Security analysis of various methods of encrypting Wi-Fi network

As Wi-Fi continues to spread, its security issues are highlighted. 802.11 is the wireless LAN standard established by IEEE. Wi-Fi is a commercial 802.11 standard. Because the Wi-Fi Alliance early no mature security mechanism, resulting in the spread of the net people.

This article provides security analysis for the hidden SSID mac binding WEP WPA WPA2 and its Enterprise edition. Because the Wi-Fi Alliance early no mature security mechanism, resulting in the spread of the net people. How can you better encrypt your own wireless network, so that the net people to quit? Here to provide you with a few references.

1 Hide SSID

Prevent illegal users from scanning your wireless network.

But it's very easy to crack. As long as data is passed, some sniffer software is easy to scan into a radio network that does not broadcast, getting your SSID and AP MAC.

Therefore, it can only be used as a supplementary means of wireless security.

Security level: Very low.

2 Modifying the SSID

When a user uses WPA or WPA2 encryption, the modified SSID can effectively prevent brute force cracking through ready-made table.

Cracked WPA or WPA2, the method is to get four times after the handshake package brute force. With already hash table, the crack speed can be doubled hundreds of times times. This hash is the combination of the SSID and the password as a variable. Many hackers are already doing the common SSID and hash table, which is calculated by the social engineering password, which can be downloaded online, some even free. If your SSID is not in the list, there is no ready-made table. And do table itself than hanging dictionary crack more time-consuming, so it loses meaning.

Security level: High (need to be used with WPA WPA2).

3 using MAC Filtering

The surface appears to be an extremely perfect anti rubbing scheme. But you can go online by forging your Mac. Very easy to crack. and Mac values are extremely easy to sniff.

Security level: Very low.

4 Using WEP encryption

Very easy to be cracked. Today, using WEP encryption and unencrypted is basically equivalent, without any security whatsoever. Even complex passwords can be cracked in minutes.

Security level: Very low.

5 use WPA or WPA2 personal version encryption

So far, there is only one way to crack: brute force. If you set a strong password, the probability of cracking is almost 0. In addition, the encryption algorithm selects AES.

Choose WPA2 as much as possible, because WPA2 is more secure than WPA. WPA2 is the real 802.11i, and WPA is just a draft of 3, there are a lot of deficiencies.

The speed of violent cracking is extremely low. Generally only 300key/s, even if take the so-called GPU acceleration, speed is just 10000 key/s, for a 8-digit alphanumeric characters of the complex password to crack time need 2,900 years! Even if the use of 100 units distributed, it will take 29 years!

Security level: High.

Here, you should see that if you don't encrypt or use WEP, it doesn't make any sense to even take a 1,2,3 approach. Cracking is a matter of minutes. But if you only use WPA2, and the password is extremely complex, the crack is calculated in years.

Now I'm going to mention more advanced WiFi security.

1 WPA2 Enterprise Edition

The WPA2 Enterprise Edition requires a RADIUS dial server to provide certification for 802.1x.

The PMK=PSK,PSK in the Personal edition is fixed. Although in subsequent communications, the key is changed, but the initial key is fixed. This is why the original four handshake packets can be cracked (the hash mentioned above is the generated hash of the PSK, and there are other hash calculations in the four handshake). And the entire WLAN, PSK uniqueness. Once leaked, it has disastrous consequences. You will typically reset the router and all legitimate clients.

In WPA2, the acquisition of PMK relies on the result of 802.1x authentication, and the PMK cannot be obtained by authentication failure. And the PMK of each certification is random. So the violent cracking here is totally meaningless. Unless you first crack the authentication mechanism, get the username and password.

And the current 802.1x security is good. In general, a better EAP has a good security. The following are some of the most common EAP methods: LEAP EAP-TLS EAP-TTLS PEAP. All EAP methods support two-way authentication, which can prevent man-in-the-middle attacks because the customer needs to authenticate the server and vice versa. Fake wireless access points cannot spoof server-side security authentication.

Even if an account, password leaks, then only an illegal user online. Cancel this account on the authentication server, OK.

2 It is best to modify the router's login password, preferably prohibit the use of wireless network logon. Do not even have to rub the network, can not modify the wireless router.

3 enable the PPPoE server. Users must dial with PPPoE before they can access the router and the Internet.

Using PPPoE can effectively prevent ARP attacks while enhancing the security of wireless networks. Even if the user cracked the wireless password, it is meaningless, and no cracked equivalent. And it's not easy to crack PPPoE.

With professional settings, you can make PPPoE more secure. For example, specify a service name (ISP name), select Chap only, do not select Pap for plaintext transmission, and so on.

This is what I think of to make wireless network more secure several solutions and analysis. More superficial, if there is a fallacy, please give treatise.