WEP, WPA, and WPA2 Now we’re ready to explore and discuss wireless technology encryption. WEP, WPA and WPA2 reflect the evolution of wireless encryption.  We’ll explain the foundation for each encryption type, their pros and cons and how they were compromised, and what strategies we currently employ in the wireless environment. We explain the Access Point process using WPA2 and how encryption in the wireless environment works when granting user access to the resource behind the access point. [toggle_content title="Transcript"] We talk about WEP, WPA and WPA2. Starting off, WEP was the early type of encryption mechanism to secure a wireless traffic. It was quickly discovered that WEP--I mean WEP relies on RC4 and RC4 is victim to what we call the initialization [veto] attack. The problem with RC4 is that it employs keys with a small key space. In many cases keys are usually easily repeated. This makes it very easy for malicious persons to compromise WEP. It is easy to review the code in RC4 and the [cypher that] it is -the keys are constantly being repeated and by reverse engineering, malicious persons can attack RC4 and subsequently compromise WEP. We moved away from WEP to WPA. WPA employs TKIP- the Temporal key integrity protocol. This brings some solutions to WPA but within a very short time, some malicious persons were able to compromise WPA. So we moved to WPA2. WPA2 depends on CCMP. To date it is the strongest encryption mechanism. This WPA2, organizations and individuals are advised to check their access points at home or at work and ensure they are on the strongest form of encryption which is WPA2. WPA2 employs CCMP. With our access point we have something called PSK, where this stands for the Pre-shared Key. The Pre-shared Key; the key on the access point is also the key that is shared with other users seeking to gain access to the access point. So the same key has to be used. In some other environments they use something called WPA2 enterprise. With the enterprise, the user attempting to connect would provide some credentials; maybe a user ID and a password. That is referred to as the enterprise method. We have PSK which is the Pre-shared Key and enterprise. With PSK-Pre-shared Key, the key on the device is the same key that would be put into the system attempting to connect and for the enterprise method, the user has to provide their credentials and also a password with which they are able to log in. [/toggle_content]
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?