Wi-Fi Handshaking (PSK Personal Networks)

Summary

Excerpt From wi-fi vulnerabilities part 2 Webinar
CTO Dr. Brett Walkenhorst Discusses Wi-Fi Handshaking (PSK Personal Networks).
Attackers frequently aim to evade or compromise the first handshaking protocol in Wi-Fi networks. True authorization takes place during the 4-way handshake, even though it is commonly perceived as an authentication technique. CTO Dr. Brett Walkenhorst gives a summary of this procedure in relation to personal Wi-Fi networks using pre-shared keys in the video clip below.

Video Transcript

One of the most common aspects to avoided and attacked is the initial handshaking procedure. I think that's very common in in many different protocols. In wifi, We can walk through this process. I'm going to go through it at a high level. What we're going to do is flush this out a little bit more so that we understand how enterprise networks work in addition to this simple flow.

I mean, it looks simple, but it actually is quite simple. This this sequence diagram I'm showing here on the right, where a client seeks to connect to an access point, and it goes through this process in what's called a personal wifi network, which is a pre shared key kind of thing where I have a shared secret, everybody who needs to connect to that is somehow given access to this passphrase, which becomes this PSK and and so on.

I'll just talk about keys in a moment. But what happens is I go through this initial process of discovery. I know what's there that's happening in the background. And then I try to connect and I have to go through this process of what's called authentication association, and then I do a handshake that allows me to establish a key which will be used for my session with that access.

So while I'm connected, we have a set of cryptographic keys that we're going to use to encrypt our data. There's another set of exchanges that have to occur in an enterprise network between the association phase and the four way handshake or these EA poll messages. And I want to dive into that deep now, but first I want to note that the EA poll, the four way shake is gonna come up again.

I'll spend a little more time a little later diving deeper into that so that you understand how that four way handshake works. Basically, at this point, you can think of it as just an authentication mechanism. And for this purpose, I used a word intentionally that was already used There's an authentication process that I think is a bit of a misnomer today.

There were good reasons at the time it was established to call it that But true authentication ensuring that a client is authorized to access a network and its resources, that's really established during that four way handshake. So think of that as the authentication scheme as well as the establishment of session keys such that we can encrypt our data.