🍈 Zettelkasten

❯

❯

WI-FI Protected Access

WI-FI Protected Access

Feb 05, 20251 min read

networking
security

A security policy for WAPs using IEE 802.11. Designed to replace WEP

WPA Versions

WPA

Uses TKIP encryption specially designed for WPA.

WPA2

Uses AES-128 encryption in CCMP
Can be optionally backwards compatible to include TKIP, but its not recommended
Uses a 4-way handshake to share the PSK

WPA3

Uses AES-256 encryption in GCMP or CCMP
Does not allow TKIP
Uses Diffie Hellman Key Exchange in SAE

Security Modes

Personal

Everybody has the same pre-shared key (PSK)

Enterprise

Requires the setup of a RADIUS or TACACS+ authentication server

PSK Problem (WPA2 Only)

Attacker listens to the 4 way handshake and steals the PSK hash
Attacker brute forces the hash to find the PSK
The PSK can be used to decrypt the network password

Graph View

WPA Versions
WPA
WPA2
WPA3
Security Modes
Personal
Enterprise
PSK Problem (WPA2 Only)

Backlinks

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
Galois Counter Mode Protocol
Global System for Mobile Communications
WAP Security
WI-FI
Wireless Local Area Network

Created with Quartz v4.4.0 © 2025

GitHub
Discord Community