Talk:Wi-Fi Protected Access/Archive 1

Archive 1

PSK Passphrase

The article says : "The passphrase may be from eight to 63 ASCII characters or 64 hexadecimal digits (256 bits)."

Some equipment does not allow entering a 64 digit key, but ONLY a 63 character passphrase.

An example : The Asus WL-500G Deluxe WLAN router.

Does Windows XP Professional support it ? I set a 64 hex char passphrase on my AP and entered the same key into Windows WPA dialog and got no connection. When I used a shorter passphrase in the same way (same fields in same dialogs), it worked. The AP I used was Canyon CN-WF514.

--213.253.102.145 17:22, 15 November 2005 (UTC)

To be certified as WPA compatible the device MUST accept a 64 charcter passphrase!!!!!!!!!

Just because some equipment may not implement this has nothing to do with the WiFi Alliance defined standard!

Merging Wi-Fi Protected Access with IEEE 802.11i

Regarding merging the WPA page with the IEEE 802.11i, my vote (if any were taken) would be no.

WPA does not implement all the features of IEEE 802.11i (pre-authentication is not supported, for example).

Some of the features WPA implements is also different from 802.11i: the OUI used for the RSN information element, the information element ID used, and the group key is not provided as part of the initial 4-way handshake, are examples of some of the differences between WPA/WPA2 and 802.11i.

There does not appear to be an overlap between the WPA and 802.11i pages. The WPA page discusses Wi-Fi security from the user/admin point of view (i.e., what EAP types to use) while the 802.11i page discusses Wi-Fi security from the technical point of view (4/2-way handshakes, algorithms implemented).

As I see it, users and Wi-Fi administrators would rather read the WPA page while network engineers would rather read the 802.11i page.

So, let's keep the information separate.

Regards, Kam-Yung 2005-11-07

I agree that the WPA and IEEE 802.11i pages should not be merged. WPA and 802.11i are not one in the same and there currently is not much overlap between the pages.

my say is no. 59.93.130.205 15:54, 12 November 2005 (UTC)

I concur that these are two distinct items: WPA/WPA2 are certified, market-driven implementations; 802.11i is a distinct standard that was ratified and exists as a document. I vote no. Glenn Fleishman 1 December 2005

I agree that we shouldn't merge. — Matt Crypto 11:33, 2 December 2005 (UTC)

WPA-PSK

The information about WPA-PSK security in this article does not match what's said in the Wireless security article. 193.217.204.29 14:29, 4 January 2006 (UTC)

The Wireless security is off target .... WPA is fine in PSK mode if used with 64 character hex. It's also fine if you use a 'good' password.

WPA1 has countermeasures to this weakness, this article meant to say WEP... WPA2 is completely immune to this weakness. This article is simply wrong.

Patent claims on wi-fi protected setup (wps)?

Is anyone asserting patents on this technology? Are there open-source implementations for linux, freebsd, etc? --NealMcB 18:39, 4 May 2007 (UTC)

Selectively deleting external links..?

I added a link to a free WPA authentication service under 'external links' because people looking for WPA solutions might find that handy. Why would my link be treated as spam where others in the same section are not? Did they donate to wikipedia? Why have external link sections if you are just going to delete them (well, some of them)? —The preceding unsigned comment was added by Wlanmac (talk • contribs) 07:13, 18 May 2007 (UTC)

The WP:SPAM guideline has a subsection called Inclusion of one spam link is not a reason to include another. If it is your site, I would suggest saying more clearly that it is an open source project, because the word "Services" conspicuously displayed at the top of the page implies a commercial site. Further, the FAQ has only one question. --Jtir 09:32, 18 May 2007 (UTC)

But, I ask you... when removing a link because of it being "spam" while others just like appear _right_ above it, how do you decide to remove one and not the others? How is that fair and not being a form of favoritism? What do you have against my project? The services are free, but not open-source... so, I wouldn't say its open source. Besides, links I added to clearly open-source projects have also been recently removed. I just don't understand... it all seems rather arbitrary. I must have been red flags since I (modestly) added links on a couple pages. I am not trying to spam -- rather give real links to open-source projects and free services that directly correspond to the topic at hand. Is that so wrong? —The preceding unsigned comment was added by Wlanmac (talk • contribs) 09:46, 18 May 2007 (UTC)

Please stop adding links to your own website. I'm having this exact same conversation with User:Wlanmac on my talk page User_talk:Requestion#selective_censorship. (Requestion 15:34, 18 May 2007 (UTC))

Wii

Since the PS3 is mentioned it is also appropriate to mention the Wii. I connected mine via WPA2 last night and it worked fine. I'm not sure where any documentation on this is located, but it does work.

