Week 11

Question 1

Common WLAN threats

Answer 1

Packet Sniffing (Eaves dropping)
Denial of service (RF jamming)
Rogue Access Points

Question 2

What is WEP

Answer 2

Wired Equivalent Privacy
Outdated wireless encryption protocol which utilises Stream cipher
Utilises 24bits for IV (Initialisation Vector)

Question 3

Weakness in WEP

Answer 3

• Capture one challenge and response
• Both plain text and cipher are available
• Key can be obtained through XOR
• Once obtain key stream, easily encrypt other data

Question 4

Explain 802.11I

Answer 4

Strong message integrity check
Longer IV (48 bits)
Extensible Authentication protocol
Mutual Authentication
Robust Security Network (RSN)

Question 5

Explain TKIP

Answer 5

Temporal Key Integrity Protocol
-Key Mixing
- Algorithm Message Integrity Code
- Sequence numbers
- Use 48 bit IV size

Question 6

Explain 802.1x process

Answer 6

1. Wireless request access to WLAN, authenticator ask for identitiy and issue temporary encryption key
2. Client sends username and password
3. AP replays it to the authentication server using another encryption key
4. Once authentication server verifies credentials, issue key for TKIP

Question 7

Explain Digital Signature

Answer 7

• Digital signature used to prove ownership of public key
• Issued by Certificate Authority (CA)
• Key, Information, Owner identitiy, digital signature

Question 8

Type of EAP (WPA1)

Answer 8

Extensible Authentication Protocol
1. EAP-MD5 (very weak)
2. LEAP (Lightweight EAP), rely on user password srength
3. EAP-TLS (Transport Layer Security),client and server has cert
4. EAP-TTLS (Tunned TLP), server certificate only
5. PEAP (Protected EAP), SESSION key to get network

Question 9

Explain WPA 2

Answer 9

Uses AES
USE CCM Protocol header
48 bit