NIS Chapter 05 Flashcards
(30 cards)
Why is it advantageous to have dynamic key instead of static ones?
they are not at risk to things like social engineering making them more secure
After the mutual authentication exchange (EAP). Both the authentication server and the supplicant have information about each other. What information is this?
- seeding material
- ## key per user and per session
what is the difference between pre-RSNA and RNSA
preRSNA algorithms use static WEP encryption and legacy authentication methods
whereas RSN use TKIP/RC4 or CCMP /AES. dynamic key management and the 802.1X authentication methods
What is the purpose of 802.1X/EAP?
for authorisiation and authentication
what are the advantages of dynamic keys?
free of social engineering attacks
Draw the dynamic WEP authentication process
draw / explain
what is dynamic WEP
a WLAN security implementation that was a short term solution until TKIP/RC4 or CCMP/AES became available
What is the name of the payload that is protected by WEP encryption? And what layer are these suits found?
MSDU payload. Found in layer 2
What is RSNA? (3)
A security standard that requires 802.11 stations to:
- authenticate
- create dynamic keys that are unique
- do the 4 way handshake
Between CCMP/AES and TKIP/RC4 which one is optional in RSNA?
TKIP/RC4
With BSS that implement RSNA, a unique key has to be created between each AP and client to encrypt and decrypt all unicast traffic. What is the name of this key?
PTK(pairwise transient key)
What is the name of the broadcast key of a RSNA implementing BSS? And what is it used for?
GTK (group temporal key)
- Used to encyrpt and decrypt all multitask and broadcast traffic
What is the difference between IBSS and BSS?
BSS has an access point
IBSS has no AP. Solely consists of client stations
How is RSNA in a IBSS implemented interms of key distribution?
- Peer 2 peer communication is used
- a client must have aPTK with each client it communicates with
- each STA will create and distribute its GTK
What is a TSN? And what does it mean?
A transition security network is a type of security standard that supports both RSN security as well as legacy security such as WEP.
- This means that in the network, some clients use either TKIP/RC4 or CCMP/AES but others use static WEP
Since dynamic WEPs are safer, are they considered RSNA?
No, they are pre-RSNA
Virtual vlans can also be created within a WLAN and each has a different security standard
true
What is an RSN information element?
a field found in 802.11 management frame that carries information about the encryption abilities of each station and also whether PSK or 802.1X/EAP is being used
What is the AKM service?
This consists of one or more algorithms designed to provide key management and authentication
What are the 2 options for AKMP authentication?
PSK and 802.1X/EAP
What AKM operations are used when 802.1X/EAP is used for authentication?
- secure channel : authenticator and AS must have a secure channel established
- discovery: AP must be discovered either via active probing or passive beaconing
- Authentication: a
- ## Master key generation: supplicant and AS generate PMK (pairwise master key)
At what point does the controlled port of an authenticator open?
once the temporal keys have been created and installed. Only then can the encrypted data frames be forwarded
What 5 keys are needed in order to establish a RSNA?
- MSK
- GMK
- PMK
- GTK
- PTK
Break down the hierarchy
-called AAA key
MSK are a result of 802.1X/EAP. It is used to create PMK, not used to encrypt or decrypt data
- PMK uses MSK as seeding material to create it. A new one is generated for each client in each session. It is used to create the PTK
- GMK is randomly generated at the authenticator. This is used to create GTK
-* These master keys are now used as seeding material for the 4 way handshake in the creation of the temporal keys
- PTK is derived from the PMK during the 4 way handshake. It is used to encrypt and decrypt all unicast data between a single client station and AP
Same with GTK but multicast and broadcast
