Skip navigation
Cisco Learning Home > CCNA Wireless Study Group > Discussions
33193 Views 22 Replies Latest reply: Dec 15, 2010 9:47 PM by Brian RSS 1 2 Previous Next

Currently Being Moderated

Comparing WPA vs. WPA2

Feb 23, 2010 5:22 AM

Corné 66 posts since
Oct 20, 2009

Actually starting this discussion in doubt as i could have posted in the week 2 discussion but since it's not week 2 anymore...

 

I use the Cisco press as my guide to prep for the exam however the more often i read the book the more questions arise. Like this one:

 

Comparing WPA to WPA2, you can see that;

 

- WPA mandates TKIP, and AES is optional

- WPA2 mandates AES and doesn't allow TKIP

- WPA allows AES in its general form

- WPA2 only allows the AES/CCMP variant

- With WPA2, key management allows keys to be cached to allow for faster connections.

 

Why is it possible to configure WPA2 with AES TKIP on the WLC? Is it considered WPA instead of WPA2 with the use of TKIP? Why does Cisco press explicitly state that WPA2 only allows the AES/CCMP encryption???

 

Question; So what version Wi-Fi Alliance certification uses TKIP?

 

A. WPA personal

B. WPA enterprise

C. WPA2  personal

D. WPA2 enterprise

E. all of the above

  • Jared 5,502 posts since
    Jul 27, 2008
    Currently Being Moderated
    1. Feb 23, 2010 6:33 PM (in response to Corné)
    Re: Comparing WPA vs. WPA2

    Now this is an interesting subject.  I remember seeing another thread about this very thing a long time ago.  I couldn;t find it though.

    Even though it isn't week 2 anymore, it doesn't mean that you can't go back to it and add to the discussion

     

    This is a question I have always wondered myself.  Perhaps our study group leader can shed some light on this.

  • Eric A. Nygren 253 posts since
    Aug 11, 2008
    Currently Being Moderated
    2. Feb 23, 2010 7:09 PM (in response to Jared)
    Re: Comparing WPA vs. WPA2

    Darn, I was really hoping to sit this one out... I don't like that issue either and haven't found a good answer for it.  When I teach this subject I explain how the certifying agency, the WPA, states that for a device to be WPA compliant it must support the TKIP extensions to WEP and may optionally use AES in its general form or in any subform and to be certified as WPA2 compliant it must support AES-CCMP, not the general form of AES and also not TKIP.  Then no more than 5 minutes later I show them that the controllers allow you select WPA with TKIP, WPA with AES, WPA2 with TKIP and WPA2 with AES.  The WPA2 with AES implies AES-CCMP, the WPA with AES implies the general form, WPA with TKIP makes sense, but I must admit that I'm not 100% on the WPA2 with TKIP.  I am hoping that tomorrow I have a chance to dig for that answer, for you all and so that I don't have to uncomfortably skirt the question anymore   There is something else I was supposed to look up and clarrify... I think it was in relation to how many APs an instance of WCS can handle, some one refresh my memory if you sitll want the info.

     

    -Eric N

  • Pete Nugent 1,256 posts since
    Dec 8, 2008
    Currently Being Moderated
    3. Feb 23, 2010 8:05 PM (in response to Eric A. Nygren)
    Re: Comparing WPA vs. WPA2

    My understanding is that

     

    WPA uses TKIP

    WPA2 uses AES

     

    Now I believe that you can have WPA and WPA2 with TKIP and AES enabled in the WLC and that this is for the support of multiple clients ie clients that may have different capabilities (linking back to the week 5 topic)

     

    Now I have never tried to set up a client as WPA-AES or WPA2-TKIP even though I have enabled all the tick boxes in the WLC to do this.

     

    I believe its not best practice, 1 security setup per SSID/VLAN etc and it can confuse cards, which as we all know is not hard

     

    "What am I doing today WPA or WPA2 oooh I will be WPA2 UH I can be TKIP or AES, **** I dont know Im doing nothing" hence client card stops working

     

    Now this doc written and hosted on the WIFi Alliance site http://www.wi-fi.org/files/kc/WPA-WPA2_Implementation_2-27-05v2.pdf

     

    However its still clear as mud to me as I haven't gone into every detail.

     

    Its worth bearing in mind all the hullaballo over the ratification of 802.11N and people not investing in it until it became a standard, now WPA is NOT a standard. Neither is WPA2 and as far as I can see never will be.

     

    Now correct me if I am wrong but there are other red herrings with WPA, in that it was a stop gap to replace WEP. Now WEP was a part of the original 802.11 standard from what I understand and WPA2 was a derivative "based on 802.11i" which parts and requirements I dont know and doubt I will ever have time to find out?

     

    It also in some areas states that WPA and WPA2 provide user authentication, which neither of them do, from what I see they simply provide a framework of protocols and practices that support user authentication. Yes I know its semantics but it is important to be accurate if we discuss what is and is not a standard. I know this as I done alot of work in WiMAX which in and of itself is not a standard but only based on the 802.16 standard, and when you dig deeper you realise that the current WiMAX offering are based on 802.16e which introduces mobility you can get very confused. Actually its just been relaunced as 802.16 2009 which I think is happening to 802.11 to include all of the ammendments.

     

    Eqaully EAP is NOT a standard but a framework to for authentication defined in RFC3748 and updated in RFC5247. Now if EAP is a framework for authentication and WPA can work without EAP as WPA2 can WPA2 is occasionally simply a means of encryption and NOT an authentication mechaism as there is no mutuality involved.

     

    Lastly of all of the EAP types just to complete the story the only accepted EAP "Standard" thats not actually a standard is EAP-TLS which we all know is the most difficult to deploy as you have to develope your own PKI with certificates everywhere. EAP-TLS is defined in RFC5216 and is considered an open standard by the IETF but then its still not a standard as by that definition EAP-MD5 could make that claim as it is defined by the original EAP RFC3748 and EAP-FAST RFC4851, EAP-AKA RFC4187, EAP-SIM RFC4186, EAP-TTLSv0 RFC 5281, EAP-IKEv2 RFC5106. I think PEAP is RFC3579 originally defined in RFC2284.

     

    My whole point being wireless security is not easy, its certainly not standards based and as mobility gets better across various media handoffs are going to be more problematic as we all use differing methods.Let alone just undestanding the encryption/frameworks of WPA and WPA2.

     

    It would be so coold and make our lives easier if some of the big manufacurers made these into standards that were truly interoperable then we would have pure definitions rather than wholly explanations about ifs and maybes because of the 20plus different EAP types taht are available.

     

    Sorry go on a bit of a bandwagon there, but thats why nothing actually works as it should, all of the above.

  • Jared 5,502 posts since
    Jul 27, 2008
    Currently Being Moderated
    5. Feb 24, 2010 4:05 PM (in response to Corné)
    Re: Comparing WPA vs. WPA2

    Well, how about we ask Cisco to change the code on the WLC's so that if you uncheck WPA, then TKIP automatically grays out or something, showing that WPA is required if you want to use TKIP and that WPA2 requires AES.

     

    If the code functioned this way, I would say "case closed, problem solved."

  • Pete Nugent 1,256 posts since
    Dec 8, 2008
    Currently Being Moderated
    6. Feb 24, 2010 4:16 PM (in response to Jared)
    Re: Comparing WPA vs. WPA2

    I will lab this up tomorrow, its a little late here in the UK.

     

    Will test WPA-AES and WPA2-TKIP. I think we agree from the WiFi Alliance perspective this should not work though I am able to set it on  a NIC?

  • John 2,289 posts since
    Jan 17, 2009
    Currently Being Moderated
    8. Feb 27, 2010 8:15 AM (in response to Corné)
    Re: Comparing WPA vs. WPA2

    Hi

     

    I found this quite helpful.

     

     

    WPA

     

    Implements the majority of IEEE 802.11i, but with different headers (so can operate both in same network). Designed to require only a firmware upgrade (full 802.11i usually requires hardware change).

    As designed, WPA uses TKIP and Michael for message integrity, based on RC4 for encryption.

    Pre-shared (personal) vs. Enterprise (RADIUS)

    Defines the type of authentication used.

    WPA (and WPA2) may operate in enterprise mode, using a RADIUS server to hold per-user keys. This allows individual access to be controlled in a large network. For a small network, e.g. home network, without a RADIUS server a pre-shared key (PSK) may be used. The same key is used by all clients, so may require more work to update.

     

    TKIP vs. AES-based CCMP

    Defines the algorithm used for message integrity and confidentiality.

    WPA was designed to be used with TKIP (and WPA2 designed to use stronger AES-based).

    However, some devices allow WPA (not WPA2) with AES (and WPA2 with TKIP).

    AES is optional in WPA; in WPA2 both AES is mandatory, BUT TKIP is optional.

    Note that TKIP is not directly comparable to AES; TKIP is an integrity check, AES is an encryption algorithm.

     

    In the context of wireless security this actually means TKIP vs. "AES-based CCMP" (not just AES).

    TKIP is a lower end encryption protocol (WEP2) and AES is a higher end (WPA2/802.11i) encryption protocol. AES is preferred.

     

    TKIP+AES

    This is what the encryption standards are for WEP2 (TKIP) and WPA2/802.11i (AES). It will attempt to use AES if available and fall back to TKIP if not. This setting offers the most compatibility but won't guarantee a higher level of encryption if a device falls back to TKIP.

     

    WPA2, aka 802.11i

    Fully conforms with 802.11i as it implements all mandatory features.

    Guarantees interoperability certification.

    Effectively WPA2 is Wi-Fi Alliance's brand name for 802.11i.

    Note: In some cases other optional features of 802.11i may be required, but interoperability may not be guaranteed.

    Support for AES encryption and AES-based CCMP message integrity is mandatory (is optional in WPA).

    As well as mandatory AES, WPA2 also adds PMK (Pair-wise Master Key) and Pre-authentication to help fast roaming.

     

    EAP options

    Authentication options for 802.11i.

    Two initial types - pre-shared key (personal) or RADIUS (enterprise), same as per WPA.

    Additional types of enterprise authentication types now available (usually not relevant for home users).

     

    AES-based CCMP

    WPA2 mandates AES-based CCMP for message integrity and confidentiality.

    TKIP (weaker) is optional.

     

    WPA2 mixed

    Mixed mode allows a device to try WPA2 first, and if that fails fall-back to WPA.

     

    WEP

    WEP was supposed to provide Confidentiality, but has found to be vulnerable and should no longer be used, has been found to be vulnerable and is often the default; this should be changed.

    Most devices that support WEP can be firmware/software upgraded to WPA.

    Do not use unless some devices can not be upgraded to support WPA.

    WEP has been outdated for years and has better replacements. The 40-bit encryption is just not strong enough to keep data secure and can be broken rather easily. Newer encryption methods use stronger encryption and have yet to be broken while WEP can be broken in a minute, use WPA where possible.

     

    Preference Summary

    To keep things simple, the best options, in decreasing order of preference, may be:

    WPA2 + AES

    WPA + AES (only if all devices support it).

    WPA + TKIP+AES (only if all devices can support it).

    WPA + TKIP

    Disabled (no security)

     

     

    The most common two options will be WPA2 + AES and WPA + TKIP, because they match the mandatory requirements in the standards (WPA2 requires AES, WPA requires TKIP).

     

    You can use WPA + AES for higher security than TKIP, but only if your devices support it (it is optional). For this reason it is not very common. You also do not get the improved roaming features of WPA2.

     

    WPA + TKIP+AES provides a fallback in case AES is not supported by a device in that it switches to the more common TKIP. The disadvantage is that it might switch to TKIP unexpectedly but is more backwards compatible if needed.

     

    Currently TKIP has no known vulnerabilities, so for broadest compatibility stick with WPA + TKIP.

     

    The remaining combination, WPA2 + TKIP, is possible (as TKIP is optional in WPA2), but doesn't make much sense because AES is more secure and mandatory for all WPA2 devices.

     

     

     

     

    Regards

     

    John

  • Eric A. Nygren 253 posts since
    Aug 11, 2008
    Currently Being Moderated
    10. Mar 2, 2010 7:17 PM (in response to Corné)
    Re: Comparing WPA vs. WPA2

    So, here is what I was able to dig up regarding why the 4 options exist: WPA with TKIP, WPA with AES, WPA2 with AES, WPA2 with TKIP.