I also updated it last night, so it is possible it was not a shipping feature, but I do not remember. 75.5.249.156 18:16, 13 October 2007 (UTC)

WPA or WPA2?

I'm a little bit confused by this passage in the article: "The Wi-Fi Alliance have announced that they will use the term WPA2 to refer to the full IEEE 802.11i standard". Why didn't they just call it WPA and went for the additional number? What's the difference between the two? I'm guessing that there are now 3 things: WEP, WPA and WPA2, right? Could anybody maybe clarify this? Thanks :-) --Andy

I think there are three things. This is my understanding (which could well be flawed): First there was WEP which was found to be very flawed. While working on a new standard, the industry introduced WPA as an intermediate solution to fix the flaws in WEP; WPA implements a subset of the new standard. Eventually, the new standard (IEEE 802.11i) was released, and I believe the Wi-Fi Alliance call this by the alternative name "WEP2""WPA2 (for whatever reason). At least, that's the understanding I ended up with the last time I did some reading on this topic! — Matt Crypto 01:22, 25 Feb 2005 (UTC)

Matt, you mean "WPA2", not "WEP2", right? The main difference between WPA and WPA2 is that the use of AES in WPA2 is a MUST (cf. also Q&A document on [1]). WPA was a snapshot of the development of the IEEE 802.11i standard at that time, since there was a need for immediate "fixing" of the WEP/RC4 protocol weaknesses (can't quote sources for that, aside of my professor's script, sorry). WPA2 is not introduced to fix problems of WPA, though, but rather is the equivalent to 802.11i, according to the same Q&A document.

Since AES is more resource intensive, a lot of equipment can probably not be upgraded by software only. Ub 18:27, 12 Mar 2005 (UTC)

Oops, yes, WPA2, not WEP2 ;-) Darned TLAs (see also WAP...) — Matt Crypto 08:57, 13 Mar 2005 (UTC)

WPA was designed to work with existing WiFi cards (though not all existing base stations). Apple has been able to get WPA working on its original Airport (802.11b) cards, for example. WPA's big weakness is not RC4 but the HMAC it uses, a hash called "Michael," which was admittedly weak, but the most the designers were able to implement on the most anemic WiFi cards in service. In fact, to protect against brute force attacks on Michael, WPA shuts itself down for 30 seconds whenever it detects two attack packets. (I argued at the time that this made the protocal subject to stealthy denial of service attacks.) WPA2 uses strong cryptographic primitives throughout. Long term, WPA2 is unquestionably the way to go, but WPA is a huge step over WEP, which was badly broken. WPA is a good solution for networks until all older cards can be replaced or retired. --agr 05:19, 13 Mar 2005 (UTC)

Comments from Tom Carpenter:

WPA2 is an encryption solution that is based on and meets the requirements of 802.11i. More specifically, it is a certification program provided by the Wi-Fi ALliance that verifies the compliance with 802.11i and the interoperability with other WPA2 certified equipment.

WPA2 requires the use of AES and this is far more secure than WPA's continued use of RC4 with TKIP (Temporal Key Integrity Protocol - used for key rotation on a periodic basis); however, WPA's security is still sufficient for most environments today. There is an exception and that is in government implementations. These installations require FIPS compliance and WPA does not meet this, but WPA2 does.

I hope this further clarification helps, Tom Carpenter - SYSEDCO —The preceding unsigned comment was added by 24.33.129.4 (talk • contribs) 15:53, 20 January 2006 (UTC)

WPA vs WPA2 - Still unclear on relative security and TKIP/AES relationship.

