• +64 21311943
  • jeet.kulkarni@outlook.com
  • Auckland, New Zealand

A Chunk of CWSP! (Work in Progress)

Topics covered below are not in a great deal but should get the important aspects required. The below content cover 45% of the exam syllabus for CWSP-206 which means around 25-27 questions approx.

  1.  Select and implement appropriate authentication solutions
  •  WPA/WPA2-Personal (Pre-Shared Key) 
  • Introduced in 802.11-2012 after the vulnerabilities discovered for WEP.
  • WPA/WPA2 are pretty much the same except for WPA2 using better encryption.
  • WPA2 is the preferred authentication method as it uses CCMP/AES encryption mechanisms.
  • WPA/WPA2 have the presence of 4 unicast frames used in 4-way handshake.
  • Authentication occurs during the 4-way handshake process via the pre-shared key. If the key on AP and Client STA fail to match, the authentication fails.
  •  WPA/WPA2-Enterprise 
  • Three primary authentication components – Radius, IEEE 802.1X & EAP (Extensible Authentication Protocol).
  • Radius Server allows centralised authentication. Microsoft NPS, Cisco ISE are some of the forms of typical radius servers in use.
  • IEEE 802.1X standard defines port-based access control. The components are – The supplicant (Client STA), The Authentication Server (The Radius server) & Authenticator (AP STA).
  •  WPA3-SAE and 192-Bit enterprise security 
  • The intention of standardising the mesh networking of 802.11 WANs was part of 802.11-2012 (802.11s) standard but did not succeed for vendor competitive reasons. Also known as HWMP (Hybrid Wireless Mesh Protocol), the mesh portals and AP can dynamically determine best path selection for traffic flow through the meshed WLAN. Although SAE was not implemented for mesh networks, the Wi-Fi Alliance views as more secure replacement for PSK authentication.
  • SAE (Simultaneous Authentication of Equals), uses Dragonfly key exchange with Forward Secrecy feature. It is a patent-free technology in which the client/user has prove the knowledge of the password without having to reveal a password.
  • SAE does not send the passphrase between 802.11 stations during the key exchange. The process consists of commitment message exchange and confirmation message exchange.
  • The security modes supported by WPA3 Personal is 128-bit SAE, WPA3 Enterprise is 192 bit SAE.
  • WPA3 mandates the use of PMF (Protected Management Frames).
  •  802.1X/EAP 
  • EAP over LAN (EAPOL) packets are used across the medium between client STA & the AP controller, Encapsulated EAP over Radius is used between AP/WLAN controller and the Radius Server.
  • EAP is L2 protocol used by 802.3 & 802.11 networks.
  • Access to the network is managed via controlled & uncontrolled port.
  • The most secure methods of authentication use ‘mutual authentication’. Most EAP protocols use server-side certificate for completing the user authentication.
  •  EAP methods
DeveloperIEEE RFC 5216Juniper (Certicom & Funk Software)Cisco/MicrosoftCiscoIETF RFC 4186Cisco
Server Side CertificateRequiredRequiredRequiredUses PACsn/aUses Tokens
Client Side CertificateRequiredNoNoNoNoNo
Wi-Fi SecurityVery HighHighHighHighHighHigh
Deployment LevelDifficult (Need of PKI)ModerateEasierEasierMobile networks onlyModerate
  1. Select and implement appropriate encryption solutions
