788:(Key Reinstallation Attack) attack on WPA2 were published. The KRACK attack is believed to affect all variants of WPA and WPA2; however, the security implications vary between implementations, depending upon how individual developers interpreted a poorly specified part of the standard. Software patches can resolve the vulnerability but are not available for all devices. KRACK exploits a weakness in the WPA2 4-Way Handshake, a critical process for generating encryption keys. Attackers can force multiple handshakes, manipulating key resets. By intercepting the handshake, they could decrypt network traffic without cracking encryption directly. This poses a risk, especially with sensitive data transmission.
182:-based encryption mode. Certification began in September, 2004. From March 13, 2006, to June 30, 2020, WPA2 certification was mandatory for all new devices to bear the Wi-Fi trademark. In WPA2-protected WLANs, secure communication is established through a multi-step process. Initially, devices associate with the Access Point (AP) via an association request. This is followed by a 4-way handshake, a crucial step ensuring both the client and AP have the correct Pre-Shared Key (PSK) without actually transmitting it. During this handshake, a Pairwise Transient Key (PTK) is generated for secure data exchange.
592:, meaning that once an adverse person discovers the pre-shared key, they can potentially decrypt all packets encrypted using that PSK transmitted in the future and even past, which could be passively and silently collected by the attacker. This also means an attacker can silently capture and decrypt others' packets if a WPA-protected access point is provided free of charge at a public place, because its password is usually shared to anyone in that place. In other words, WPA only protects from attackers who do not have access to the password. Because of that, it's safer to use
810:
making almost all Wi-Fi products vulnerable. The vulnerabilities impact all Wi-Fi security protocols, including WPA3 and WEP. Exploiting these flaws is complex but programming errors in Wi-Fi products are easier to exploit. Despite improvements in Wi-Fi security, these findings highlight the need for continuous security analysis and updates. In response, security patches were developed, and users are advised to use HTTPS and install available updates for protection.
676:(WPS) feature, regardless of which encryption method they use. Most recent models have this feature and enable it by default. Many consumer Wi-Fi device manufacturers had taken steps to eliminate the potential of weak passphrase choices by promoting alternative methods of automatically generating and distributing strong keys when users add a new wireless adapter or appliance to a network. These methods include pushing buttons on the devices or entering an 8-digit
91:
combining a new
Initialization Vector (IV) with a shared key (it has 40 bits of vectored key and 24 bits of random numbers). Decryption involved reversing this process, using the IV and the shared key to generate a key stream and decrypt the payload. Despite its initial use, WEP's significant vulnerabilities led to the adoption of more secure protocols.
126:(TKIP). WEP used a 64-bit or 128-bit encryption key that must be manually entered on wireless access points and devices and does not change. TKIP employs a per-packet key, meaning that it dynamically generates a new 128-bit key for each packet and thus prevents the types of attacks that compromised WEP.
663:
The vulnerabilities of TKIP are significant because WPA-TKIP had been held before to be an extremely safe combination; indeed, WPA-TKIP is still a configuration option upon a wide variety of wireless routing devices provided by many hardware vendors. A survey in 2013 showed that 71% still allow usage
651:
Halvorsen and others show how to modify the Beck-Tews attack to allow injection of 3 to 7 packets having a size of at most 596 bytes. The downside is that their attack requires substantially more time to execute: approximately 18 minutes and 25 seconds. In other work
Vanhoef and Piessens showed that,
575:
WPA3 replaces cryptographic protocols susceptible to off-line analysis with protocols that require interaction with the infrastructure for each guessed password, supposedly placing temporal limits on the number of guesses. However, design flaws in WPA3 enable attackers to plausibly launch brute-force
90:
WEP (Wired
Equivalent Privacy) was an early encryption protocol for wireless networks, designed to secure WLAN connections. It supported 64-bit and 128-bit keys, combining user-configurable and factory-set bits. WEP used the RC4 algorithm for encrypting data, creating a unique key for each packet by
809:
On May 11, 2021, FragAttacks, a set of new security vulnerabilities, were revealed, affecting Wi-Fi devices and enabling attackers within range to steal information or target devices. These include design flaws in the Wi-Fi standard, affecting most devices, and programming errors in Wi-Fi products,
683:
The Wi-Fi
Alliance standardized these methods as Wi-Fi Protected Setup; however, the PIN feature as widely implemented introduced a major new security flaw. The flaw allows a remote attacker to recover the WPS PIN and, with it, the router's WPA/WPA2 password in a few hours. Users have been urged to
311:
Different WPA versions and protection mechanisms can be distinguished based on the target end-user (such as WEP, WPA, WPA2, WPA3) and the method of authentication key distribution, as well as the encryption protocol used. As of July 2020, WPA3 is the latest iteration of the WPA standard, bringing
757:
out-of-tree drivers, which generate the GTK themselves, and showed the GTK can be recovered within two minutes or less. Similarly, they demonstrated the keys generated by
Broadcom access daemons running on VxWorks 5 and later can be recovered in four minutes or less, which affects, for example,
800:
The
Dragonblood attacks exposed significant vulnerabilities in the Dragonfly handshake protocol used in WPA3 and EAP-pwd. These included side-channel attacks potentially revealing sensitive user information and implementation weaknesses in EAP-pwd and SAE. Concerns were also raised about the
66:
WPA (sometimes referred to as the TKIP standard) became available in 2003. The Wi-Fi
Alliance intended it as an intermediate measure in anticipation of the availability of the more secure and complex WPA2, which became available in 2004 and is a common shorthand for the full IEEE 802.11i (or
712:
Tunneled EAP methods using TTLS or PEAP which encrypt the MSCHAPv2 exchange are widely deployed to protect against exploitation of this vulnerability. However, prevalent WPA2 client implementations during the early 2000s were prone to misconfiguration by end users, or in some cases (e.g.
687:
In 2018, the Wi-Fi
Alliance introduced Wi-Fi Easy Connect as a new alternative for the configuration of devices that lack sufficient user interface capabilities by allowing nearby devices to serve as an adequate UI for network provisioning purposes, thus mitigating the need for WPS.
151:
to verify the integrity of the packets. TKIP is much stronger than a CRC, but not as strong as the algorithm used in WPA2. Researchers have since discovered a flaw in WPA that relied on older weaknesses in WEP and the limitations of the message integrity code hash function, named
524:
802.1X clients and servers developed by specific firms may support other EAP types. This certification is an attempt for popular EAP types to interoperate; their failure to do so as of 2013 is one of the major issues preventing rollout of 802.1X on heterogeneous networks.
213:
Post-handshake, the established PTK is used for encrypting unicast traffic, and the Group
Temporal Key (GTK) is used for broadcast traffic. This comprehensive authentication and encryption mechanism is what makes WPA2 a robust security standard for wireless networks.
749:(AP). Additionally, they showed that possession of the GTK enables the attacker to inject any traffic into the network, and allowed the attacker to decrypt unicast internet traffic transmitted over the wireless network. They demonstrated their attack against an
791:
Manufacturers have released patches in response, but not all devices have received updates. Users are advised to keep their devices updated to mitigate such security risks. Regular updates are crucial for maintaining network security against evolving threats.
384:
server for authentication, offering higher security control by replacing the vulnerable WEP with the more advanced TKIP encryption. TKIP ensures continuous renewal of encryption keys, reducing security risks. Authentication is conducted through a
801:
inadequate security in transitional modes supporting both WPA2 and WPA3. In response, security updates and protocol changes are being integrated into WPA3 and EAP-pwd to address these vulnerabilities and enhance overall Wi-Fi security.
333:) mode, this is designed for home, small office and basic uses and does not require an authentication server. Each wireless network device encrypts the network traffic by deriving its 128-bit encryption key from a 256-bit shared
312:
enhanced security features and addressing vulnerabilities found in WPA2. WPA3 improves authentication methods and employs stronger encryption protocols, making it the recommended choice for securing Wi-Fi networks.
222:
In
January 2018, the Wi-Fi Alliance announced WPA3 as a replacement to WPA2. Certification began in June 2018, and WPA3 support has been mandatory for devices which bear the "Wi-Fi CERTIFIED™" logo since July 2020.