Some (most, I think) recently-built base stations include multiple versions of WPA-PSK: they can be configured to support TKIP or AES (or both), as well as having a separate WPA2-PSK option, which also has the same choices. (This is the case with the WRT54GL I'm in front of, with DD-WRT on it, and I recall the latest Apple Airport is similar.) So is WPA with AES different from WPA2? The UIs are confusing; I'm not sure if this article could clarify the situation or not. It would be nice if it did. --Elvey 23:13, 10 October 2007 (UTC)

WPA2 uses AES it doesn't use TKIP or the michael algorithim (that is WPA1) —Preceding unsigned comment added by 76.118.191.206 (talk) 18:12, 3 January 2008 (UTC)

Decimal bits!

This paragraph mentions 420.5 bits? How does one get half a bit? —Preceding unsigned comment added by 41.242.222.214 (talk) 10:59, 18 August 2008 (UTC)

The unit "bit" is also a measure of information entropy and as such often has a fractional component. For example, picking one random letter out of 95 has an entropy of 6.5698556... bits = log2 (95). You can think of it this way: it's more entropy than flipping a coin 6 times, which has 64 possible outcomes, but less than flipping a coin 7 times, which has 128 possible outcomes. However the sentence you cite is somewhat misleading as it implies the hashing process materially weakens security, unlikely since few users will use random passwords longer than 39 characters and 256 bits of entropy exceeds all known security requirements (including NSA Top Secret). So I removed that calculation.--agr (talk) 13:37, 18 August 2008 (UTC)

Please forgive this simple (minded?) question.....

Does the information at this URL ( http://www.grape-info.com/doc/linux/config/aircrack-ng-0.6.html ) have any relevance to this article?

NBahn (talk) 06:44, 27 March 2008 (UTC)

The URL describes a dictionary attack on WPA which is already discussed in the article.--agr (talk) 13:42, 18 August 2008 (UTC)

Clarifying Terminology

Some devices/OSes refer to "WPA Enterprise" and "WPA Personal" (notably Linksys routers and OS X), some refer to simply "WPA" and "WPA-PSK" (and also "WPA2..." versions of same). From the article, I think I understand that WPA means Enterprise and WPA-PSK means Personal, but could someone who's sure of that add some sort of clarification? It's confusing for a newbie when the router and wi-fi setup utilities use different protocol names. Phasma Felis (talk) 01:22, 1 September 2008 (UTC)

4-Way Handshake

I think the 4 way handshake in WPA and WPA2 is quite important and should be covered in detail in this article.Gibbocool (talk) 05:28, 31 October 2008 (UTC)

Weakness in TKIP

I'd like to question this line regarding the cited Japanese research report:

They developed a way to break the WPA system that uses the Temporal Key Integrity Protocol (TKIP) algorithm...

That line makes it sound like they cracked WPA. Although numerous news reports may have described the press release that preceded release of the report that way, the actual cited report does not describe cracking WPA TKIP. It merely proposes using a Man In The Middle spoof to accomplish exactly what the earlier Tews and Bleck exploit does, only faster and without relying on QOS support. --Hvigorita (talk) 20:57, 8 September 2009 (UTC)

Terminology Clarification

"They developed a way to break the WPA system that uses the Temporal Key Integrity Protocol (TKIP) algorithm, whereas WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm and WPA2 system are not affected[16]."

AES is the cipher, CCMP is the protocol that uses it in the case of Wifi devices.

The TKIP protocol uses the RC4 cipher. So if it's proper to say they cracked TKIP then it's not proper to say they didn't crack AES because that would be like saying they didn't crack RC4. It's irrelevant, it's the protocol that's the focus here, not the cipher. —Preceding unsigned comment added by 72.130.55.225 (talk) 05:39, 9 November 2009 (UTC)

Clearly correct, so its been edited. Next time, WP:Be Bold. -- KelleyCook (talk) 20:25, 9 November 2009 (UTC)

Sufficiency of random 13-character passphrases - does the cited source really back this up?

Extract from the article:

To protect against a brute force attack, a truly random passphrase of 13 characters (selected from the set of 95 permitted characters) is probably sufficient.^[1]

…

1. "A key generated from a passphrase of less than about 20 characters is unlikely to deter attacks." "... against current brute-strength attacks, 96 bits [of security] SHOULD be adequate." (Weakness in Passphrase Choice in WPA Interface, by Robert Moskowitz. Retrieved March 2, 2004.)

