Wi-Fi Protected Access

Wi- Fi Protected Access (WPA) is an encryption method for a wireless network (Wireless LAN). After the Wired Equivalent Privacy ( WEP) of the IEEE standard was 802.11 proven to be unsafe and the adoption of the new IEEE 802.11i security standard delayed, was by the Wi- Fi Alliance is a subset of IEEE 802.11i anticipated and as the term WPA pseudo standard established. Certification to this standard began in April 2003. Successor is WPA2.


WPA contains the WEP architecture, but offers additional protection via dynamic codes, which are based on the Temporal Key Integrity Protocol ( TKIP), and provides for authentication of users pre-shared key (PSK ) or Extensible Authentication Protocol (EAP) over IEEE 802.1 X to.

WPA is based on the RC4 stream cipher, which was already used for WEP. Unlike WEP, WPA uses not only a 48-bit initialization vector ( IV), but also a per- packet key mixing function, a re-keying mechanism and a Message Integrity Check (MIC ).

The authentication using EAP is usually used in large wireless LAN installations, as for instance in the form of an authentication server (eg a RADIUS server) is required. In smaller networks, such as SOHO (small office, home office ), PSK (pre -shared keys ) are usually used. The PSC must therefore all participants in the wireless LAN to be known, as is used to generate the session key.

On February 3, 2004 announced the extension of WPA with WPA2. WPA2 in not only the full IEEE 802.11i standard has been implemented, but it is used with the AES ( Advanced Encryption Standard) and the other encryption algorithm. But there are also WPA -enabled devices that support AES, without supporting WPA2.

Of attack

When using pre -shared keys is to look at the quality of the password used. A potential attacker can guess the password used on the brute- force method or a dictionary attack, thus generating all possible variants of the pre -shared keys. To see which is the generated keys of the right, has a registration process, which can be initiated by an attacker at any time, be listened to. For each application, a key exchange takes place, which is secured by a MD5 hash and by which one can check the generated key to accuracy.

Since April 28, 2004 exists for a possible dictionary attack a proof of concept, which was implemented in KisMAC Mac OS X program. Since November 2004, another program, WPA cracker for Linux that performs an offline dictionary attack based mitprotokollierter packages and now exists in the source code exists. A brute-force or dictionary attack on the recorded four- way handshake of the TKIP protocol is possible with the Cowpatty program.

In August 2008, a program was published in an article in the Nvidia developer forum which can speed up brute-force attacks on WPA by exploiting the computational power of GPGPU -enabled graphics cards massively. The comparably low clocked, but on modern graphics cards housed in a high number of shader processors are used to convert multiple passwords simultaneously in their respective keys. The program has since become publicly available under the free GPL license. In October 2008, a provider also released a commercial product that can attack with similar technology, EPA taking advantage of graphics cards.

In November 2008, it was rumored that WPA1 - TKIP is partially cracked. It was until now possible only with great effort to decrypt individual packets and partly manipulated infiltrate the compound. For more information about this vulnerability were presented on November 12, 2008 by explorers Erik Tews at the conference held in Tokyo PACSEC.

End of August 2009 published Toshihiro Ohigashi ( Hiroshima University) and Masakatu Morii ( Kobe University), a paper in which methods are described, such as the attack by Erik Tews can be accelerated. In the best case, the attack is to be carried out within a minute. Since the publication of this paper voices were heard, which recommend a medium switch from WPA to WPA2.

Security measures

When you reinstall a network should - whenever possible - waived WPA and WPA2 are used in its place. Before the implementation should then be decided whether authentication of participating stations the safety requirements for the WPA network is accessible ( via PSK ) or whether a user authentication when entering the network ( via EAP) must be made. EAP is always to be preferred if:

  • A larger number of mobile devices and access points are used and so the change of PSK in which compromise is no longer feasible
  • The loss of the device can not be detected in a reasonable period of time or
  • The devices are temporarily or permanently employed in an untrusted environment ( be loaned to any third party, for example )

When an authentication via PSK choosing a secure passphrase ( pre-shared key) should be. This should be at least 16 characters long and the requirements of a good password meet (see the relevant section in the Article password).

Other general safety measures can be found in the section Basic safety measures of the main article Wireless Local Area Network.