708:
and Marsh Ray). Moxie advised: "Enterprises who are depending on the mutual authentication properties of MS-CHAPv2 for connection to their WPA2 Radius servers should immediately start migrating to something else."
1696:
700:
2, some of which severely reduce the complexity of brute-force attacks, making them feasible with modern hardware. In 2012 the complexity of breaking MS-CHAPv2 was reduced to that of breaking a single
721:
attack scenarios. Under stricter compliance tests for WPA2 announced alongside WPA3, certified client software will be required to conform to certain behaviors surrounding AAA certificate validation.
608:
attacks of Erik Tews and Martin Beck. They demonstrated how to inject an arbitrary number of packets, with each packet containing at most 112 bytes of payload. This was demonstrated by implementing a
474:
announced the inclusion of additional EAP types to its WPA- and WPA2-Enterprise certification programs. This was to ensure that WPA-Enterprise certified products can interoperate with one another.
174:
Ratified in 2004, WPA2 replaced WPA. WPA2, which requires testing and certification by the Wi-Fi Alliance, implements the mandatory elements of IEEE 802.11i. In particular, it includes support for
349:. This pass-phrase-to-PSK mapping is nevertheless not binding, as Annex J is informative in the latest 802.11 standard. If ASCII characters are used, the 256-bit key is calculated by applying the
684:
turn off the WPS feature, although this may not be possible on some router models. Also, the PIN is written on a label on most Wi-Fi routers with WPS, which cannot be changed if compromised.
277:. The Wi-Fi Alliance also says that WPA3 will mitigate security issues posed by weak passwords and simplify the process of setting up devices with no display interface. WPA3 also supports
389:
server, providing robust security, especially vital in corporate settings. This setup allows integration with Windows login processes and supports various authentication methods like
2360:
2679:
652:
when WPA is used to encrypt broadcast packets, their original attack can also be executed. This is an important extension, as substantially more networks use WPA to protect
1407:
1353:
745:(RNG). Researchers showed that, if vendors implement the proposed RNG, an attacker is able to predict the group key (GTK) that is supposed to be randomly generated by the
717:), lacked any user-accessible way to properly configure validation of AAA server certificate CNs. This extended the relevance of the original weakness in MSCHAPv2 within
1704:
2206:
296:
WPA has been designed specifically to work with wireless hardware produced prior to the introduction of WPA protocol, which provides inadequate security through
827:
145:
existed to solve these problems, but they required too much computation to be used on old network cards. WPA uses a message integrity check algorithm called
393:, which uses certificates for secure authentication, and PEAP, creating a protected environment for authentication without requiring client certificates.
758:
certain versions of Linksys WRT54G and certain Apple AirPort Extreme models. Vendors can defend against this attack by using a secure RNG. By doing so,
193:. This protocol ensures robust encryption and data integrity, using different Initialization Vectors (IVs) for encryption and authentication purposes.
660:. The execution time of this attack is on average around 7 minutes, compared to the 14 minutes of the original Vanhoef-Piessens and Beck-Tews attack.
1595:
3604:
3599:
3594:
3589:
3584:
3579:
3574:
2388:
1566:
729:
Hole196 is a vulnerability in the WPA2 protocol that abuses the shared Group Temporal Key (GTK). It can be used to conduct man-in-the-middle and
59:
to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found in the previous system,
1192:
147:
2060:
636:) to be enabled, while the Vanhoef-Piessens attack does not. Neither attack leads to recovery of the shared session key between the client and
2843:
2316:
2886:
493:
412:
stream cipher is used with a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet. This is used by WPA.
624:
when the victim visits a website. In contrast, the Beck-Tews attack could only decrypt short packets with mostly known content, such as
3654:
1424:
565:
exist for the top 1,000 network SSIDs and a multitude of common passwords, requiring only a quick lookup to speed up cracking WPA-PSK.
1373:
1102:
3520:
3261:
3256:
3246:
3241:
3236:
3231:
3226:
3221:
3211:
3206:
3201:
3196:
3186:
3181:
3176:
3171:
3156:
3151:
3146:
3141:
3136:
1271:
1220:
2419:
596:(TLS) or similar on top of that for the transfer of any sensitive data. However starting from WPA3, this issue has been addressed.
1145:. 2017 International Conference on Information and Telecommunication Technologies and Radio Electronics (UkrMiCo). pp. 1–4.
1130:. 2017 International Conference on Information and Telecommunication Technologies and Radio Electronics (UkrMiCo). pp. 1–4.
733:
attacks. However, it assumes that the attacker is already authenticated against Access Point and thus in possession of the GTK.
419:
640:. The authors say using a short rekeying interval can prevent some attacks but not all, and strongly recommend switching from
1906:
1080:
1004:
907:
859:
266:
300:. Some of these devices support WPA only after applying firmware upgrades, which are not available for some legacy devices.
2233:
616:. Additionally, they showed how to decrypt arbitrary packets sent to a client. They mentioned this can be used to hijack a
2160:
2103:
303:
Wi-Fi devices certified since 2006 support both the WPA and WPA2 security protocols. WPA3 is required since July 1, 2020.
119:(APs) were more extensive than those needed on the network cards, most pre-2003 APs could not be upgraded to support WPA.
3690:
3680:
2089:
2038:
1206:
3749:
2529:
1537:
463:
390:
1889:
Halvorsen, Finn M.; Haugen, Olav; Eian, Martin; Mjølsnes, Stig F. (September 30, 2009). "An Improved Attack on TKIP".
1613:
74:
In January 2018, the Wi-Fi Alliance announced the release of WPA3, which has several security improvements over WPA2.
2955:
2474:
2333:
1946:
1819:
1029:
672:
A more serious security flaw was revealed in December 2011 by Stefan Viehböck that affects wireless routers with the
278:
1395:
WPA is both forward and backward-compatible and is designed to run on existing Wi-Fi devices as a software download.
3754:
1523:
835:
2654:
1247:
641:
613:
605:
402:
255:
123:
112:
572:
starting from the four-way authentication handshake exchanged during association or periodic re-authentication.
2936:
939:
677:
628:
messages, and only allowed injection of 3 to 7 packets of at most 28 bytes. The Beck-Tews attack also requires
2911:
617:
2891:
2412:
1866:
430:
186:
179:
137:(CRC) that was used by the WEP standard. CRC's main flaw was that it did not provide a sufficiently strong
1725:
1329:
3320:
2881:
2584:
2499:
2479:
2134:
1567:"Wi-Fi Alliance expands Wi-Fi Protected Access Certification Program for Enterprise and Government Users"
625:
434:
142:
77:
As of 2023, most computers that connect to a wireless network have support for using WPA, WPA2, or WPA3.
1923:
887:. 2009 2nd IEEE International Conference on Computer Science and Information Technology. pp. 48–52.
3723:
2452:
2428:
1574:
714:
453:, though not all implementations enforce this. Otherwise, the data rate will not exceed 54 Mbit/s.
346:
133:, which is designed to prevent an attacker from altering and resending data packets. This replaces the
2385:
1796:
1449:
Each character in the passphrase must have an encoding in the range of 32 to 126 (decimal), inclusive.
1057:
3290:
2489:
2260:
Alhamry, Mohamed; Elmedany, Wael (2022). "Exploring Wi-Fi WPA2 KRACK Vulnerability: A Review Paper".
653:
115:
designed for WEP that began shipping as far back as 1999. However, since the changes required in the
2366:
2068:
2724:
1314:
730:
718:
701:
593:
467:
297:
100:
60:
3728:
2589:
2579:
2559:
2405:
2339:
1663:
742:
353:
134:
130:
1804:
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
762:
running on Linux kernels is not vulnerable against this attack and thus routers running typical
450:
449:. According to the 802.11n specification, this encryption protocol must be used to achieve fast
2901:
2462:
2375:
1971:
1771:
3695:
2818:
2554:
2381:
Weakness in Passphrase Choice in WPA Interface, by Robert Moskowitz. Retrieved March 2, 2004.
1428:
746:
673:
637:
529:
357:
206:
The AP calculating the PTK from these numbers and sending an encrypted message to the client.