I guess this is because ${\displaystyle 13\log _{2}95+12\geq 96}$, but maybe more elaboration is needed, either in the footnote or the article paragraph (e.g., where do the extra 12 bits come from?). --Keith111 (talk) 05:02, 12 September 2009 (UTC)

A passcode of the length you describe is sufficient against all known brute force methods. A quad core xeon gets about 600-800 passwords a second when 'brutin' a wpa handshake. Here's some perspective; you have a million machines doing one million passwords per second you'd bruteforce the thing in 1891080 years. —Preceding unsigned comment added by 80.254.76.147 (talk) 16:55, 12 February 2010 (UTC)

RC4 in WPA

How about adding a text stating that WPA uses the RC4 stream cipher? As it is now, there is only info about WPA2 using AES.

194.237.142.7 (talk) 13:41, 8 June 2010 (UTC)

Contrary to implication, not completely broken

Edited the part about the 2010 attack, as whoever added this section made it sound as though WPA was completely broken. In fact, the conlusion of the referenced paper's work says,

The attack can therefore be prevented the same way it is possible for the original

attack. Deactivating QoS or setting the re-keying timout to a low value like 120 seconds. The preferred way is to disable TKIP and switch to the more secure CCMP instead, as most current devices need to support this protocol suite to be compatible to the

IEEE802.11i amendment, which is now part of the 2007 version of the standard.

Original research: 120 seconds may be below the permitted re-keying range for some routers. My own has a minimum of 720 seconds, or 12 minutes.

Of course, it is better just to switch to WPA2, if all of your devices support it.

Older Windows XP SP 2 can be updated to support WPA2 here: http://www.microsoft.com/downloads/details.aspx?familyid=2726F32F-D52B-4F84-ACE8-F7FC20195769&displaylang=en .
Unimaginative Username (talk) 07:15, 5 July 2010 (UTC) 06:50, 5 July 2010 (UTC)

How secure is WPA2?

Are there any known practical or theortical attacks on WPA2? Considering how insecure WEP is this article should definitely have a section dedicated tracking the current opinion on strength or weakness of WPA2. The current article has some discussion on weak passphrases but it is not clear where WPA2 is destine to stand in the pantheon of encryption protocols. Funkyj 06:46, 12 December 2005 (UTC)

I think the intro of the article is pretty clear on this. There are no other issues with WPA2 that i am aware of. 802.11i underwent a through review by the IEEE. If some exploit is published, I expect the article will be updated the same day.--agr 16:25, 15 December 2005 (UTC)

"the pantheon of encryption protocols"

Is there even one strong encryption protocol whose implementation is provably without vulnerabilities? Isn't a vulnerability discovered in nearly every implementation over time? --AB (talk) 07:09, 20 October 2008 (UTC)

Those that become accepted by the cryptographic community (including NSA) have been mathematically shown to be "computationally infeasible" with present technology and knowledge. I. e., it would take too long, or require too many millions of computers, to be of any practicality. With time, weaknesses may be found, and of course, computer power and speed ramp up. As of this writing. I do not believe that there are any known attacks on WPA2 other than brute force (trying every possible password). This is defeated by using a long and random password, like rB8_UB,T`+mE,hal=#cN_G{;m^j;T_]JS5. No one's going to guess that before your credit card expires.

No one can possibly know what its "destiny" will be. (Do you know yours?) Right now, it's the best thing available for your home wireless, and it's believed to be secure, if *you* choose a strong password. Your destiny is in your own hands. Unimaginative Username (talk) 07:26, 5 July 2010 (UTC)

WPA vs, WPA2 in section "Security & Insecurity in pre-shared key mode"

The article section "Security & Insecurity in pre-shared key mode" is very unclear as to which information applies to which versions and variants of the protocol. The section enumerates a number of issues but is often unclear as to their applicability to the different protocol variants that users may have available. It is also sometimes unclear where the text refers to WPA-original only and where it refers to both of WPA and WPA2. 77.215.46.17 (talk) 22:55, 20 March 2011 (UTC)

