1.6 Securing Wireless Networks Flashcards
(42 cards)
Created in 1997, the evolving standards that gives us the methods by which we create wireless local area networks.
IEEE802.11
Most of the amendments to 802.11 have focused on the following.
Performance, frequency range, speed/bandwidth, and security.
The most recent approved 802.11 amendment, incorporated in the standard in 2016. Aggregated bandwidth of 1 Gbps and operates in the 5GHz frequency range. what many people look for today when purchasing new laptops smartphones and access points.
802.11ac
Not officially ratified at the moment, this is the next iteration of 802.11 amendments. Initial support suggests the possibility of aggregated bandwidth of 11 Gbps. Also known as the high efficiency amendment.
802.11ax
New sets of naming conventions proposed by the Wi-Fi alliance
Wi-Fi generational names
Wi-Fi 6 refers to this 802.11 amendment
802.11ax
Attackers can use these to be within range of a wireless network from further away.
High Gain amplifiers and antennas
802.11 amendment that tries to address some of the security shortcomings.
802.11i
This directly translates to the number of possible keys that can be used in cryptographic operations
key length
These restrictions limited the key length of WEP to 40 bits
United States export restrictions
With the RC4 cipher it is critical that this does not repeat
Keys, keying material
This was the security undoing of WEP
Improper key generation. Repeating of the 24 bit initialization vector (IV) that led to potential uncovering of the pre-shared key.
Used by some cryptographic implementations to try and add uniqueness to each encryption operation. This becomes part of the encryption key.
Initialization vectors - IVs
Keyspace for WEP initialization vectors
2^24
A nonprofit organization founded in 1999. goals of the organization were to provide standardization around interoperability, reliability, and the consistency of hardware that leveraged 802.11 technologies.
Wi-Fi alliance
This deprecated protocol is an improvement to how the encryption keys for the underlying RC4 stream cipher are generated
TKIP - temporal key integrity protocol
These checks help to make packet forgery and replay attacks more difficult
Integrity checks
The Wi-Fi alliance will only certify a device for Wi-Fi 6 if the device supports this encryption protocol
WPA3
WPA3 will support up to this key length for it’s AES based encryption
192 bit key length
Once this is uncovered, an adversary might be able to decrypt any and all of the encrypted communication on the WLAN
Pre-shared key
The newer handshake with WPA3 where pre shared keys are only used to authenticate to the network, and no longer to drive session keys for encrypted communication.
Dragonfly
What a wireless access point uses to notify clients on changes in communication, such as channel usage.
management frames
these devices are managers of the wlan. They are responsible for maintaining which channels to use for communication, handling clients connecting and disconnecting, and enforcing which security mechanisms to use.
Wireless access points
A DoS attack where an adversary can impersonate an access point and transmit a spoofed management frame, disconnecting all connected clients.
Spoof of a disassociate request.