116:
1383:
226:
The new standard uses an equivalent 192-bit cryptographic strength in WPA3-Enterprise mode (
3759:
2961:
2709:
2639:
17:
2013:
8:
1989:"Vulnerability Note VU#723755 - WiFi Protected Setup (WPS) PIN brute force vulnerability"
645:
415:
361:
243:
231:
190:
175:
1703:. International Journal of Information and Computer Security. 2014-03-13. Archived from
965:
2719:
2234:"KRACK Wi-Fi attack threatens all networks: How to stay safe and what you need to know"
1952:
1825:
1010:
629:
334:
209:
The client decrypting this message with the PTK, confirming successful authentication.
3392:
3387:
3367:
3351:
3345:
3340:
3335:
3330:
3325:
3315:
3310:
3300:
3295:
2931:
2801:
2761:
2329:
2064:
1942:
1902:
1815:
1596:"Wi-Fi CERTIFIED™ expanded to support EAP-AKA and EAP-FAST authentication mechanisms"
1175:. 2017 13th International Computer Engineering Conference (ICENCO). pp. 323–330.
1160:. 2017 13th International Computer Engineering Conference (ICENCO). pp. 323–330.
1076:
1000:
903:
705:
558:
554:
285:
169:
104:
68:
741:
In 2016 it was shown that the WPA and WPA2 standards contain an insecure expository
3285:
2951:
1956:
1934:
1894:
1829:
1807:
1672:
1068:
992:
831:
533:
108:
2262:
2022 International Conference on Data Analytics for Business and Industry (ICDABI)
1843:
1746:
2714:
2392:
2355:
1512:. 2015 International Conference on Communication Networks (ICCN). pp. 53–56.
1014:
589:
274:
189:
with a 128-bit key, enhancing security through the Counter-Mode/CBC-Mac Protocol
157:
2292:"Fragment and forge: Breaking Wi-Fi through frame aggregation and fragmentation"
1898:
1641:
1295:
437:
is significantly stronger in protection for both privacy and integrity than the
99:
The Wi-Fi Alliance intended WPA as an intermediate measure to take the place of
3569:
2699:
2694:
2614:
2564:
2111:
1463:
1378:
1106:
471:
330:
262:
138:
56:
2380:
2291:
1676:
1143:
Test for penetration in Wi-Fi network: Attacks on WPA2-PSK and WPA2-Enterprise
1128:
Test for penetration in Wi-Fi network: Attacks on WPA2-PSK and WPA2-Enterprise
3743:
3675:
3619:
3614:
3609:
3559:
3554:
3549:
3539:
3515:
3491:
3479:
3468:
3457:
3445:
3440:
3435:
3430:
3417:
3406:
2896:
2876:
2729:
2704:
2634:
2524:
2469:
2351:
2104:"Mojo Networks Scalable Secure Cloud Managed WiFi WPA2 Hole196 Vulnerability"
1545:
1524:"Data rate will not exceed 54 Mbps when WEP or TKIP encryption is configured"
562:
1938:
1811:
1221:"Wi-Fi Alliance® introduces Wi-Fi CERTIFIED WPA3™ security | Wi-Fi Alliance"
1072:
883:
Lashkari, Arash Habibi; Danesh, Mir Mohammad Seyed; Samadi, Behrang (2009).
55:) are the three security certification programs developed after 2000 by the
3659:
3649:
3397:
3382:
3377:
3372:
3362:
3305:
2946:
2941:
2926:
2921:
2916:
2866:
2386:
The Evolution of 802.11 Wireless Security, by Kevin Benton, April 18th 2010
609:
270:
156:, to retrieve the keystream from short packets to use for re-injection and
1272:"Wi-Fi Alliance introduces Wi-Fi Certified WPA3 security | Wi-Fi Alliance"
996:
938:
Huang, Jianyong; Seberry, Jennifer; Susilo, Willy; Bunder, Martin (2005).
604:
In 2013, Mathy Vanhoef and Frank Piessens significantly improved upon the
3531:
3271:
3025:
2906:
2871:
2861:
2838:
2833:
2828:
2823:
2806:
2791:
2207:"Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping"
569:
338:
1988:
1931:
Proceedings of the 30th Annual Computer Security Applications Conference
1538:"Wi-Fi Alliance: Definition of EAP (Extensible Authentication Protocol)"
984:
3644:
3639:
2971:
2853:
2786:
2781:
2776:
2771:
2766:
2756:
1893:. Lecture Notes in Computer Science. Vol. 5838. pp. 120–132.
940:"Security analysis of Michael: the IEEE 802.11i message integrity code"
621:
537:
477:
As of 2010 the certification program includes the following EAP types:
342:
273:, resulting in a more secure initial key exchange in personal mode and
561:. WPA passphrase hashes are seeded from the SSID name and its length;
3705:
3685:
3543:
2796:
2689:
2684:
2669:
2659:
2649:
2629:
2624:
2609:
2599:
2594:
2574:
2569:
2549:
2544:
2539:
2534:
2519:
2484:
2279:. 2020 IEEE Symposium on Security and Privacy (SP). pp. 517–533.
1067:. Lecture Notes in Computer Science. Vol. 2595. pp. 76–93.
2976:
2748:
2739:
2457:
2447:
2442:
1330:"The Next Generation of Wi-Fi Security Will Save You From Yourself"
885:
A survey on wireless security protocols (wep, wpa and wpa2/802.11i)
860:"Wi-Fi Alliance® introduces security enhancements | Wi-Fi Alliance"
754:
517:
487:
251:
2326:
IEEE (The Institute of Electrical and Electronics Engineers, Inc.)
2277:
Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd
3700:
3496:
3462:
3411:
3356:
3251:
3216:
3191:
3166:
3161:
3131:
3126:
3121:
3115:
3109:
3104:
3099:
3094:
3088:
3082:
3077:
3072:
3067:
3061:
3055:
3050:
3045:
3040:
2985:
2619:
2604:
2397:
2061:"Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate"
1617:"Radius Server software and AAA RADIUS billing systems - Aradial"
1413:. U.S. National Security Agency, Cybersecurity Report. June 2018.
1359:. U.S. National Security Agency, Cybersecurity Report. June 2018.
1207:"WPA3 protocol will make public Wi-Fi hotspots a lot more secure"
763:
759:
697:
691:
657:
633:
511:
505:
481:
423:
315:
247:
235:
227:
2181:
1488:
3563:
3035:
3030:
3020:
3015:
3010:
3005:
3000:
2995:
2990:
2664:
2494:
2370:
1489:"WPA key calculation — From passphrase to hexadecimal key"
989:
2016 International Workshop on Secure Internet of Things (SIoT)
457:
386:
381:
350:
1315:
Wi-Fi Gets More Secure: Everything You Need to Know About WPA3
982:
3421:
3276:
2811:
2674:
2514:
983:
Dragomir, D.; Gheorghe, L.; Costea, S.; Radovici, A. (2016).
944:
International Conference on Embedded and Ubiquitous Computing
785:
779:
568:
Brute forcing of simple passwords can be attempted using the
254:) as the minimum encryption algorithm in WPA3-Personal mode.
2161:"Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys"
985:"A Survey on Secure Communication Protocols for IoT Systems"
372:. WPA-Personal mode is available on all three WPA versions.
2644:
2509:
2504:
2325:
2090:"Is WPA2 Security Broken Due to Defcon MS-CHAPv2 Cracking?"
1888:
1193:"Wi-Fi Alliance Launches WPA2 Enhancements and Debuts WPA3"
1036:
767:
750:
369:
365:
239:
1103:"WPA2 Security Now Mandatory for Wi-Fi CERTIFIED Products"
470:) was certified by the Wi-Fi alliance. In April 2010, the
441:-based TKIP that is used by WPA. Among informal names are
1616:
438:
409:
937:
2039:"Wi-Fi Alliance introduces WPA3 and Wi-Fi Easy Connect"
966:"Battered, but not broken: understanding the WPA crack"
736:
288:
amendment is also enforced by the WPA3 specifications.
2255:
2253:
203:
The client responding with its random number (SNonce).
200:
The AP sending a random number (ANonce) to the client.
1508:
Monga, Kashish; Arora, Vishal; Kumar, Ashish (2015).