  •  Encryption methods and concepts (CWSP exam no longer tests on frame overhead knowledge of WEP, TKIP and CCMP).
  •  TKIP/RC4 
  • Developed by Wi-Fi alliance to combat WEP dictionary attacks.
  • TKIP uses 128-bit temporal key, plus a 48-bit TKIP sequence counter, along with transmit address (TA).
  • Michael (MIC) is the name of the integrity algorithm used with TKIP that enhances the legacy ICV mechanism. MIC is meant to improve integrity protection while remaining backwards compatible.
  • TKIP is deprecated encryption method, and apart from security concerns, it can slow down the network to 54Mbps.
  •  CCMP/AES 
  • CCMP is based on CCM of the AES encryption algorithm.
  • WPA2 requires the use of CCMP/AES encryption, older legacy devices will not support this and have to be upgraded.
  • CCMP starts with 128 bit temporal key which can either be PTK or GTK used to encrypt the broadcast/multicast traffic.
  • The 48-bit packet number is much like TKIP sequence number.
  •  SAE and 192-bit security 
  • SAE is a variant of Dragonfly Key Exchange defined in RFC 7664 based on Diffie Hellman key change.
  • WPA3 capabilities include WPA-3 Personal & WPA3 Enterprise.
  • WPA3 Personal leverages SAE, a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties.
  • WPA3 Enterprise offers 192-bit cryptographic strength, providing additional protections for network transmitting sensitive data.
  •  OWE (Opportunistic Wireless Encryption)
  • Improved security feature for open wireless network, OWE provides a way for devices to connect to open Wi-Fi networks with an encryption session.
  • Currently only Cisco & Aruba solutions support OWE on their latest firmware.
  • OWE performs and unauthenticated Diffie-Hellman at association time, it may not be fully secure but still between than shared/public hotspot/PSK in a public place like a coffee shop.
  1.  Select and implement wireless monitoring solutions
  • Wireless Intrusion Prevention System (WIPS) – overlay and integrated 
  • Rouge Detection, Classification, Mitigation/Containment.
  •  Laptop-based monitoring with protocol and spectrum analysers (Covered in CWAP blogs)
  1. Understand and explain 802.11 Authentication and Key Management (AKM) components and processes
  • Basic Terminology
    • RSN – Robust Security Network. RSN can be identified by the identification of RSN-IE element in the Beacon frames.
    • RSNA – Robust Security Network Association – used by a pair of STA which use 4-way handshake for auth/association.
    • Pre-RSNA – WEP, pre 802.11i
    • TSN – Transition Security Network – Transitioning network allows configuration of pre-RSNA+RSNA in the same environment.
    •  MSK – Master Session Key – 64 Octets in length, used between EAP client and authentication server.
    • PMK – Pairwise Master Key – The highest key order, derived from key generated by EAP method or may be obtained by PSK.
    • PTK – Pairwise Transient Key = PMK + AA (authenticator address) + SPA (supplicant  address) + Anonce + Snonce using a pseudo-random function (PRF). PTK is split up into as many as 5 keys – Temporal encryption key, two temporal message integrity code (MIC) keys, Eapol-key encryption key and Eapol-key confirmation key.
    • GMK – Group Master Key – Axillary key used to derive GTK.
    • GTK – Random value, assigned by the broadcast/multicast source, which is used to protect MPDUs from the source.

