Question:

Suppose the following brief history of WLAN security standards: When the security of WEP was broken, the industry turned to the IEEE to fix it. The IEEE said it could create the 802.11i wireless security standard. Thus, this standard was slow to develop and as it took longer to ratify, wireless device sales declined. As a temporary solution, the Wi-Fi Alliance created a subset 802.11i standard called Wi-Fi Protected Access. Answer the subsequent questions on WPA and WPA2.

(a) Why do you think that the IEEE 802.11i standard took longer than expected to develop?

(b) Identify and explain major differences between WPA and WPA2.

(c) One of the basic reasons in using EAP is the ability to leverage multiple types of authentication mechanisms. List any three such authentication mechanisms.

(d) Both WPA and WPA2 use a multi-tier key hierarchy.

i. What is the mandatory key length of the Pair-wise Master Key?
ii. Give two inputs needed to generate the Pair-wise Transient.
iii. List two session keys which form part of the Pair-wise Transient Keys used in both WPA and WPA2.

iv. TKIP encryption in WPA consists of a two-phase key mixing process to generate per packet keys. Discuss why the key mixing process is done in two phases rather than in a single phase?

(e) Consider that a TKIP implementation detects two failed forgeries where the calculated MIC value does not match the attached MIC value in one second. How do you think a wireless station will react to this?

(f) Consider the following problems in WEP. How do WPA and WPA2 solve these problems?

i. No support for a station to authenticate a network.
ii. Optional change of Initialisation Vector value for each packet.