599:
536:
Steelbelted RADIUS as well as Aradial Radius server.
1797:"Practical verification of WPA-TKIP vulnerabilities"
1368:
1366:
1186:
1184:
1182:
882:
553:
WPA-Personal and WPA2-Personal remain vulnerable to
284:
Protection of management frames as specified in the
281:
for open Wi-Fi networks that do not have passwords.
269:(SAE) exchange, a method originally introduced with
2250:
1790:
1788:
1171:Abo-Soliman, Mohamed A.; Azer, Marianne A. (2017).
1156:Abo-Soliman, Mohamed A.; Azer, Marianne A. (2017).
337:. This key may be entered either as a string of 64
2376:Wi-Fi Alliance's Interoperability Certificate page
2135:"DEF CON® Hacking Conference - DEF CON 18 Archive"
1662:
141:guarantee for the packets it handled. Well-tested
2168:Proceedings of the 25th USENIX Security Symposium
1924:"Advanced Wi-Fi attacks using commodity hardware"
1922:Vanhoef, Mathy; Piessens, Frank (December 2014).
1697:"Exposing WPA2 security protocol vulnerabilities"
1363:
1179:
612:, which can be executed against any client using
3741:
1785:
1726:"Researchers Outline How to Crack WPA2 Security"
1140:
1125:
27:Security protocol for wireless computer networks
2259:
2159:Vanhoef, Mathy; Piessens, Frank (August 2016).
2158:
1921:
1794:
1510:Analyzing the behavior of WPA with modification
1507:
1170:
1155:
1141:Radivilova, Tamara; Hassan, Hassan Ali (2017).
1126:Radivilova, Tamara; Hassan, Hassan Ali (2017).
854:
852:
1453:The space character is included in this range.
1095:
692:MS-CHAPv2 and lack of AAA server CN validation
316:Target users (authentication key distribution)
185:WPA2 employs the Advanced Encryption Standard
2413:
1190:
2274:
1795:Vanhoef, Mathy; Piessens, Frank (May 2013).
1612:
1486:
849:
528:Commercial 802.1X servers include Microsoft
458:EAP extensions under WPA and WPA2 Enterprise
2152:
664:of TKIP, and 19% exclusively support TKIP.
620:, allowing an attacker to inject malicious
435:message authenticity and integrity checking
107:standard. WPA could be implemented through
2420:
2406:
583:
1963:
1173:A study in WPA2 enterprise recent attacks
1158:A study in WPA2 enterprise recent attacks
770:installations do not exhibit this issue.
1969:
1891:Identity and Privacy in the Internet Age
1324:
1322:
429:The protocol used by WPA2, based on the
2289:
2231:
1844:"Practical Attacks against WEP and WPA"
1642:"Church of Wifi WPA-PSK Rainbow Tables"
1055:
279:Opportunistic Wireless Encryption (OWE)
14:
3742:
922:
897:
696:Several weaknesses have been found in
396:
2401:
1972:"Brute forcing Wi-Fi Protected Setup"
1970:Viehbock, Stefan (26 December 2011).
1451:(IEEE Std. 802.11i-2004, Annex H.4.1)
1319:
1242:
1240:
900:Managing and Troubleshooting Networks
267:Simultaneous Authentication of Equals
103:pending the availability of the full
2275:Vanhoef, Mathy; Ronen, Eyal (2020).
1374:"Wi-Fi Protected Access White Paper"
737:Predictable Group Temporal Key (GTK)
261:The WPA3 standard also replaces the
2132:
1027:
667:
291:
24:
2427:
1806:. ASIA CCS '13. pp. 427–436.
1487:van Rantwijk, Joris (2006-12-06).
1408:"WPA3 Will Enhance WI-FI Security"
1354:"WPA3 Will Enhance WI-FI Security"
1237:
1058:"On the Security of CTR + CBC-MAC"
1030:"On the Security of CTR + CBC-MAC"
600:WPA packet spoofing and decryption
543:
464:Extensible Authentication Protocol
391:Extensible Authentication Protocol
306:
25:
3771:
2308:
540:is an open source 802.1X server.
405:(Temporal Key Integrity Protocol)
375:
242:), and still mandates the use of
1747:"WPA2 wireless security cracked"
1664:"WPA2 wireless security cracked"
1248:"File Download | Wi-Fi Alliance"
1191:Dawn Kawamoto (8 January 2018).
784:In October 2017, details of the
577:
548:
122:The WPA protocol implements the
113:wireless network interface cards
2283:
2268:
2225:
2199:
2174:
2126:
2096:
2082:
2053:
2031:
2006:
1981:
1933:. ACSAC '14. pp. 256–265.
1915:
1882:
1867:"Enhanced TKIP Michael Attacks"
1859:
1836:
1774:. InfoSec Community. 2014-05-02
1764:
1739:
1718:
1689:
1655:
1634:
1606:
1588:
1559:
1530:
1516:
1501:
1480:
1456:
1442:
1417:
1400:
1346:
1308:
1288:
1264:
1213:
1199:
1164:
1149:
1134:
1119:
1049:
773:
433:(AES) cipher along with strong
320:
124:Temporal Key Integrity Protocol
2232:Chacos, Brad; Simon, Michael.
2182:"KRACK Attacks: Breaking WPA2"
1728:. SecurityWeek.Com. 2014-03-24
1600:Wi-Fi Alliance Featured Topics
1542:Wi-Fi Alliance Featured Topics
1296:"Wi-Fi Certified WPA3 Program"
1065:Selected Areas in Cryptography
1021:
976:
958:
931:
916:
891:
876:
828:"Understanding WEP Weaknesses"
820:
804:
795:
753:RT-AC51U router that uses the
196:The 4-way handshake involves:
13:
1:
2314:Official standards document:
813:
380:This enterprise mode uses an
356:to the passphrase, using the
1571:Wi-Fi Alliance Press Release
1464:"IEEE SA - IEEE 802.11-2020"
588:WPA and WPA2 do not provide
496:v0/EAP-MSCHAPv2 (April 2005)
451:802.11n high bitrate schemes
431:Advanced Encryption Standard
143:message authentication codes
7:
1899:10.1007/978-3-642-04766-4_9
1209:. Techspot. 9 January 2018.
925:CWNA Guide to Wireless LANS
559:weak password or passphrase
557:attacks if users rely on a
499:PEAPv1/EAP-GTC (April 2005)
80:
10:
3776:
3724:IEEE Standards Association
1701:Inderscience.metapress.com
1425:"Wi-Fi Alliance: Glossary"
777:
724:
462:Originally, only EAP-TLS (
347:printable ASCII characters
167:
3750:Computer network security
3714:
3668:
3632:
3530:
3270:
2970:
2852:
2747:
2738:
2435:
1677:10.1504/IJICS.2014.059797
902:. Network+. McGraw Hill.
594:Transport Layer Security
468:Transport Layer Security
258:is not allowed in WPA3.
61:Wired Equivalent Privacy
49:Wi-Fi Protected Access 3
41:Wi-Fi Protected Access 2
3755:Cryptographic protocols
3729:Category:IEEE standards
2361:considered for deletion
2290:Vanhoef, Mathy (2017).
1939:10.1145/2664243.2664260
1812:10.1145/2484313.2484368
1073:10.1007/3-540-36492-7_7
1056:Jonsson, Jakob (2003).
743:random number generator
584:Lack of forward secrecy
364:and 4096 iterations of
354:key derivation function
217:
163:
135:cyclic redundancy check
131:Message Integrity Check
2014:""Wi-Fi Easy Connect""
927:. Networking. Thomson.
490:/MSCHAPv2 (April 2005)
117:wireless access points
94:
85:
33:Wi-Fi Protected Access
2318:IEEE Std 802.11i-2004
1772:"Exposing WPA2 Paper"
997:10.1109/siot.2016.012
923:Ciampa, Mark (2006).
898:Meyers, Mike (2004).
674:Wi-Fi Protected Setup
530:Network Policy Server
2108:Airtightnetworks.com
325:Also referred to as
265:(PSK) exchange with
129:WPA also includes a
2264:. pp. 766–772.
2133:Tangent, The Dark.
