Running head: ENCRYPTION TYPES & WIRELESS SECURITY CRACKING 1

Encryption Types & Wireless Security Cracking

Student Name

Institutional Affiliation

Class Name & ID

Instructor’s name

Date: July 24, 2016

Encryption Types & Wireless Security Cracking 2

Encryption Types & Wireless Security Cracking

Whenever a wireless security is taken into consideration, it means to protect and

prevent the computers from unauthorized use and access for the purpose of saving data and

information. There is a greater probability of insecurity in wireless networks, so for this

purpose various protocols are developed that will help in providing security for the wireless

networks (Lashkari, Danesh, & Samadi, 2009). There are continuous various up grades in the

Wi-Fi algorithms for keeping an extensive security system, in late 1990s. During this process,

the older algorithms were depreciated and the new algorithms were developed and upgraded

to provide greater security to the data and information. Now the manufacturers try to make

these algorithms simpler so that end users can use Wi-Fi with greater ease and to have simple

networking solutions. “The purpose of this essay is to discuss different types of encryption

methods of wireless including WEP, WPA, and WPA2, and how these types of encryption

methods can be decrypted by the hackers”.

The out-of-the-box configuration is one of the easiest way of wireless networking but

this approach is not highly secured. Hence, there are various developments and progress in

the wireless network technology but still the wired network technology is considered more

secure and reliable. As far as the wired networks are concerned, a data is sent between two

points A and B and both these points are connected through the wired networks. On the other

hand, wireless network transfers data from various devices to various directions, within a

limited range. There are various types of network protocols and these types include Wired

Equivalent privacy (WEP), Wi-Fi Protected Access (WPA) and WPA2 (Bulbul, Batmaz, &

Ozel, 2008). All these network protocols have different strengths and weakness and these

security protocols not only helps in protecting the network to get connected to the uninvited

guests but it also helps in the encryption of wireless security for the purpose of avoiding to an

unauthorized access to the wireless networks. The encryption supports the transmitting data
Encryption Types & Wireless Security Cracking 3

over the airwaves by increasing vulnerabilities and computer power by reducing the older

risks to the wireless networks. The essay will highlight in detail the processing of these

network security protocols (Potlapally, Ravi, Raghunathan, & Lakshminarayana, 2002).

As far as the working of WEP is concerned, it is the most commonly and most widely

used security algorithm for the wireless networks these days. As in the current era the most

common features for a security protocol is to provide backup compatibility and also it is

required and demanded by customers that encryption should appear first in the selection

menu and there will be different router control panels in the encryption provided for the

security of wireless networks. At the time of development of WEP, the first version is not that

much strong and reliable in providing security to the wireless network, later it was up graded

and more features were added to make it strong and reliable. The main reason behind the

weakness of first version of WEP is that the government of United States has put certain

restrictions on exporting the cryptographic technologies and such a restriction has led the

manufacturers to put a limit on the number of bytes used in encryption, so it has limited to 64

bit only. Later, when the government has lifted a restriction on the export of encrypted

technologies the encryption limit was increased to 128 bits (Kumkar, Tiwari, Tiwari, Gupta,

& Shrawne, 2012). Although further improvement and upgrading in such technologies has

led to the innovation of 256 bit WEP technologies but still the 128 bit technology is more

popular and is commonly used.

It has been proposed and researched that WEP is the weakest security system for

networking security protocols and it is not considered the most reliable source for encrypting

data for various reasons. The first reason is that password set by WEP can easily be cracked

within no time limit and any one can access the data illegally. Moreover, there are various

software tools introduced by the hackers that are used for cracking password just with a

simple use of laptop and the original encryption protocol is easily assessed so that data and
Encryption Types & Wireless Security Cracking 4

information can be easily hacked. Furthermore, it can be seen from the name of WEP that it

is developed with an aim of providing the same security as that of a wired network but it

consisted of various security loopholes including difficult and time consuming configuration,

as well as these encryptions are easily to break and there are certain security drawbacks that

reduce the reliability and functioning of this security protocol. Besides this WEP is

considered as an outdated encryption system having standards of 1999, and is failed to meet

the standards of Wi-Fi Protected Access and WPA (Potlapally et al., 2002). The foremost

important alternative of WEP is the existence of WPA. It is considered the most reliable and

authentic source in increasing the security of wireless networking. WPA is introduced as an

interim security enhancement system through which there were great developments in the

802.11i security system for wireless networks. Moreover the WAP is considered the most

secure network protocol because it also integrates a pre shared key (PSK) for enhancing the

encryption functions as well as it also uses various other keys such as TKIP (Temporal Key

Integrity Protocol) which is also known as a WPA personal. The certificates or keys are

generated through an authentication server used by WPA enterprises (Mavridis, Androulakis,

Halkias, & Mylonas, 2011).

WPA has direct responses and replacements to a greater number of vulnerabilities

generated by WEP weaknesses and standards defined by WEP protocols. The WPA is

adopted and introduced officially in 2003 just after the WEP standards are highly outdated

and they were no longer able to provide security to the wireless networks. The pre shared key

for WPA configuration uses 256 bits, and it is an increased encryption bits used as compared

to the 64 bit and 128 bit used in the WEP standards earlier. The development and

introduction of WPA standards has enabled various changes and a greater effectiveness in the

security of network protocols, such as these changes include message integrity check which

enables the wireless network to determine easily and proactively if there are any altered
Encryption Types & Wireless Security Cracking 5

packets between client and access point deliberately created by the hacker. Furthermore, the

integration of temporal key integrity protocol enables the security protocol to implement a

per packet keys system through which there is a fixed greater security for the wireless

network as compared to the WEP systems. This system was later adopted by the Advanced

Encryption Standards for its fixed security being provided to the network protocols. Although

there were greater improvement in the security system of network protocols with a

development of WPA but still WEP has a strong control and hold on the market which has

subsequently reduced the market and demand of WPA systems (Ugus, Westhoff, Laue,

Shoufan, & Huss, 2009).