Bypassing security

Is it possible to bypass a WPA-PSK-based security by reading the hexadecimal key generated when one enters his or her passphrase, and supplying a given WLAN-software with it? I realize that most accept only ASCII-input (limited to 63 characters), but I'm unsure if there are others that allow this kind of thing. - 09:56, 3 April 2011 (UTC) —Preceding unsigned comment added by 79.205.29.191 (talk)

Hole 196

I'm removing this entire Hole 196 section which in retrospect was based on the overblown pre-hype for Mr. Ahmad's then upcoming presentation at Defcon. It turns out that it required the attacker to already have network authorization and allowed for a modification ARP tables to temporarily route traffic through a rouge AP, which could happen with ANY router wired or unwired. In otherwords a non-issue and in my opinion, not encyclopedic and possibly WP:FRINGE. The IEEE isn't going to make any changes and WPA2 is not remotely broken.

According to Sohail Ahmad, a technology manager for Airtight Networks, a major flaw has been uncovered in WPA2 protocol. This vulnerability was named "Hole 196" as it was buried on the last line of page 196 of the [[IEEE 802.11]] standard. This attack however requires a network authorisation. A protocol's fundamental weakness is exploited by forging a broadcast packet (which requires a knowledge of Group Temporal Key) to force network clients to forward their private data encrypted with unique keys (PTKs) towards attacker's planted machine. All Wi-Fi networks using WPA or WPA2, regardless of the authentication (PSK or 802.1x), encryption (AES) and WLAN architecture (standalone APs or Controller based APs) they use, are vulnerable. Airtight Networks demonstrated the attack during the Black Hat and Defcon conferences on 29 July and 31 July 2010. <ref> {{cite web |url=http://www.infosecurity-us.com/blog/2010/7/23/wpa2-exposed-with-hole-196-vulnerability/189.aspx |title=WPA2 Exposed with 'Hole 196' Vulnerability |date=2010-07-23 |accessdate=2010-07-26}}</ref><ref> {{cite web |url=http://www.networkworld.com/newsletters/wireless/2010/072610wireless1.html |title=WPA2 vulnerability found |accessdate=2010-07-26 |date=2010-07-23}}</ref> Upon being asked about "Hole 196", the author of [[hostapd]] and [[wpa_supplicant]], Jouni Malinen, criticized the reports for being exaggerated and partly incorrect. <ref>{{cite web |url=http://lists.shmoo.com/pipermail/hostap/2010-August/021630.html|title=Re: Hole 196|accessdate=2010-08-23|date=2010-08-02}}</ref>

Well, as a manager of a system where all the users are authenticated, the exploit detailed in the "Hole 196" material does indeed concern me, and there is something that could be done about it (handing out different GTKs to each client and relying on unicast fanout, or adding an IE that tells hosts that multicast traffic will be coming in via their pairwise keys and to ignore the GTK entirely.)

Authentication just keeps the riff-raff out, I still have to worry about serious threats and machines exploited post-authentication. Saying these attacks "work on wired too" would be untrue for professionally administered networks, where almost every vendor has features (which are then bought and deployed) specifically to prevent them. Yes, we do take these things seriously.

With IPv6 relying so heavily on multicast for critical control plane functionalty (NDP and RA) this is going to become even more critical. So despite the gibbering masses deciding as a group that this threat was "hyped", those of us who actually do this for a living would like to see motion on a non-proprietary fix in addition to the somewhat tinier array of offerings available for WiFi. In any case, it is at least a notable attack vector.(71.233.167.118 (talk) 02:07, 26 April 2012 (UTC))

Dates?

Can dates be included throughout the article including when standards were implemented, adopted, etc.?

Just seconding the need for dates throughout this article - it just doesnt tell a reader what they need to know without the dates that thing happened. SmithBlue (talk) 10:04, 24 December 2007 (UTC)

Thoughtless use of contemporary adjectives like 'now', 'currently', 'latest', etc., are inherently meaningless (except that your post date might appear in your signature) because time and technology wait for no one. The hour after 'now' is written, it still says 'now' but means an hour ago, and is unknowably false. JRB--198.24.31.105 (talk) 21:52, 6 November 2014 (UTC)

Clarify intro paragraph

"... security protocols and security certification programs... to secure wireless computer networks"

For someone not knowing anything about WPA/WEP already, the intro paragraph does not really help them. What is "secure" referring to? Authentication? Encryption of all traffic? Something else?