2114:on 13 November 2015
484:(previously tested)
397:Encryption protocol
2391:2016-03-02 at the
991:. pp. 47–62.
656:, than to protect
630:quality of service
578:Dragonblood attack
3737:
3736:
3628:
3627:
2213:. 16 October 2017
2065:Moxie Marlinspike
1908:978-3-642-04765-7
1082:978-3-540-00622-0
1006:978-1-5090-5091-8
909:978-0-07-225665-9
731:denial-of-service
706:Moxie Marlinspike
654:broadcast packets
555:password cracking
170:IEEE 802.11i-2004
109:firmware upgrades
69:IEEE 802.11i-2004
16:(Redirected from
3767:
2745:
2744:
2422:
2415:
2408:
2399:
2398:
2364:
2346:
2345:on May 17, 2005.
2344:
2338:. Archived from
2328:. 23 July 2004.
2323:
2302:
2301:
2299:
2298:
2287:
2281:
2280:
2272:
2266:
2265:
2257:
2248:
2247:
2245:
2244:
2229:
2223:
2222:
2220:
2218:
2203:
2197:
2196:
2194:
2192:
2186:Krackattacks.com
2178:
2172:
2171:
2165:
2156:
2150:
2149:
2147:
2145:
2130:
2124:
2123:
2121:
2119:
2110:. Archived from
2100:
2094:
2093:
2086:
2080:
2079:
2077:
2076:
2067:. Archived from
2057:
2051:
2050:
2048:
2046:
2035:
2029:
2028:
2026:
2024:
2010:
2004:
2003:
2001:
1999:
1985:
1979:
1978:
1976:
1967:
1961:
1960:
1928:
1919:
1913:
1912:
1886:
1880:
1879:
1877:
1876:
1871:
1863:
1857:
1856:
1854:
1853:
1848:
1840:
1834:
1833:
1801:
1792:
1783:
1782:
1780:
1779:
1768:
1762:
1761:
1759:
1758:
1743:
1737:
1736:
1734:
1733:
1722:
1716:
1715:
1713:
1712:
1693:
1687:
1686:
1684:
1683:
1666:
1659:
1653:
1652:
1650:
1649:
1638:
1632:
1631:
1629:
1627:
1610:
1604:
1603:
1592:
1586:
1585:
1583:
1582:
1573:. Archived from
1563:
1557:
1556:
1554:
1553:
1544:. Archived from
1534:
1528:
1527:
1520:
1514:
1513:
1505:
1499:
1498:
1496:
1495:
1484:
1478:
1477:
1475:
1474:
1460:
1454:
1446:
1440:
1439:
1437:
1436:
1427:. Archived from
1421:
1415:
1414:
1412:
1404:
1398:
1397:
1392:
1391:
1382:. Archived from
1370:
1361:
1360:
1358:
1350:
1344:
1343:
1341:
1340:
1326:
1317:
1312:
1306:
1305:
1303:
1302:
1292:
1286:
1285:
1283:
1282:
1268:
1262:
1261:
1259:
1258:
1244:
1235:
1234:
1232:
1231:
1217:
1211:
1210:
1203:
1197:
1196:
1188:
1177:
1176:
1168:
1162:
1161:
1153:
1147:
1146:
1138:
1132:
1131:
1123:
1117:
1116:
1114:
1113:
1099:
1093:
1092:
1090:
1089:
1062:
1053:
1047:
1046:
1044:
1043:
1034:
1028:Jonsson, Jakob.
1025:
1019:
1018:
980:
974:
973:
962:
956:
955:
953:
951:
935:
929:
928:
920:
914:
913:
895:
889:
888:
880:
874:
873:
871:
870:
856:
847:
846:
844:
843:
834:. Archived from
832:Wiley Publishing
824:
668:WPS PIN recovery
534:Juniper Networks
341:digits, or as a
292:Hardware support
21:
3775:
3774:
3770:
3769:
3768:
3766:
3765:
3764:
3740:
3739:
3738:
3733:
3710:
3664:
3624:
3526:
3274:
3266:
2974:
2966:
2848:
2734:
2431:
2426:
2393:Wayback Machine
2349:
2342:
2336:
2321:
2315:
2311:
2306:
2305:
2296:
2294:
2288:
2284:
2273:
2269:
2258:
2251:
2242:
2240:
2230:
2226:
2216:
2214:
2211:Arstechnica.com
2205:
2204:
2200:
2190:
2188:
2180:
2179:
2175:
2163:
2157:
2153:
2143:
2141:
2131:
2127:
2117:
2115:
2102:
2101:
2097:
2092:. 31 July 2012.
2088:
2087:
2083:
2074:
2072:
2059:
2058:
2054:
2044:
2042:
2037:
2036:
2032:
2022:
2020:
2012:
2011:
2007:
1997:
1995:
1987:
1986:
1982:
1974:
1968:
1964:
1949:
1926:
1920:
1916:
1909:
1887:
1883:
1874:
1872:
1869:
1865:
1864:
1860:
1851:
1849:
1846:
1842:
1841:
1837:
1822:
1799:
1793:
1786:
1777:
1775:
1770:
1769:
1765:
1756:
1754:
1745:
1744:
1740:
1731:
1729:
1724:
1723:
1719:
1710:
1708:
1695:
1694:
1690:
1681:
1679:
1661:
1660:
1656:
1647:
1645:
1644:. The Renderlab
1640:
1639:
1635:
1625:
1623:
1611:
1607:
1594:
1593:
1589:
1580:
1578:
1565:
1564:
1560:
1551:
1549:
1536:
1535:
1531:
1522:
1521:
1517:
1506:
1502:
1493:
1491:
1485:
1481:
1472:
1470:
1462:
1461:
1457:
1452:
1447:
1443:
1434:
1432:
1423:
1422:
1418:
1410:
1406:
1405:
1401:
1389:
1387:
1372:
1371:
1364:
1356:
1352:
1351:
1347:
1338:
1336:
1328:
1327:
1320:
1313:
1309:
1300:
1298:
1294:
1293:
1289:
1280:
1278:
1270:
1269:
1265:
1256:
1254:
1246:
1245:
1238:
1229:
1227:
1219:
1218:
1214:
1205:
1204:
1200:
1189:
1180:
1169:
1165:
1154:
1150:
1139:
1135:
1124:
1120:
1111:
1109:
1101:
1100:
1096:
1087:
1085:
1083:
1060:
1054:
1050:
1041:
1039:
1032:
1026:
1022:
1007:
981:
977:
964:
963:
959:
949:
947:
936:
932:
921:
917:
910:
896:
892:
881:
877:
868:
866:
858:
857:
850:
841:
839:
826:
825:
821:
816:
807:
798:
782:
776:
739:
727:
694:
670:
658:unicast packets
632:(as defined in
602:
590:forward secrecy
586:
551:
546:
544:Security issues
460:
399:
378:
323:
318:
309:
307:WPA terminology
294:
275:forward secrecy
220:
172:
166:
97:
88:
83:
28:
23:
22:
15:
12:
11:
5:
3773:
3763:
3762:
3757:
3752:
3735:
3734:
3732:
3731:
3726:
3721:
3715:
3712:
3711:
3709:
3708:
3703:
3698:
3693:
3688:
3683:
3678:
3672:
3670:
3666:
3665:
3663:
3662:
3657:
3652:
3647:
3642:
3636:
3634:
3630:
3629:
3626:
3625:
3623:
3622:
3617:
3612:
3607:
3602:
3597:
3592:
3587:
3582:
3577:
3572:
3567:
3557:
3552:
3547:
3536:
3534:
3528:
3527:
3525:
3524:
3512:
3509:
3506:
3503:
3500:
3488:
3485:
3482:
3477:
3474:
3471:
3466:
3454:
3451:
3448:
3443:
3438:
3433:
3428:
3425:
3415:
3403:
3400:
3395:
3390:
3385:
3380:
3375:
3370:
3365:
3360:
3348:
3343:
3338:
3333:
3328:
3323:
3318:
3313:
3308:
3303:
3298:
3293:
3288:
3282:
3280:
3268:
3267:
3265:
3264:
3259:
3254:
3249:
3244:
3239:
3234:
3229:
3224:
3219:
3214:
3209:
3204:
3199:
3194:
3189:
3184:
3179:
3174:
3169:
3164:
3159:
3154:
3149:
3144:
3139:
3134:
3129:
3124:
3119:
3112:
3107:
3102:
3097:
3092:
3085:
3080:
3075:
3070:
3065:
3058:
3053:
3048:
3043:
3038:
3033:
3028:
3023:
3018:
3013:
3008:
3003:
2998:
2993:
2988:
2982:
2980:
2968:
2967:
2965:
2964:
2959:
2949:
2944:
2939:
2934:
2929:
2924:
2919:
2914:
2909:
2904:
2899:
2894:
2889:
2884:
2879:
2874:
2869:
2864:
2858:
2856:
2850:
2849:
2847:
2846:
2841:
2836:
2831:
2826:
2821:
2816:
2815:
2814:
2804:
2799:
2794:
2789:
2784:
2779:
2774:
2769:
2764:
2759:
2753:
2751:
2742:
2736:
2735:
2733:
2732:
2727:
2722:
2717:
2712:
2707:
2702:
2697:
2692:
2687:
2682:
2677:
2672:
2667:
2662:
2657:
2652:
2647:
2642:
2637:
2632:
2627:
2622:
2617:
2612:
2607:
2602:
2597:
2592:
2587:
2582:
2577:
2572:
2567:
2562:
2557:
2552:
2547:
2542:
2537:
2532:
2527:
2522:
2517:
2512:
2507:
2502:
2497:
2492:
2487:
2482:
2477:
2472:
2467:
2466:
2465:
2455:
2450:
2445:
2439:
2437:
2433:
2432:
2429:IEEE standards
2425:
2424:
2417:
2410:
2402:
2396:
2395:
2383:
2378:
2373:
2347:
2334:
2310:
2309:External links
2307:
2304:
2303:
2282:
2267:
2249:
2224:
2198:
2173:
2151:
2125:
2095:
2081:
2052:
2041:. 26 June 2018
2030:
2005:
1980:
1962:
1947:
1914:
1907:
1881:
1858:
1835:
1820:
1784:
1763:
1738:
1717:
1688:
1654:
1633:
1605:
1587:
1558:
1529:
1515:
1500:
1479:
1455:
1441:
1416:
1399:
1379:Wi-Fi Alliance
1362:
1345:
1318:
1307:
1287:
1263:
1236:
1212:
1198:
1195:. DARKReading.
