Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
64 CHAPTER 4 Wireless Networking<br />
The shared-key authentication process is a four-step process that begins when<br />
the AP receives the validated request for association. The four steps break down<br />
in the following manner:<br />
1. The requestor (the client) sends a request for association.<br />
2. The authenticator (the AP) receives the request, and responds by<br />
producing a random challenge text and transmitting it back to the requestor.<br />
3. The requestor receives the transmission, encrypts the challenge with the<br />
secret key, and transmits the encrypted challenge back to the authenticator.<br />
4. The authenticator decrypts the challenge text and compares the values<br />
against the original. If they match, the requestor is authenticated. However,<br />
if the requestor does not have the shared key, the cipher stream cannot be<br />
reproduced, therefore the plaintext cannot be discovered, and theoretically<br />
the transmission is secured.<br />
One of the greatest weaknesses in shared-key authentication is that it provides<br />
an attacker with enough information to try to crack the WEP secret key. The<br />
challenge, which is sent from authenticator to requestor, is sent in the clear. The<br />
requesting client then transmits the same challenge, encrypted using the WEP<br />
secret key, back to the authenticator. An attacker who captures both of these<br />
packets now has two pieces of a three-piece puzzle: the clear text challenge and<br />
the encrypted cipher text of that challenge. The algorithm RC4 is also known. All<br />
that is missing is the secret key. To determine the key, the attacker may simply<br />
try a brute force search of the potential key space using a dictionary attack. In<br />
cryptography, this attack is termed a known-plaintext attack and is the primary<br />
reason why shared-key authentication is actually considered slightly weaker than<br />
open authentication.<br />
802.<strong>11</strong>I AUTHENTICATION<br />
The IEEE 802.<strong>11</strong>i standard was created for the purpose of providing a security<br />
framework for port-based access control that resides in the upper layers of the<br />
protocol stack. The most common method for port-based access control is to<br />
enable new authentication and key management methods without changing current<br />
network devices. The benefits that are the end result of this work include the<br />
following:<br />
1. There is a significant decrease in hardware cost and complexity.<br />
2. There are more options, allowing administrators to pick and choose their<br />
security solutions.<br />
3. The latest and greatest security technology can be installed and should still<br />
work with the existing infrastructure.<br />
4. You can respond quickly to security issues as they arise.<br />
When a client device connects to a port on an 802.<strong>11</strong>i-capable AP, the AP port<br />
determines the authenticity of the devices. Before we discuss the workings of the<br />
802.<strong>11</strong>i standard, the following terminology must be defined: