9

I am trying to learn wireless security a bit more technically but resources out there on the net are so confusing. Here is my understanding.

There are two types of Authentication:

1) Open System Authentication

2) Shared Key Authentication

Both WEP and WPA protocols have the above two Authentications? Is my question even right?

What it means exactly when they say I am authenticated but not connected to Access Points?

What privileges I have when I am authenticated and What privileges I have when I am connected? Getting authenticated means my packets wont be dropped by AP?what is it?

Can you point me to any good resource links that can help me in understanding these things?

Abhinav
  • 213
  • 2
  • 7

2 Answers2

1

WPA and WEP have little in common security wise. WPA does not allow Open System Authentication nor Shared Key Access. You cannot be authenticated and not connected to an access point. You associate, then you authenticate.

There's a decent answer to a similar question here: https://security.stackexchange.com/a/160365/200347

Please note that whist WEP and WPA clients use the same passphrase to authenticate to the AP, in the WPA case this is used to negotiate per-client (rotating) encryption keys, whereas on a WEP system, every client uses the same encryption key.

Pedro
  • 3,911
  • 11
  • 25
0

For a Station (STA) to connect to an Access Point (AP) it always needs to start with the 3 states of connection:

  • Not connected: Not authenticated, not associated
  • Connecting: Authenticated, not associates
  • Connected: Authenticated, associated.

These apply for all. Now, when it's Open and WEP it ends here. For WPA/2 there is a Four-way handshake after this, but this is for another time.

"Open System Authentication" This one is used on Open Networks and WPA/2 (As stated before there's a process called Four-way handshake to access the network), but the Open network doesn't provide any password, hence no encryption, so everything is plain text flying through the air on the first two layers (OSI).

"Shared Key Authentication" This system is used on WEP and uses a passphrase/password to generate a (symetric) key to encrypt the traffic. NOTE: WEP is obsolete, don't use it if there's any other option available.

So to answer your questions on point:

Both WEP and WPA protocols have the above two Authentications? Is my question even right?

No, it's either Open (No authentication required) , or WEP, or WPA/2 (There can be a variation on these to use a AAA server to authenticate, called "Enterprise" but we'll leave this for another time)

What it means exactly when they say I am authenticated but not connected to Access Points?

Remember that there are tree states of connection? You can be authenticated, yet not associated, hence having no connectivity (Your packets will drop on most cases).

What privileges I have when I am authenticated and What privileges I have when I am connected?

When you're authenticated you're almost ready to be connected, you must wait for the association to be done, hence having connectivity.

Getting authenticated means my packets wont be dropped by AP? What is it?

Authenticated it means that the computer knows who you are (Your NIC MAC address generally) and what you know (The password/passphrase generally).

And no, you can be authenticated yet not associated, so your packets can be dropped because you're "not on the list" of associated devices.

And about the resources I strongly suggest you keep digging the internet, if you want to get full technical you can start by the RFC. There's plenty of information on Wikipedia, YouTube, etc. Or online classes like Udemy, PluralSight, etc. Since this last question is opinion based you can try the Security StackExchange chat.

Azteca
  • 1,116
  • 7
  • 16