TKIP is considered as a significant component of the WPA systems and it has been

revealed that because of the integration of this key, there are various upgrades and the WPA

system can be easily rolled out on the devices that are currently using WEP systems for the

network security (Lashkari, Towhidi, & Hosseini, 2009). Furthermore, it was also seen that

TKIP uses the several elements of WEP which were later recycled but these elements were

also exploited hence reducing the effectiveness and efficiency of TKIP and ultimately the

efficiency of WPA systems. A greater similarity between WEP and WPA is that both these

systems are highly vulnerable to the intrusion due to applied public demonstrations and due

to the proof-of-concept. Although the WPA system had a greater decline but this system is

not breached because of having a direct attack on its algorithm but it was breached by

attacking on its supplementary systems because these systems help the devices to have an

easy link to the modern access points (Ugus et al., 2009).

Hence it has been proved that WPA systems are defined and developed in order to

address the risk and weaknesses of the WEP systems and to ensure that wireless networks

have greater security which was not possible by the implementation of WEP systems. Hence,

it can also be seen that the development of WPA systems is considered as an intermediate
Encryption Types & Wireless Security Cracking 6

step for anticipating a need of highly complex and secure systems. However, with an

integration of extensive features there are greater flaws in the security system and these flaws

include that these systems can be easily broken and bypassed and if these systems are

implemented without proper setup they are highly ineffective to the security vulnerability.

The WPA system can be implemented for the purpose of network security by using firmware

upgrades as well as these systems are also implemented through wireless network interface

cards that were previously designed for WEP systems. The highest standards implemented by

WPA systems are IEEE 802.11i and these standards help to prevent from the various attacks

affecting the performance of wireless networks. The message integrity check in WPA

systems helps to prevent resending and altering of data through which the cyclic redundancy

check was replaced that was earlier used by WEP systems.

Hence WPA systems have strong algorithms but certain flaws in the system increase its

vulnerability towards the loss of data by hackers and also creates difficulty in retrieving the

key stream from short packets of data. WPA2 is also known as the encryption system that can

provide the security system to the wireless system. Through encryption system it is easy for

the users to secure their information and data form hackers. Through encryption only the

authorized users can get access to the confidential information and data of the users. It is

stated that there are two types of wireless hacking used by the hackers the one way is to sniff

the network and after sniffing monitor what is going through in the network system. WPA2

that is also known as the WPA version 2 is a security protocol which is developed through

more advanced encryption. This is more resistant to attacks and more efficient as compared

to WPA. Since last three, it has been made mandatory that that all WiFi devices must support

WPA2 protocol. WPA has been pushed by WPA2 and WPA is now phased out of

competition. WPA/WPA2 Enterprise is another form of WPA2 protocol. It is only used by

the large IT departments and the sophisticated companies because it is difficult to be

Encryption Types & Wireless Security Cracking 7

administered as compared to the WPA2. One should consider replacing the router at home if

the older one does not support the WPA2 protocol because internet security is at vulnerable

without it. Similarly, the personal computers as well as the laptops, and the other devices that

are connected to the WiFi routers must be upgraded as well. WPA2 as well as WPA offers

better security infrastructure as compared to the WEP.

WPA and WPA2 security modules are provided in the routers that are domestically used and

they provide them with superior security. However, in case of public WiFi, these security

modules are not present due to which they are not as secure as the WPA or WPA2. In most of

the cases, the security modules are not even present for securing the communication. The

information regarding such security infrastructure is provided in the license agreement but

such agreements are often ignored by the users. The customers press “I agree” hurriedly and

suffer the loss of information or breach or privacy. The information on such networks can

easily be protected through utilizing the facility of VPNs or Virtual Private Networks.

Through using the VPNs, the data that is transferred from one laptop to the other is

encrypted. The corporate communications in most of the companies is protected and the

communications are secured through the use of virtual private networks. This facility is also

available at the small scale to the individuals, business travelers and the small- and medium-

sized organizations.

WPA is introduced as an interim security enhancement system through which there

were great developments in the 802.11i security system for wireless networks. There are

many types of malware like Trojan, worm, spyware and virus that harm the confidential data

of the users. The techniques are discussed through which the users can protect their

information from hacking. When the users can click on the web page the Trojan can attack on

the system and hack private data. The user should apply the encryption on the data to secure
Encryption Types & Wireless Security Cracking 8

it. For the security purpose, the private key of the computer that used for the encryption file

system must be removed when the computer is not in use (Nichols & Lekkas, 2002). To

protect the data from the hacker who physically obtain the computer and try to access the

private and confidential information. To store the data in my document folder as by default

to protect your data because my document folder encrypted by all users. Implement the

recovery system on the computer to make sure that the encrypted files can be recovered by

using the recovery key.

Nowadays the companies are facing threats of malware through which the hacker can

easily get access to the system and steal their confidential data. The organization should

apply the firewall system ion their system’s window. The companies nowadays should hire

the people in IT department which can ability to apply the different techniques in the system

to make it secure. The system should contain the password so only the authorized users can

get access to data (Karlof, Sastry, & Wagner, 2004). The system in the organization should

be password protected and encrypted so only the authorized user can access it. