protectsussexfromtetra.org

WPA (Wi-Fi Protected Access - 1995 - Protected Access Wi-Fi) is a system to protect the radio networks (Wi-Fi); created to correct the deficiencies of previous system WEP (Wired Equivalent Privacy - Privacy Equivalent to Wiring). The investigators have found several weaknesses in the algorithm WEP (such as the reusability of the boot vector (IV), from which statistical attacks that they allow to recover key WEP, among others are derived). WPA implements most of the IEEE standard 802.11i, and was created like an intermediate measurement to occupy the WEP place while 802.11i was finalized. WPA was created by “The Wi-Fi Alliance” (the Wi-Fi Alliance), to see http://www.wi-fi.org/. History [ to publish ] WPA was designed to use an authentication servant (normally a servant RADIUS), that distributes keys different from each user (through the protocol 802.1x); nevertheless, also house users of or small office can be used in a way less surely of key pre-shared ([ PSK ] - Pre-Shared Key) for. The information is based using algorithm RC4 (because WPA does not eliminate the process of coding WEP, only fortifies it), with a key of 128 bits and a vector of boot of 48 bits. One of the improvements on WEP, is the implementation of the Protocol of Temporary Integrity of Key (TKIP - Temporary Key Integrity Protocol), that changes keys dynamically as the system is used. When this is combined with a vector of boot (IV) much more great, ] avoids the recovery attacks ] of key (statistical attacks) to which is susceptible WEP. Additionally to the authentication and coding, WPA also improves the integrity of the based information. The cyclical redundancy check (CRC - Cyclic Redundancy Check) used in WEP is uncertain, since it is possible to alter the information and to update the CRC of the message without knowing key WEP. WPA implements a code of integrity of the message (MIC - Message Integrity Code), also known like “Michael”. In addition, WPA includes protection against attacks of “repetition” (replay attacks), since it includes an accountant of plots. When increasing the size of the keys, the number of keys in use, and when adding a system of verification of messages, WPA does that the nonauthorized entrance to radio networks is much more difficult. The algorithm Michael was strongest than the WPA designers could create, under the premise of which he had to work in older cards of radio network; nevertheless he is suceptible to attacks. In order to limit this risk, networks WPA become disconnected during 60 seconds when detecting two attempts of attack during 1 minute. WPA2 [ to publish ] WPA2 is based on the new standard 802.11i. WPA, being a previous version, that could be considered of “migration”, does not include all the characteristics of the IEEE 802.11i, whereas WPA2 can be inferred that it is the version certified of the standard 802.11i. The standard 802.11i was ratified in June of 2004. The Wi-Fi alliance calls to the version of pre-shared key WPA-Personal and WPA2-Personal and to the version with authentication 802.1x/EAP like WPA-Enterprise and WPA2-Enterprise. The manufacturers began to produce the new generation of joining points supported in the protocol WPA2 that uses the algorithm of coding AES (Advanced Encryption Standard). With this algorithm it will be possible to fulfill the requirements of security of the government of the USA - FIPS140-2. “WPA2 ideally is thought for companies as much of the private sector how of the public. The products that are certified for WPA2 give to the managers of YOU the security him that the technology fulfills interoperativity standards “declared Frank Hazlik Managing Director of the Wi-Fi Alliance. Although part of the organizations was waiting this new product generation based on AES is important to stand out that the products certified for WPA continue being safe according to established in the standard 802.11i

WPS (Wi-Fi Protected Setup) is a standard promoted by the Wi-Fi Alliance for the creation of safe networks WLAN. In other words, WPS is not a security mechanism to per, is the definition of diverse mechanisms to facilitate the configuration of a safe network WLAN with WPA2, thought to diminish the intervention of the user in domestic surroundings or small offices (SOHO). Concretely, WPS defines the mechanisms through which the different devices from the network obtain the credentials (SSID and PSK) necessary to initiate the authentication process. WPS defines an architecture with three elements with different rolls: * To register: device with the authority to generate or to revoke the credentials in the network. As much a AP as any other station or PC of the network can act To register. It can have more of Registrar in a network. * Enrollee: device that asks for the access to network WLAN. * Authenticator: AP working of proxy between Registrar and the Enrollee. WPS contemplates four types of configurations different for the interchange from credentials, PIN (Personal Identification Number), PBC (Push Button Configuration), NFC (Near Field Communications) and USB (Universal Serial Bus): * PIN: it must exist a PIN assigned to each element that is going to be associated to the network. This PIN must be known so much by Registrar, as by the user (Enrollee). The existence of an interface is necessary (e.g. screen and keyboard) so that the user can introduce the mentioned PIN. * PBC: the generation and the interchange of credentials are triggered to start off that the user presses a button (physical or virtual) in the AP (or in another element To register) and another one in the device. To notice that in the short time interval while the button in the AP is pressed and presses in the device, any other next station can gain access to the network. * NFC: interchange of credentials through communication NFC. The technology NFC, cradle in RFID allows the communication without threads between next devices (0 - 20 cm). Then, the Enrollee device must locate next to Registrar to trigger the authentication. This way, any user who has physical access to Registrar, can obtain valid credentials. * USB: with this method, the credentials transfer by means of a memory flash (e.g. pendrive) from Registrar to the Enrollee. Methods PBC, NFC and USB can be used to form devices without screen nor keyboard (e.g. printing, webcams, etc.), but although the standard contemplates NFC and USB, still do not certifican these mechanisms. At the moment only the method PIN is obligatory in all the stations to obtain certification WPS; PBC is obligatory only in APs.

Protect and Survive was a program of the British civil defense that started up the Government at the end of the 70 and principles of the 80 in which they published pamphlets and they made radio transmissions and films to instruct the British citizens on what to do in case of a nuclear attack.