1178:
1163:
1148:
1133:
1118:
1107:Wi-Fi Alliance
1094:
1081:
1048:
1020:
1005:
975:
957:
930:
915:
908:
890:
875:
848:
818:
817:
815:
812:
806:
803:
797:
794:
778:Main article:
775:
772:
738:
735:
726:
723:
693:
690:
669:
666:
618:TCP connection
601:
598:
585:
582:
570:Aircrack Suite
563:rainbow tables
550:
547:
545:
542:
522:
521:
515:
509:
503:
500:
497:
491:
485:
472:Wi-Fi Alliance
459:
456:
455:
454:
427:
413:
406:
398:
395:
377:
376:WPA-Enterprise
374:
331:pre-shared key
322:
319:
317:
314:
308:
305:
293:
290:
263:pre-shared key
219:
216:
211:
210:
207:
204:
201:
168:Main article:
165:
162:
139:data integrity
96:
93:
87:
84:
82:
79:
57:Wi-Fi Alliance
26:
9:
6:
4:
3:
2:
3772:
3761:
3758:
3756:
3753:
3751:
3748:
3747:
3745:
3730:
3727:
3725:
3722:
3720:
3717:
3716:
3713:
3707:
3704:
3702:
3699:
3697:
3694:
3692:
3689:
3687:
3684:
3682:
3679:
3677:
3674:
3673:
3671:
3667:
3661:
3658:
3656:
3653:
3651:
3648:
3646:
3643:
3641:
3638:
3637:
3635:
3631:
3621:
3618:
3616:
3613:
3611:
3608:
3606:
3603:
3601:
3598:
3596:
3593:
3591:
3588:
3586:
3583:
3581:
3578:
3576:
3573:
3571:
3568:
3565:
3561:
3558:
3556:
3553:
3551:
3548:
3545:
3541:
3538:
3537:
3535:
3533:
3529:
3522:
3518:
3517:
3513:
3510:
3507:
3504:
3501:
3498:
3494:
3493:
3489:
3486:
3483:
3481:
3478:
3475:
3472:
3470:
3467:
3464:
3460:
3459:
3455:
3452:
3449:
3447:
3444:
3442:
3439:
3437:
3434:
3432:
3429:
3426:
3423:
3419:
3416:
3413:
3409:
3408:
3404:
3401:
3399:
3396:
3394:
3391:
3389:
3386:
3384:
3381:
3379:
3376:
3374:
3371:
3369:
3366:
3364:
3361:
3358:
3354:
3353:
3349:
3347:
3344:
3342:
3339:
3337:
3334:
3332:
3329:
3327:
3324:
3322:
3319:
3317:
3314:
3312:
3309:
3307:
3304:
3302:
3299:
3297:
3294:
3292:
3289:
3287:
3284:
3283:
3281:
3278:
3273:
3269:
3263:
3260:
3258:
3255:
3253:
3250:
3248:
3245:
3243:
3240:
3238:
3235:
3233:
3230:
3228:
3225:
3223:
3220:
3218:
3215:
3213:
3210:
3208:
3205:
3203:
3200:
3198:
3195:
3193:
3190:
3188:
3185:
3183:
3180:
3178:
3175:
3173:
3170:
3168:
3165:
3163:
3160:
3158:
3155:
3153:
3150:
3148:
3145:
3143:
3140:
3138:
3135:
3133:
3130:
3128:
3125:
3123:
3120:
3118:
3117:
3113:
3111:
3108:
3106:
3103:
3101:
3098:
3096:
3093:
3091:
3090:
3086:
3084:
3081:
3079:
3076:
3074:
3071:
3069:
3066:
3064:
3063:
3059:
3057:
3054:
3052:
3049:
3047:
3044:
3042:
3039:
3037:
3034:
3032:
3029:
3027:
3024:
3022:
3019:
3017:
3014:
3012:
3009:
3007:
3004:
3002:
2999:
2997:
2994:
2992:
2989:
2987:
2984:
2983:
2981:
2978:
2973:
2969:
2963:
2960:
2957:
2953:
2950:
2948:
2945:
2943:
2940:
2938:
2935:
2933:
2930:
2928:
2925:
2923:
2920:
2918:
2915:
2913:
2910:
2908:
2905:
2903:
2900:
2898:
2895:
2893:
2890:
2888:
2885:
2883:
2880:
2878:
2875:
2873:
2870:
2868:
2865:
2863:
2860:
2859:
2857:
2855:
2851:
2845:
2842:
2840:
2837:
2835:
2832:
2830:
2827:
2825:
2822:
2820:
2817:
2813:
2812:WiMAX · d · e
2810:
2809:
2808:
2805:
2803:
2800:
2798:
2795:
2793:
2790:
2788:
2785:
2783:
2780:
2778:
2775:
2773:
2770:
2768:
2765:
2763:
2760:
2758:
2755:
2754:
2752:
2750:
2746:
2743:
2741:
2737:
2731:
2728:
2726:
2723:
2721:
2718:
2716:
2713:
2711:
2708:
2706:
2703:
2701:
2698:
2696:
2693:
2691:
2688:
2686:
2683:
2681:
2678:
2676:
2673:
2671:
2668:
2666:
2663:
2661:
2658:
2656:
2653:
2651:
2648:
2646:
2643:
2641:
2638:
2636:
2633:
2631:
2628:
2626:
2623:
2621:
2618:
2616:
2613:
2611:
2608:
2606:
2603:
2601:
2598:
2596:
2593:
2591:
2588:
2586:
2583:
2581:
2578:
2576:
2573:
2571:
2568:
2566:
2563:
2561:
2558:
2556:
2553:
2551:
2548:
2546:
2543:
2541:
2538:
2536:
2533:
2531:
2528:
2526:
2523:
2521:
2518:
2516:
2513:
2511:
2508:
2506:
2503:
2501:
2498:
2496:
2493:
2491:
2488:
2486:
2483:
2481:
2478:
2476:
2473:
2471:
2468:
2464:
2461:
2460:
2459:
2456:
2454:
2451:
2449:
2446:
2444:
2441:
2440:
2438:
2434:
2430:
2423:
2418:
2416:
2411:
2409:
2404:
2403:
2400:
2394:
2390:
2387:
2384:
2382:
2379:
2377:
2374:
2372:
2368:
2362:
2358:
2357:
2353:
2348:
2341:
2337:
2335:0-7381-4074-0
2331:
2327:
2320:
2319:
2313:
2312:
2293:
2286:
2278:
2271:
2263:
2256:
2254:
2239:
2235:
2228:
2212:
2208:
2202:
2187:
2183:
2177:
2169:
2162:
2155:
2140:
2136:
2129:
2113:
2109:
2105:
2099:
2091:
2085:
2071:on 2016-03-16
2070:
2066:
2062:
2056:
2040:
2034:
2019:
2015:
2009:
1994:
1990:
1984:
1973:
1966:
1958:
1954:
1950:
1948:9781450330053
1944:
1940:
1936:
1932:
1925:
1918:
1910:
