Start with Wifi Basics - Part 3: 4-way Handshake

-
Before we understand the 4-way key hand shake let us understand few definitions:

PMKSA
The Pairwise Master Key Security Association (PMKSA) is created after a successful 802.1x negotiation as part of EAP, or when a Preshared Key (PSK) is configured. It ties the PMK to a lifetime, the authenticator MAC address, and other authorization information. 
PTKSA
The Pairwise Transient Key Security Association (PTKSA) is created after the 4-way handshake completes. It is dependent on the PMKSA and is stored for as long as the PMKSA is valid or until the station is deauthenticated. The PTKSA includes the supplicant and authenticator MAC addresses, the pairwise cipher suite selected, and the PTK itself.
GTKSA

The Group Transient Key Security Association (GTKSA) is created during the 4-way handshake or updated during a group key handshake. It stores the GTK, the broadcast/multicast cipher suites, and for which direction the GTK is good. GTK is used for Broadcast/Multicast traffic only.

Now let us understand the 4-way handshake Packet flow:
At the start of the 4-way handshake, both the Access Point and the 802.11 station contain the PMK.
The Access Point and the 802.11 Station generate a random sequence at their respective ends these are called as Nonce.
The Access point random sequence is termed as ANonce (Short for AP Nonce) and the 802.11 Station random sequence is termed as SNonce (Short for Station Nonce)
The Access Point sends the AP Nonce in the first EAPOL message to the 802.11 Station
The different elements now in the possession of the 802.11 station are
  • AP Nonce
  • Station Nonce
  • Station MAC Address
  • AP MAC Address

The 802.11 Station – now has all the material to generate the Pairwise Transient Key – PTK, a key which is used to generate further keys and temporal keys for Data encapsulation.
----------------------------------------------------------------------------------------------------------------------
The 802.11 station sends the Station Nonce to the AP in EAPOL Message 2 along-with a MIC value (i.e. MIC(Key Confirmation Key, EAPOL)) which is computed over the body of the EAPOL key frame with the Key MIC field initially set to Zero. MIC is used to verify if both ends have derived the same PTK or not. If the PTK derived is not same, then MIC wont be same and will result in MIC check failure.
The Access Point on receipt of the SNonce – generates the Pairwise Transient Key and re-computes the MIC at its end.
----------------------------------------------------------------------------------------------------------------------
The Access Point goes ahead verifies the MIC at its end and in response sends the following to the 802.11 station in EAPOL Message 3
  • Install PTK set to 1
  • The Group Temporal Key (GTK) for Multicast traffic, if GTK is pre-negotiated
  • Receive Sequence Counter for the GTK key
  • MIC computed over the EAPOL frame
---------------------------------------------------------------------------------------------------------------------

The supplicant verifies the MIC and sends Message 4 to the Access point with a MIC calculation. At this Juncture – the 802.11 station has the necessary Key material to configure to the hardware and the 802.11 station can go ahead and configure the Hardware with the PTK and the GTK
The Access point on receiving Message 4, will verify the MIC computed and invoke its MLME.SETKEYS request to install the PTK and GTK
Finally the Data port is opened and unicast Data can be transmitted using the temporal keys in PTK and Multicast data using the GTK

Note: The above flow is for WPA2. In WPA, there is a separate 2-way handshake after 4-way handshake to generate the GTK and install them.

Comments

Post a Comment

Popular posts from this blog

Wifi Roaming Techniques : Pre-Authentication, PMK Caching, OKC, Fast Transition - 11r

-
Image
Wifi Roaming Techniques: Roaming is one of the most crucial aspect of Wifi. Roaming in simple terms is Handing off Client connectivity from one Access point to another without losing connectivity. When the Client sees that the RSSI ( signal Strength ) of connected AP is decreasing, the Client does a roam Scan and sees if there are other APs with better RSSI. Once it identifies the better AP, it starts association with this AP. This process is called Roaming. Why is Roaming Important: Wifi is mostly used in devices which are mobile such as mobile phones, Laptops etc. User intend to use these device while moving from one place to another and it is expected that the devices are always connected to wifi and the user can continue his work seamlessly. It would not be desirable that wifi keeps disconnecting and connecting to other Access Point while the user is moving, there should be a way where in the client can remain connected to wifi network while it moves. This issue is add
Read more

802.11w Protected Management Frames (PMF)

-
Image
802.11w Protected Management Frames Why? As you are aware that Management Frames are not encrypted in WLAN networks and this causes WLAN networks to be vulnerable to Denial of Service Attacks (DoS). Let us see a few of the Denial of Service attacks which Attackers can use to disrupt few or all of the users in a WLAN network. DoS Attacks Following frames can break the existing wireless connection (without PMF support) and will lead to Denial of Service attack. Sending Deauth or Disassoc notification to AP Sending (Re) Association request to AP. Sending Auth frame to AP. Sending Deauth or Disassoc notification to Station Sending Channel switch announcement to Station. How to solve the problem? Once the 4 way Handshake is done, the AP and the STA have the PTK and GTK to encrypt data. The same keys can now be used to encrypt Management frames to provide a certain level of Protection against DoS Attacks. Access Point and the Station both needs to have s
Read more

Power Saving Techniques

-
Image
Why it is so Important? As you are aware that most of the Wifi Devices are Battery Operated such as Mobile Phones, Laptops etc. It is very important to consider the Power consumed of every component of such devices. If the device drains its battery too often, then it limits it mobility capability. It is very essential to conserve the battery when the device is not using any of such components. For Ex: Screen times out if there is no activity by User. Similarly when there is no active data transfer over Wifi, it is best to put it in a low power consumption mode to avoid Battery Wastage. Basic Mechanism: 1. STA sends out a packet to AP indicating that it is going to sleep mode. 2. AP Start buffering data for the client and indicates that there is data buffered in Beacon. 3. STA wakes up, listens to Beacon and sees if there is any data buffered for it. If no, go back to sleep. If yes, send a packet to AP to say that it is awake and send the buffered data. 4. AP after sending th
Read more