• Encryption keys and key hierarchies 

  • Key Hierarchies
    • The 802.11-2012 standard specifies RSN key hierarchy for authentication and dynamic encryption keys. The is often referred to as AKM (authentication key management). The process works from top down, starting with either a paraphrase, PSK or MSK.
    • Master 
IS derived from 802.1X/EAP 
authentication or is the 
equivalent Of the passphrase 
Authenticator uses 
separate derivation 
process to produce the 
Pairwise Master 
aster Key Key (PMK) 
Temporal Keys 
Highest order 802.11 key. Derived 
from MSK (802.1X) or PSK 
Derived from PMK. Composed 
Group Temporal 
Key (GTK) 
of encryption keys. 
Pairwise Transient 
Key (PTK) 
Encryption Keys 
Encryption and MIC keys 
Key Encryption Key (KEK) 
Key Confirmation Key (KCK) 
Figure 5-4: 
Temporal MIC Keys 
Temporal Encryption Key (TEK) 
802.11 AICM Key Hieramhy
    • PSK is 256bits in length or 64 characters when expressed in hex. The static key is configured on AP/WLAN controller. Remembering and entering a 64-bit PSK can be tedious at times. The way around it is to configure a short ASCII password or paraphrases, which is 8 to 63 character string entered into the client software utility (laptop/mobile device) and the AP. The passphrase must match at both the ends.
    • The whole point of the passphrase-PSK mapping formula is to simplify the configuration for the average end-user. Most people can remember the 8-character password as opposed to 256-bit PSK
  • Encryption Terminologies
    • Encryption Algorithm  – Mathematical procedures used to obscure information so it appears meaningless. AES, RC4, RC5, RC6 are some of the examples.
    • Hash Function/Algorithm – Procedure which takes an arbitrary block of data and returns a fixed size bit string.
    • Cipher Suite – Named combination of authentication, encryption and the message authentication code use to negotiate security settings for a network connection.
    • Stream cipher – Symmetric key cipher where plaintext bits are combined with a keystream typically by an xor operation.
      • 802.11 WAN uses RC4 stream cipher with WEP/TKIP.
    • Block cipher – Symmetric key cipher operating on fixed length group of bits called blocks.
      • Block cipher specify the size of the block to be encrypted and CCMP/AES uses 128-bit block.
    • Symmetric Key Encryption – Class of algorithms for cryptography that use trivially related, often identical cryptographic keys for decryption and encryption.
      • Static/Dynamic key implementations
      • The actual encryption keys are never transmitted over the Wi-Fi medium. Instead anonce/snonce and other required information is transmitted and then each participating device generates the keys. This adds additional layer of security.
    • Asymmetric Encryption – Class of algorithms using separate key pairs for encryption and decryption.
      • Also known as public key cryptography
      • The public key is distributed whereas the private key is kept by one entity alone.
  • 4-way handshake
    • Final process used to generate PTK for encryption of unicast transmissions and a GTK for broadcast/multicast transmissions.
    • Uses 4 EAPOL-key frame messages between authenticator and the supplicant for 6 major purposes.
      • Confirm the existence of PMK at the peer station.
      • Ensure that the PMK is current
      • Derive new PTK from PMK
      • Install PTK on the supplicant and the authenticator
      • Transfer the GTK from the authenticator to the supplicant and install GTK on the supplicant and authenticator if necessary.
      • Confirm the selection of the cipher suits.
    • AP ~ Authenticator, Client – Supplicant
    • M1 – AP >> sends EAPOL-Key frame containing “Anonce” for PTK. Client STA will use this to generate “Snonce” and derive PTK.
    • M2 – Client >> sends EAPOL-Key frame containing “Snonce + RSNE + MIC”. The supplicant derives a PTK. The MIC will be set to bit 1 and will be confirmed by the AP. The RSN element will be visible in this message.
    • M3 – The AP >> sends the EAPOL-Key frame and derives the PTK. The MIC is verified and GTK is sent in M3.
    • M4 – The client >> sends the last EAPOL-Key frame to the AP. It notifies the AP if the temporal keys will be installed and the secure bit will be sent.
  • Group Key Handshake
    • 2 frame handshake used to distribute new GTK to client stations that have already obtained a PTK and GTK in a previous 4-Way Handshake exchange.

3.2 Implement or recommend appropriate wired security configurations to support the WLAN

3.2.1 Physical port security in Ethernet switches 

3.2.2 Network segmentation, VLANs, and layered security solutions 

3.2.3 Tunnelling protocols and connections 

3.2.4 Access Control Lists (ACLs) 

3.2.5 Firewalls 

  1.  Implement authentication and security services 

3.3.1 Role-Based Access Control (RBAC) 

3.3.2 Certificate Authorities (CAs) 

3.3.3 AAA Servers 

3.3.4 Client onboarding 

3.3.5 Network Access Control (NAC) 

3.3.6 BYOD and MDM 

3.4 Implement secure transitioning (roaming) solutions

3.4.1 802.11r Fast BSS Transition (FT) 

3.4.2 Opportunistic Key Caching (OKC) 

3.4.3 Pre-Shared Key (PSK) – standard and per-user 

3.5 Secure public access and/or open networks

3.5.1 Guest access 

3.5.2 Peer-to-peer connectivity 

3.5.3 Captive portals 

3.5.4 Hotspot 2.0/Passpoint 

3.6 Implement preventative measures required for common vulnerabilities associated with wireless infrastructure devices and avoid weak security solutions

3.6.1 Weak/default passwords 

3.6.2 Misconfiguration 

3.6.3 Firmware/software updates 

3.6.4 HTTP-based administration interface access 

3.6.5 Telnet-based administration interface access 

3.6.6 Older SNMP protocols such as SNMPv1 and SNMPv2 

Leave a Reply

Your email address will not be published.