WPA full name of the Wi-Fi Protected Access, WPA and WPA2 have two standards, is a protected wireless computer network (Wi-Fi) security system, which should be the first generation of systems researchers Wired Equivalent Privacy (WEP ) found several serious weaknesses arising. WPA implements the majority of IEEE 802.11i standard is to replace WEP 802.11i complete the transition before the program. WPA is designed to be used in all wireless network card, but can not be the first generation of wireless access point. WPA2 implements the full standard, but can not be used in some of the old network card. Both offer excellent security capabilities, but also has two significant problems: WPA or WPA2 must be started and have been selected to replace the use of WEP, but WEP regarded most of the installation instructions as the first choice. In the use of home and small office most likely to use the "personal" mode, in order to preserve the integrity of the passphrase needed to be set by the user than to have to teach six to eight-character password is still long. WPA is a standards-based interoperable WLAN security-enhanced solutions that greatly enhance the existing and future wireless LAN system, the level of data protection and access control. WPA IEEE802.11i from the standard under development and in maintaining forward compatibility with them. Deployment of appropriate words, WPA WLAN users ensure data is protected and only authorized network users can access the WLAN network. WEP has been proven as unsafe, in perfect agreement before 802.11i, WPA provides users with a temporary solution. The standard data encryption protocols using TKIP (Temporary Key Integrity Protocol), certification, there are two modes to choose from, one is to use the 802.1x authentication protocol; one is called the pre-shared key PSK (Pre-Shared Key) mode. Edit this paragraph history WPA is a Wi-Fi Alliance (The Wi-Fi Alliance) to establish the industry groups, and they have Wi-Fi trademark the term, and will test you want to use the term Wi-Fi device to issue certificates. WPA implementation of the test began in April 2003, in November 2003 to become mandatory. The full 802.11i standard is adopted in June 2004. The design of the WPA to an 802.1X authentication server to use to distribute different keys to each user; but it can also be used in the less insurance, "pre-shared key" (PSK) mode, so that each user with the same a secret language. Wi-Fi Alliance to the use of pre-shared key version is called WPA Personal or WPA2 Personal, with the 802.1X authentication version is called WPA Enterprise or WPA2 Enterprise. WPA 128-bit data is a key and a 48-bit initial vector (IV) of the RC4 stream cipher to encrypt. WEP WPA go beyond the main improvement is in use to dynamically change the key of "temporary key integrity protocol" (Temporal Key Integrity Protocol, TKIP), coupled with the beginning of a longer vector, which can beat well-known for the golden key to get WEP attack. In addition to authentication with encryption outside, WPA for the integrity of the information contained in also provides a great improvement. WEP uses CRC (Cyclic Redundancy Check) is not inherent security, WEP key without knowing the circumstances, to tamper with the information contained and the corresponding CRC is possible, and use WPA as "Michael" more safety message authentication code (called a message integrity in the WPA in the audit, MIC). Further, WPA uses the MIC contains a frame counter, in order to avoid another weakness of WEP-replay attack (replay attack) - use.
There are two reasons make the WPA is positioned to reach the safety of 802.11 security than before the transition steps: 1. To develop 802.11i than originally anticipated for a long time a lot more worried about wireless security in all of the time actually spent four years;
2. It contains a subset of 802.11i is compatible with WEP, even the earliest 802.11b interface cards also can be used. Many have been shipped WPA wireless network interface card has a firmware update; sold before 2003 are 802.11 access points generally have to be replaced.
By increasing the key and the beginning of the vector, reducing the number of packets and the key associated, together with safety information verification system, WPA makes it difficult to invade a lot of wireless LAN road. WPA designer Michael algorithm is in most older network cards can also be found under the conditions used the strongest algorithm, but it may be forged packet attacks. To reduce this risk, WPA network whenever an attempt to detect the attack will be turned off when 30 seconds.
There are two reasons make the WPA is positioned to reach the safety of 802.11 security than before the transition steps: 1. To develop 802.11i than originally anticipated for a long time a lot more worried about wireless security in all of the time actually spent four years;
2. It contains a subset of 802.11i is compatible with WEP, even the earliest 802.11b interface cards also can be used. Many have been shipped WPA wireless network interface card has a firmware update; sold before 2003 are 802.11 access points generally have to be replaced.
By increasing the key and the beginning of the vector, reducing the number of packets and the key associated, together with safety information verification system, WPA makes it difficult to invade a lot of wireless LAN road. WPA designer Michael algorithm is in most older network cards can also be found under the conditions used the strongest algorithm, but it may be forged packet attacks. To reduce this risk, WPA network whenever an attempt to detect the attack will be turned off when 30 seconds.
No comments:
Post a Comment