📚Wireless Security Essentials

General Concepts

1. Key Concepts:

  • PSK (Pre-Shared Key):

    • The same PSK is shared among all devices connecting to the Wi-Fi network.

    • It acts as the foundation for deriving unique session keys for each device.

  • Session Keys:

    • Each device gets its own session keys during the 4-Way Handshake.

    • These session keys are unique to a connection between the device and the router.

2. Why the PSK Alone Isn’t Enough:

  • The PSK is only the starting point for the cryptographic process. To decrypt traffic:

    • Wireshark needs the PSK to calculate the Pairwise Master Key (PMK).

    • Wireshark also needs the 4-Way Handshake to derive the session-specific keys used for encryption.

3. WPA2 and Lack of Forward Secrecy:

  • Forward secrecy ensures that even if the master key (PSK) or session key is compromised, past traffic cannot be decrypted.

  • WPA2 does not have forward secrecy:

    • If you capture the handshake and know the PSK, you can derive the session keys.

    • Once the session key is derived, it remains valid for the duration of that session, allowing you to decrypt all traffic for that connection.

4. Practical Implications for Wireshark Decryption:

  1. Adding the PSK:

    • You input the PSK in Wireshark to enable decryption capabilities.

  2. Capturing the 4-Way Handshake:

    • This is essential because the handshake includes the cryptographic material needed to derive session keys for a specific device.

  3. Decrypting Traffic:

    • With both the PSK and the handshake, Wireshark can compute the session keys and decrypt all traffic for that session.

5. Why This Works Across Devices:

  • All devices use the same PSK, but each establishes its own session key during the handshake.

  • If a hacker captures the handshake for multiple devices and knows the PSK, they can decrypt traffic for each device individually.

6. Summary of the Problem:

  • WPA2's lack of forward secrecy means:

    • If the PSK and a session's handshake are captured, the session can be decrypted.

    • The session key is fixed for the duration of that connection, so all traffic within that session is exposed.

To Protect Against This:

  1. Switch to WPA3:

    • WPA3 implements forward secrecy using Simultaneous Authentication of Equals (SAE), making past sessions undecryptable even if the PSK is known.

  2. Use HTTPS and TLS Everywhere:

    • Application-layer encryption (e.g., HTTPS) ensures that even if Wi-Fi traffic is decrypted, sensitive data remains protected.

  3. Use a Strong, Unique PSK:

    • A long, random passphrase makes brute-force attacks impractical.

  4. Use 802.11w:

    • An extension to 802.11 that provides management frame protection.

PSK and Sessions keys

  • Without the PSK, attackers cannot directly derive session keys (PTK) from the 4-way handshake.

  • Attackers can capture the handshake and attempt to crack the PSK through brute-force or dictionary attacks.

  • Once the PSK is cracked, the attacker can use it to derive session keys and decrypt the captured traffic.

  • WPA2-PSK is secure against attacks if the passphrase is strong, but weak passphrases are vulnerable to cracking.

In conclusion, the 4-way handshake alone does not allow attackers to derive session keys or decrypt traffic without the PSK. However, by capturing the handshake and cracking the PSK, they can then calculate the session keys and potentially decrypt the traffic.

Perfect Forward Secrecy

What is Forward Secrecy?

Forward secrecy (PFS) ensures encryption keys for communication aren't derived from long-term secrets (PSK). Even if these long-term keys are compromised, past communications remain secure, as each session uses unique keys that aren’t related.

It's important to note that if I capture a 4-way handshake to derive session keys, but then the victim establishes a new connection, the session key will be different. This occurs by default and is not related to PFS. However, PFS ensures that I cannot derive the session key from the 4-way handshake because the PSK is rendered useless.

Session Key Protection Without PFS

If an attacker somehow obtains the long-term key (e.g., the PSK in WPA2-PSK mode):

  • They can decrypt previously captured traffic if they have also captured the 4-way handshake, as the session key (PTK) is derived using the PSK.

Session Key Protection With PFS

With PFS:

  1. Even if the long-term key (e.g., the PSK) is compromised:

    • Past session keys cannot be derived, because they depend on ephemeral keys exchanged during the handshake, not just the long-term key.

  2. Without access to these ephemeral keys, the attacker cannot decrypt past session traffic, even if they possess the PSK.

Monitor Mode and Promisc Mode

Capturing the 4-Way Handshake for WPA/WPA2 networks requires monitor mode, not promiscuous mode.

Monitor Mode:

  • Allows the network interface card (NIC) to capture all wireless traffic in the air, even if the traffic is not directed to or from your device.

  • Necessary for capturing management frames, such as those exchanged during the 4-Way Handshake.

Typically, Windows doesn't allow monitor mode, so we'd have to use Linux and preferably not as a virtual machine.

Promiscuous Mode:

  • Allows a NIC to capture all traffic on a network it is associated with, but only if the traffic is within the same wired Ethernet segment or Wi-Fi network you are connected to.

  • It does not allow capturing raw wireless frames that are not addressed to your device or are outside your connected network.

Limitations of Promiscuous Mode

On switched networks, promiscuous mode is much less effective than it would be on an older hub-based network. and on wireless networks, promisc mode won't capture traffic not intended for your device.

PreviousNetwork SecurityNextPower BI

Last updated

Was this helpful?