Thank you!

4johnny (talk) 08:37, 24 May 2012 (UTC)

This is a common mistake of writers at every level of topical competence. With modern hyperlinking options, all technical terms and jargon should be easily linked to the relevant definitions, and at least the introduction(s) to every such article should be conscientiously written for two or more defined target audiences of expected familiarity or topical literacy. This approach does not take a lot of work, and the effort can dramatically improve your own thinking about how you present & express your ideas. JRB198.24.31.105 (talk) 22:03, 6 November 2014 (UTC)

Michael?

Paragraph on WPA refers to Michael. Good Old Mike, knew he'd get his name in somewhere.. (Who is he?) Dutchdavey (talk) 22:10, 6 January 2017 (UTC)

I've added a few words and a reference to clarify who (or in this case, what) Michael is. Mkmdy (talk) 19:48, 26 February 2017 (UTC)

256-bit or 128-bit?

see this topic at

https://en.wikipedia.org/wiki/Talk:Wireless_security - Best.alias.ever (talk) 8:06, 22 September 2017‎ (UTC)

See the reply on the other page. bkil (talk) 10:00, 23 September 2017 (UTC)

KRACK and associated WPA2 vulnerabilities

So apparently, a flaw in WPA2 was just disclosed. Benjamin (talk) 02:21, 16 October 2017 (UTC)

The attack, currently being referred to as 'KRACK' (Key Re-installation Attack), will not be disclosed publicly until 12:00, 16 October 2017. Details are not currently reliable, and we will know more very soon, there is little point adding to this page until after then. For those of you playing along at home, the CVE identifiers for the relevant vulnerabilities will be CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088^[1][2] DpEpsilon (talk) 07:55, 16 October 2017 (UTC)

Passphrases shorter than 20 chars is crackable

I do not believe this to be true. The source is from 2003 and is the only one I've found that make this claim, written by one guy, without anything to back his claims up. Also he claims WEP is more secure than WPA-PSK against external attackers, which is clearly BS, which kinda ruins the credibility of the entire article. See for example this question on security stackexchange for an alternative, and in my view, correct reasoning. 12 chars is probably more than enough. Therefor I've removed this piece of information from the article. --JayC ^(talk) 10:37, 31 October 2017 (UTC)

Updates surrounding CES2018 WPA3 and WPA2 announcements

Media reports are still too vague to say whether any of MFP, per-client private keys, or crypto suite changes address the group key security issue, Hole 196, or forward secrecy. If you find an account of the announcement which does, please update those sections. A section about how the WPA2 key/passphrase distribution systems resulted in many public hotspots running in Open mode would make a good addition to the security section, and is supposedly addressed by WPA3 by adding password-less key negotiation. I wasn't able to google whether IEEE has given this a document designation yet, so it is hard to figure out what to call any future "Main article" for WPA3 a-la IEEE 802.11i-2004. — Preceding unsigned comment added by 140.232.0.70 (talk) 21:14, 9 January 2018 (UTC)

lacked of device to used

now i keep on explaining my side again and again i'm trying too hard to make these thing work there is much wealthiest who can afford those brands more than i do too unfortunate i don't really now if this is just mistakes or someone have to deal about it why it took you so long to identify me keep to look at myself in pity emotional for my misfortune that it should be in my hand for long but still slipping thru my finger tips — Preceding unsigned comment added by 49.147.33.51 (talk) 05:05, 21 June 2019 (UTC)

Apple

What's all the 'hey look apple support wpa2' promotion doing in this wiki ? I don't think it's wise to build up a list with compatible devices.

• Almost all devices released in the last decade and a half support WPA2 and a list would be very long even if we only include popular devices 🌸 1.Ayana 🌸 (talk) 10:33, 30 May 2020 (UTC)

WPA3 is a big change - it should be documented here, especially as "WPA3" redirects to this page

WPA3 fixes a lot of WPA issues. This should be gardened, tilled, and edited into the "Security Issues" section. With sources, of course. Zirconscot (talk) 22:25, 8 October 2021 (UTC)

Wifi

D 202.86.222.88 (talk) 14:09, 20 November 2022 (UTC)

1. https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/
2. https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/