1904:
1900:
1896:
1892:
1885:
1868:
1862:
1845:
1839:
1831:
1827:
1823:
1821:9781450317672
1817:
1813:
1809:
1805:
1798:
1791:
1789:
1773:
1767:
1752:
1748:
1742:
1727:
1721:
1707:on 2014-03-22
1706:
1702:
1698:
1692:
1678:
1674:
1670:
1665:
1658:
1643:
1637:
1622:
1618:
1614:
1609:
1601:
1597:
1591:
1577:on 2010-08-19
1576:
1572:
1568:
1562:
1548:on 2011-07-26
1547:
1543:
1539:
1533:
1525:
1519:
1511:
1504:
1490:
1483:
1469:
1465:
1459:
1450:
1445:
1431:on 2010-03-04
1430:
1426:
1420:
1409:
1403:
1396:
1386:on 2008-09-14
1385:
1381:
1380:
1375:
1369:
1367:
1355:
1349:
1335:
1331:
1325:
1323:
1316:
1311:
1297:
1291:
1277:
1276:www.wi-fi.org
1273:
1267:
1253:
1252:www.wi-fi.org
1249:
1243:
1241:
1226:
1225:www.wi-fi.org
1222:
1216:
1208:
1202:
1194:
1187:
1185:
1183:
1174:
1167:
1159:
1152:
1144:
1137:
1129:
1122:
1108:
1104:
1098:
1084:
1078:
1074:
1070:
1066:
1059:
1052:
1038:
1031:
1024:
1016:
1012:
1008:
1002:
998:
994:
990:
986:
979:
972:. 2008-11-06.
971:
967:
961:
945:
941:
934:
926:
919:
911:
905:
901:
894:
886:
879:
865:
864:www.wi-fi.org
861:
855:
853:
838:on 2010-03-18
837:
833:
829:
823:
819:
811:
802:
793:
789:
787:
781:
771:
769:
765:
761:
756:
752:
748:
744:
734:
732:
722:
720:
716:
710:
707:
704:key (work by
703:
699:
689:
685:
681:
679:
675:
665:
661:
659:
655:
649:
647:
644:to AES-based
643:
639:
635:
631:
627:
623:
619:
615:
611:
607:
597:
595:
591:
581:
579:
576:attacks (see
573:
571:
566:
564:
560:
556:
549:Weak password
541:
539:
535:
531:
526:
519:
516:
513:
510:
507:
504:
501:
498:
495:
492:
489:
486:
483:
480:
479:
478:
475:
473:
469:
465:
452:
448:
444:
440:
436:
432:
428:
425:
421:
417:
414:
411:
407:
404:
401:
400:
394:
392:
388:
383:
373:
371:
367:
363:
359:
355:
352:
348:
344:
340:
336:
332:
328:
313:
304:
301:
299:
289:
287:
282:
280:
276:
272:
268:
264:
259:
257:
253:
249:
245:
241:
237:
233:
229:
224:
215:
208:
205:
202:
199:
198:
197:
194:
192:
188:
183:
181:
177:
171:
161:
159:
155:
150:
149:
144:
140:
136:
132:
127:
125:
120:
118:
114:
110:
106:
102:
92:
78:
75:
72:
70:
64:
62:
58:
54:
50:
46:
42:
38:
34:
30:
19:
3718:
3514:
3490:
3456:
3405:
3350:
3114:
3087:
3060:
2354:
2340:the original
2317:
2295:. Retrieved
2285:
2276:
2270:
2261:
2241:. Retrieved
2237:
2227:
2215:. Retrieved
2210:
2201:
2189:. Retrieved
2185:
2176:
2167:
2154:
2142:. Retrieved
2138:
2128:
2116:. Retrieved
2112:the original
2107:
2098:
2084:
2073:. Retrieved
2069:the original
2055:
2043:. Retrieved
2033:
2021:. Retrieved
2017:
2008:
1996:. Retrieved
1992:
1983:
1965:
1930:
1917:
1890:
1884:
1873:. Retrieved
1861:
1850:. Retrieved
1838:
1803:
1776:. Retrieved
1766:
1755:. Retrieved
1753:. 2014-03-20
1750:
1741:
1730:. Retrieved
1720:
1709:. Retrieved
1705:the original
1700:
1691:
1680:. Retrieved
1669:ScienceDaily
1668:
1657:
1646:. Retrieved
1636:
1624:. Retrieved
1620:
1608:
1599:
1590:
1579:. Retrieved
1575:the original
1570:
1561:
1550:. Retrieved
1546:the original
1541:
1532:
1518:
1509:
1503:
1492:. Retrieved
1482:
1471:. Retrieved
1468:SA Main Site
1467:
1458:
1448:
1444:
1433:. Retrieved
1429:the original
1419:
1402:
1394:
1388:. Retrieved
1384:the original
1377:
1348:
1337:. Retrieved
1333:
1310:
1299:. Retrieved
1290:
1279:. Retrieved
1275:
1266:
1255:. Retrieved
1251:
1228:. Retrieved
1224:
1215:
1201:
1172:
1166:
1157:
1151:
1142:
1136:
1127:
1121:
1110:. Retrieved
1097:
1086:. Retrieved
1064:
1051:
1040:. Retrieved
1023:
988:
978:
970:Ars Technica
969:
960:
948:. Retrieved
943:
933:
924:
918:
899:
893:
884:
878:
867:. Retrieved
863:
840:. Retrieved
836:the original
822:
808:
799:
790:
783:
774:KRACK attack
747:access point
740:
728:
711:
695:
686:
682:
671:
662:
650:
638:Access Point
610:port scanner
603:
587:
574:
567:
552:
527:
523:
520:(April 2009)
514:(April 2009)
508:(April 2005)
476:
461:
446:
442:
379:
326:
324:
321:WPA-Personal
310:
302:
295:
286:IEEE 802.11w
283:
271:IEEE 802.11s
260:
225:
221:
212:
195:
184:
173:
153:
146:
128:
121:
105:IEEE 802.11i
98:
89:
76:
73:
71:) standard.
65:
52:
48:
44:
40:
36:
32:
31:
29:
3760:IEEE 802.11
3291:legacy mode
1993:Kb.cert.org
1621:Aradial.com
950:26 February
805:FragAttacks
796:Dragonblood
345:of 8 to 63
339:hexadecimal
3744:Categories
3669:Superseded
2740:802 series
2297:2024-01-01
2243:2018-02-06
2217:16 October
2191:16 October
2170:: 673–688.
