WPA-PSK FOUR WAY HANDSHAKE [Chicken Example]
Last Post: June 22, 2006:
-
Hi Devin,
Your Chicken and Egg Example is really great.
Explanation is Beautiful.
But when i try to map the Example to the Four Way Handshake i have
probs.
Message one : EAPOL-KEY (ANONCE,UNICAST) [Identical Eggs]
----------------
Message two : EAPOL-KEY (SNONCE,UNICAST,MIC) [Identical Eggs]
----------------
HOW and Why is this MIC?
Message three : EAPOL-KEY (Install PTK, UNICAST,MIC,Encrypted GTK)
-----------------
[Golden EGG] Why does install PTK happens in Step 3 and not after step 1?
How is the MIC created Again.?
Message four : EAPOL-KEY (UNICAST,MIC)
-----------------
How do i map this Step 4 to the Chicken Example.
How is the MIC created Again.?
Help me devin
Thanks ,
S.Senthilraj -
Howdy. Glad you liked it. My grandfather was a chicken farmer, so there's still some of that mentality inside me. :-)
I didn't go into the detail of the pieces of the 4-Way Handshake in the Chicken Whitepaper. The point of the whitepaper was to take a novice and help him/her understand the basic premise of the 802.11i AKM process.
Section 5.9.2.1 in the 802.11i amendment shows the process. Section 8.5.3 defines the pieces and parts that go into each of the 4 messages that are part of the 4-Way Handshake.
You can download the 802.11i amendment here for free:
http://standards.ieee.org/getieee802/802.11.html
thanks,
Devinator -
Hi Devin,
Thanks for your quick response.
Best Regards,
S.Senthilraj -
Devinator, yes that analogy is clear.
Here is what I understood.
Q. Why did the chicken cross the road?
A. To get to the ?¡é?€??GOLDEN?¡é?€?? prize.
Or better yet,
Old MAC Address had a farm (E. A. P. O. L.),
and on that farm he had these chickens (E. A. P. O. L.)
With a white chicken here, and a golden chicken there.
Here a chicken, there a chicken, every egg babysitting. (E. A. P. O. L.) !
Thought this would be appropriate for my 200th post. :) -
Hi Devin,
Finally managed to read your white paper on 802.11i authentication and key management today. It was explained pretty neatly and not oversimplified. Good work :-)
Thanks
Nishanth -
Thanks!
-
Hi Devin,
Going by your chichken analogy,after the white chicken is created on both sides the 4 way hand shake starts (mating starts) ;-). Now is the 4 way hand shake encrypted or is it a free show for all. Can this be exploited?
-Nishanth -
Googled around for some answers and found the following
->If 802.11i is used with a weak Passphrase the PSK can be found by brute force methods and there are a lot of cracking tools available for the same. e.g CoWPAtty WPA Cracker, WPA Cracker
For more tools
http://www.wardrive.net/wardriving/tools
-> Can I conclude 802.11i with AAA keys provides better security than 80211.i with passphrase ?
-//ishanth
- 1