WPA/WPA2: Placebo or Panacea?
Document Type
Conference Proceeding
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science / Centre for Security Research
RAS ID
2987
Abstract
The increase in the use of wireless networks has seen a subsequent demand for greater security. Early security mechanisms in the 802.11 wireless protocol suite did not provide adequate security for either data or authentication. The IEEE developed the 802.1 Ii extension to address these security problems, with the public name being Wi-Fi protected Access (WPA). This introduced strong mutual authentication and also data encryption to protect wireless networks, and the claim is made that wireless networks using WPA are secure. Tools such as Hotspotter and Aireplay can be used to crack WPA, allowing for defeat of both personal and enterprise methods used to authenticate users and access points. In addition, problems associated with Layer 1 and 2 denial of service attacks have not been addressed. It would be unwise to rely on WPA / WPA2 in isolation to protect a wireless network.
Comments
Woodward, A. (2005). WPA/WPA2: Placebo or panacea?. In proceedings of the Proceedings of 6th Australian Information Warfare & Security Conference. Melbourne, VIC: Deakin University