WPA/WPA2
WPA (or WPA v1 as it is referred to sometimes) primarily uses the Temporal Key Integrity Protocol (TKIP) encryption algorithm. TKIP was aimed at improving WEP, without requiring completely new hardware to run it. WPA2 in contrast mandatorily uses the AES-CCMP algorithm for encryption, which is much more powerful and robust than TKIP.
Both WPA and WPA2 allow either EAP-based authentication, using RADIUS servers (Enterprise) or a Pre-Shared Key (PSK) (personal)-based authentication schema.
WPA/WPA2 PSK is vulnerable to a dictionary attack. The inputs required for this attack are the four-way WPA handshake between client and access point, and a wordlist that contains common passphrases. Then, using tools such as aircrack-ng
, we can try to crack the WPA/WPA2 PSK passphrase.
An illustration of the four-way handshake is shown in the following screenshot:
The way WPA/WPA2 PSK works is that it derives the per-session key, called the Pairwise Transient Key (PTK), using the PSK and five other...