2144:16 October
2139:Defcon.org
2118:16 October
2075:2012-08-03
2045:31 January
2023:31 January
1998:16 October
1875:2010-11-15
1852:2010-11-15
1778:2014-05-16
1757:2014-05-16
1732:2014-04-30
1711:2014-04-30
1682:2014-04-30
1648:2019-01-02
1626:16 October
1581:2011-01-20
1552:2011-03-12
1494:2011-12-24
1473:2022-02-06
1435:2010-03-01
1390:2008-08-15
1339:2018-06-26
1301:2018-06-27
1281:2018-06-26
1257:2020-06-20
1230:2020-06-20
1112:2013-02-28
1088:2019-12-11
1042:2010-05-15
869:2018-01-09
842:2010-01-10
814:References
622:JavaScript
538:FreeRADIUS
343:passphrase
3544:Bluetooth
2359:is being
2018:wi-fi.org
946:: 423–432
426:Protocol)
3719:See also
3676:754-1985
3633:Proposed
2977:Ethernet
2463:Revision
2389:Archived
2352:template
1751:Phys.org
755:MediaTek
698:MS-CHAPv
614:WPA-TKIP
606:WPA-TKIP
518:EAP-FAST
502:PEAP-TLS
488:EAP-TTLS
447:AES-CCMP
420:CTR mode
252:CCM mode
244:CCMP-128
232:GCM mode
158:spoofing
81:Versions
3660:P1906.1
3521:Wi-Fi 8
3497:Wi-Fi 7
3463:Wi-Fi 6
3412:Wi-Fi 5
3357:Wi-Fi 4
2436:Current
2238:PCWorld
1957:3619463
1830:7639081
764:OpenWrt
760:Hostapd
725:Hole196
715:Android
634:802.11e
512:EAP-AKA
506:EAP-SIM
482:EAP-TLS
424:CBC-MAC
360:as the
327:WPA-PSK
248:AES-128
236:SHA-384
228:AES-256
154:Michael
63:(WEP).
47:), and
3564:Zigbee
3532:802.15
3272:802.11
2510:1149.1
2371:Curlie
2365:
2356:Curlie
2332:
1955:
1945:
1905:
1828:
1818:
1079:
1013:
1003:
906:
387:RADIUS
382:802.1X
351:PBKDF2
3655:P1823
3650:P1699
3645:P1619
3640:P1363
3422:WiGig
3286:-1997
3277:Wi-Fi
2986:-1983
2972:802.3
2854:802.1
2730:42010
2725:29148
2720:16326
2715:16085
2710:14764
2705:12207
2700:11073
2367:Wi-Fi
2350:‹The
2343:(PDF)
2322:(PDF)
2164:(PDF)
1975:(PDF)
1953:S2CID
1927:(PDF)
1870:(PDF)
1847:(PDF)
1826:S2CID
1800:(PDF)
1411:(PDF)
1357:(PDF)
1334:Wired
1061:(PDF)
1033:(PDF)
1015:66466
1011:S2CID
786:KRACK
780:KRACK
422:with
234:with
178:, an
3706:1471
3701:1364
3696:1362
3691:1233
3686:1219
2956:LACP
2695:2050
2690:2030
2685:1905
2680:1904
2675:1902
2670:1901
2665:1900
2660:1855
2655:1850
2650:1849
2645:1815
2640:1801
2635:1800
2630:1733
2625:1722
2620:1685
2615:1675
2610:1667
2605:1666
2600:1619
2595:1613
2590:1603
2585:1596
2580:1588
2575:1584
2570:1547
2565:1541
2560:1516
2555:1497
2550:1451
2545:1394
2540:1355
2535:1284
2530:1278
2525:1275
2520:1164
2515:1154
2505:1076
2500:1016
2495:1014
2490:1003
2330:ISBN
2219:2017
2193:2017
2146:2017
2120:2017
2047:2024
2025:2024
2000:2017
1943:ISBN
1903:ISBN
1816:ISBN
1628:2017
1077:ISBN
1037:NIST
1001:ISBN
952:2017
904:ISBN
768:LEDE
751:Asus
719:MiTM
646:CCMP
642:TKIP
532:and
494:PEAP
445:and
416:CCMP
408:The
403:TKIP
370:SHA1
366:HMAC
362:salt
358:SSID
256:TKIP
240:HMAC
218:WPA3
191:CCMP
176:CCMP
164:WPA2
148:TKIP
53:WPA3
45:WPA2
18:WPA3
3681:830
3605:.4z
3600:.4g
3595:.4f
3590:.4e
3585:.4d
3580:.4c
3575:.4b
3570:.4a
2897:Qbb
2892:Qaz
2887:Qay
2882:Qat
2877:Qav
2844:.24
2839:.22
2834:.21
2829:.20
2824:.18
2819:.17
2807:.16
2802:.14
2797:.12
2792:.10
2749:802
2485:896
2480:829
2475:828
2470:854
2458:754
2453:730
2448:693
2443:488
2369:at
1935:doi
1895:doi
1808:doi
1673:doi
1069:doi
993:doi
766:or
702:DES
678:PIN
626:ARP
580:).
443:AES
439:RC4
410:RC4
335:key
298:WEP
250:in
238:as
230:in
187:AES
180:AES
111:on
101:WEP
95:WPA
86:WEP
39:),
37:WPA
3746::
3620:.7
3615:.6
3610:.5
3560:.4
3555:.3
3550:.2
3540:.1
3516:bn
3511:bk
3508:bi
3505:bh
3502:bf
3492:be
3487:bd
3484:bc
3480:bb
3476:ba
3473:az
3469:ay
3458:ax
3453:aq
3450:ak
3446:aj
3441:ai
3436:ah
3431:af
3427:ae
3418:ad
3407:ac
3402:aa
3262:df
3257:de
3252:dd
3247:db
3242:da
3237:cz
3232:cy
3227:cx
3222:cw
3217:cv
3212:cu
3207:ct
3202:cs
3197:cr
3192:cq
3187:cp
3182:cn
3177:cm
3172:ck
3167:ch
3162:cg
3157:ce
3152:cd
3147:cc
3142:cb
3137:ca
3132:bz
3127:by
3122:bu
3116:bt
3110:ba
3105:az
3100:av
3095:au
3089:at
3083:aq
3078:an
3073:ak
3068:ah
3062:af
3056:ae
3051:ad
3046:ac
3041:ab
2962:BA
2952:AX
2947:AS
2942:aq
2937:ak
2932:ah
2927:ag
2922:AE
2917:ad
2912:AB
2787:.9
2782:.8
2777:.7
2772:.6
2767:.5
2762:.4
2757:.2
2363:.›
2324:.
2252:^
2236:.
2209:.
2184:.
2166:.
2137:.
2106:.
2063:.
2016:.
1991:.
1951:.
1941:.
1929:.
1901:.
1824:.
1814:.
1802:.
1787:^
1749:.
1699:.
1671:.
1667:.
1619:.
1615:.
1598:.
1569:.
1540:.
1466:.
1393:.
1376:.
1365:^
1332:.
1321:^
1274:.
1250:.
1239:^
1223:.
1181:^
1105:.
1075:.
1063:.
1035:.
1009:.
999:.
987:.
968:.
942:.
862:.
851:^
830:.
680:.
648:.
466:-
160:.
3566:)
3562:(
3546:)
3542:(
3523:)
3519:(
3499:)
3495:(
3465:)
3461:(
3424:)
3420:(
3414:)
3410:(
3398:z
3393:y
3388:w
3383:v
3378:u
3373:s
3368:r
3363:p
3359:)
3355:(
3352:n
3346:k
3341:j
3336:i
3331:h
3326:g
3321:f
3316:e
3311:d
3306:c
3301:b
3296:a
3279:)
3275:(
3036:z
3031:y
3026:x
3021:u
3016:j
3011:i
3006:e
3001:d
2996:b
2991:a
2979:)
2975:(
2958:)
2954:(
2907:X
2902:w
2872:Q
2867:p
2862:D
2421:e
2414:t
2407:v
2300:.
2246:.
2221:.
2195:.
2148:.
2122:.
2078:.
2049:.
2027:.
2002:.
1977:.
1959:.
1937::
1911:.
1897::
1878:.
1855:.
1832:.
1810::
1781:.
1760:.
1735:.
1714:.
1685:.
1675::
1651:.
1630:.
1602:.
1584:.
1555:.
1526:.
1497:.
1476:.
1438:.
1342:.
1304:.
1284:.
1260:.
1233:.
1115:.
1091:.
1071::
1045:.
1017:.
995::
954:.
912:.
872:.
845:.
418:(
368:-
329:(
246:(
51:(
43:(
35:(
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.