WPS:
Wi-Fi Protected Setup (WPS) is the
industry standard method to simplify the security setup of Wi-Fi networks. You
now can easily setup and connect to a WPA-enabled 802.11 network with
WPS-certificated devices using either Personal Information Number (PIN) or Push
Button Configuration (PBC) or NFC.
Push button method: in which the user has to push a button, on both the
access point and the new wireless client device. Support of this mode is
mandatory for access points and optional for connecting devices.
PIN entry: in all Wi-Fi Protected Setup networks, a unique PIN
(Personal Identification Number) will be required for each device to join the
network. A fixed PIN label or sticker may be placed on a device, or a
dynamic PIN can be generated and shown on the device's display (e.g., a TV
screen or monitor). PIN is used to make sure the intended device is added
to the network being set up and will help to avoid accidental or malicious
attempts to add unintended devices to the network.
Access Point will detect when a new
Wi-Fi device is in range, and prompt the user to enter the PIN, if wishes to
add the new device to the network. In this mode, Wi-Fi Protected Setup
network encrypts data and authenticates each device on the network. The
PIN entry method is supported in all devices.
Cons: Vulnerabilities (Brute-Force Attack)
8 digit Pin
number, 107 = 10,000,000 possible combinations. When an client
attempts to gain access using a PIN, the AP reports the validity of the first
and second half of the PIN separately. Since the first half of the pin consists
of four digits (10,000 possibilities) and the second half has only three active
digits (1000 possibilities), at most 11,000 guesses are needed before the PIN
is recovered
How it works:
The WPS protocol consists of a series of
EAP message exchanges that are triggered by a user action, relying on an
exchange of descriptive information that should precede that user's action. The
descriptive information is transferred through a new Information Element (IE) that
is added to the beacon, probe response, and optionally to the probe request and
association request/response messages. Other than purely informative type-length-values, those IEs will
also hold the possible and the currently deployed configuration methods of the
device
Comments
Post a Comment