem has existed for well over a decade.
So you would think, wow, nobody uses WEP. We've done some research here in the Houston area, with certain organizations, just querying networks. Did you know that here in the Houston area, just under ten percent of all encrypted networks still use WEP? I don't know, I don't know. People are insane. Using WEP will get you cracked instantaneously. If you take a look, right now what I have is a single SSID and it's got this strange TP-LINK name.
That's okay, it's just a default name. And you'll see that I have no security at this point. Let's go ahead and start by firing up WEP. First of all, you'll see it has Auto, Open System, or Shared Key. What we're talking about here is that old authentication. In fact, to even find a wireless device that still even has this option, is rare. Most of the time they're by default Open and you can't change it. I can pretty much guarantee this one will be Open also. I can either click it as Open, or I could click it as Shared Key.
If I click a Shared Key, what's gonna happen is, we're gonna type in a key value in a moment, and that will be transmitted in the clear. You never, ever use this. It's always open, in fact I know this particular wireless, by leaving it as Auto, it'll go to Open. Now what we're gonna do is we're gonna type in either a 64-bit or 128-bit key. The idea was lower power and higher power. The challenge you run into with WEP, number one, is that initialization vector was 24-bits. So if you have a 64-bit value, you already have to take 24-bits off of it.
So 64 minus 24, you really only had a 40-bit key. With the 128-bit key, you only had a 104-bit key. That was one of the big problems that started WEP, is that the key size wasn't nearly as long as we thought because the initialization vector took so much of it. Plus the initialization vector was predictable. So anyway let's go ahead and you'll see I've typed in a, you'll notice it's 10-bits. Now if you think about that for a minute, it makes sense. If it's 10-bits, that is going to be, each one of those are a hex value. 4-bits for every hex value.
10 times four is 40. Got it? That's where that value comes from. If I run this right now, I will have a nice WEP encryption. The bottom line is, is that I can crack this, in about four minutes with the right tools. WEP is a terrible, terrible idea and I hope this is the last time you ever see anybody set up WEP ever again. Instead let's go to WPA. On this particular one, you'll see it says WPA/WPA2-Personal, WPA/WPA2-Enterprise.
Let's go ahead and start with personal. On this particular router, I can configure both WPA or WPA2 from the same screen. If you take a look at this, it says do I want WPA, or do I want WPA2? That PSK stands for pre-shared key, and that's going to be a key that everybody has to have to get onto this SSID. So if you wanna get on my SSID, I have to tell you what the password is. Anybody that's ever gone into a coffee shop says, what's the wifi password? That's what we're talkin' about here.
I'm gonna go ahead and set this up as WPA-PSK. This is actually interesting. We know based on what I just told you, is that WPA uses TKIP, while WPA2 uses CCMP, based on the AES protocol right? But for some reason this particular router wants you to configure this on your own. I could just leave it as Automatic right here. If I leave it as Auto, it'll go, oh you mean TKIP. But I could actually do something bizarre like this. What I've just said is I want WPA-Personal Shared Key, but make it as AES.
What you do on this particular router, if you make that setting, you really just set it to WPA2. It's a little bit confusing here. Remember, WPA uses TKIP. Whereas WPA2 uses AES encryption with CCMP. On a lot of these routers it takes a little time and experiments to get these things right the first time, and it's just a matter of dealing with these different interfaces. It doesn't matter whether we pick WPA or WPA2, we type in some kind of password.
This password is actually a passphrase. We take this phrase and it derivates a long key, and that's what's actually being passed around for Personal Shared Key. We realized a long time ago that the idea of not having any form of authentication was a bad idea. So part of the 802.11i standard also included something called Enterprise. I'm now gonna go to WPA/WPA2-Enterprise. If you take a look at this, we still have those same settings that we saw before, but notice it says RADIUS Server IP, Port and Password.
When you're using Enterprise-level WPA or WPA2, you have another box, a RADIUS server, sitting somewhere on your network, and you have to type the IP address for that RADIUS server into all of your wireless access points, and that RADIUS server has a bunch of usernames and passwords and you actually do have authentication. For the exam, make sure you know WEP. WEP had a 68-bit and a 128-bit key, which was really 4-bits and 104-bits, remember that. WEP is easily crackable.
WPA uses TKIP. TKIP makes it a lot more robust than WEP, but even WPA is fairly easily crackable today. Right now, WPA2 is the standard. But even WPA2 is crackable if your passwords are relatively short. If you're using WPA2-Personal Shared Key, use long passwords. And when I say long passwords, things like, Englandexpectseverymantodothebestforhiscountry, kind of really long passwords to make sure that you're always gonna be in a robust world.
This Total Seminars course covers the exam certification topics. For information on additional study resources—including practice tests, lab simulations, books, and discounted exam vouchers—visit totalsem.com/linkedin. LinkedIn Learning members receive special pricing.
This course was created by Total Seminars. We are pleased to offer this training in our library.
We are a CompTIA Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Implementing wireless security
- Threats to your wireless network
- Wi-Fi Protected Setup
- Installing a wireless network
- Cloud ownership and implementation
- Creating a virtual machine
- PaaS, SaaS, and IaaS
- Mobile networking
- Deploying mobile devices