     

    When most of us consider WPA versus WPA2 we think only of encryption, hence the conversation we have had around it so far.  WPA is a certification, done by the group known as WPA, which states that a device supporting WPA has to conform with certain things, including the standard use of TKIP and the optional use of the general form of AES.  What we miss is that WPA also mandates that we use the Michael algorithm as a per packet/frame "Message Integrity Check", which this is typically considered to go hand in hand with TKIP.  WPA was intended to be a stepping stone to WPA2, to increase security of our wireless networks using what was the current hardward of the time before upgrading that hardward and being able to use WPA2.  WPA2 is a certification that states the device supporting WPA2 fully complies (well, there are 1 or 2 excepts) with the 802.11i standard.  That 802.11i standard, and therefore WPA2, includes a mandate to use the AES-CCMP encrption standard, but if need be it can use TKIP instead.  It also mandates the use of Micheal for per packet/frame "Message Integrity Checks".  Another one, which is really important, is that WPA2/802.11i supports PKC (Proactive Key Caching), in which a client will fully authenticate with the 802.1X/RADIUS server just once, and the PMK (Pairwise Master Key) that the client and RADIUS Server agree on are used with everyone AP in the network that that client associates with as it roams.  Without that feature, when the client roams they need to reach out to the RADIUS Server and do a complete reauthentication, which may take nearly or more than 1 second, which is seriously damaging to roaming Voice over WLAN implementations.  PKC works in WPA2 and not WPA.  So, even if both are using TKIP it is preferred to use WPA2 over WPA so that you gain the extra benefits that WPA2 provides, beyond that of the encrption we had been discussing.

     

    I hope that clarrified things, tough you should keep in mind that this information is significantly beyond the scope of CCNA: Wireless, but wicked interesting to me none the less.

     

    -Eric N

     

    PS - I fixed my '

  • eehinesee 484 posts since
    Nov 12, 2008
    Currently Being Moderated
    11. Mar 2, 2010 7:32 PM (in response to Eric A. Nygren)
    Re: Comparing WPA vs. WPA2

    One small side jaunt: "...WPA [and WPA2] also mandates that we use the Michael algorithm as a per packet/frame 'Message Integrity Check'...."

     

    Is this the same MIC that's used in MFP, or is that a same name, different thingie item?

     

    Eric Hines

  • Jared 5,502 posts since
    Jul 27, 2008
    Currently Being Moderated
    12. Mar 2, 2010 7:34 PM (in response to Eric A. Nygren)
    Re: Comparing WPA vs. WPA2

    Eric N.

     

    You mentioned WPA2 is essentially 802.11i with one or two exceptions.  What are those exceptions exactly?

  • Eric A. Nygren 253 posts since
    Aug 11, 2008
    Currently Being Moderated
    13. Mar 2, 2010 7:43 PM (in response to Jared)
    Re: Comparing WPA vs. WPA2

    God, the two of you!  I'm gonna stop giving answers if everytime it just spawns 2 more questions... how could I possibly get ahead?

     

    Yes, the Michael Algorithm is a common hashing algorithm, similiar to MDS and SHA1, but is computationally much less expensive and therefore was choosen for both MFP and WPA/WPA2 Message Integrity Checks.

     

    The exceptions to the 802.11i standard related to WPA2 are (to the best of my knowledge and abilities without opening the RFCs because I don't wanna fall asleep yet tonight):

         802.11i states that Ad-Hoc network support not permitted, where as WPA2 allows Ad-Hoc networks.

         802.11i mandates an 802.1X authentication solution, where are WPA2 permits both Infrastructure (802.1X/RADIUS) and Personal (Pre-Shared Key) modes

     

    And I'm just kidding, keep in coming punks

     

    -Eric N.

     

    Once again, beyond the cope of CCNA: Wireless, but still awesome to know.  Now get back to work.

  • Jared 5,502 posts since
    Jul 27, 2008
    Currently Being Moderated
    14. Mar 2, 2010 7:48 PM (in response to Eric A. Nygren)
    Re: Comparing WPA vs. WPA2

    Sorry.  I have been breaking my own rule right and left about not going too deep beyond the CCNA Wireless.  Sometimes I just can't help myself  I guess I am just getting in some warm up time for CCNP Wireless, when I get more serious about it.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)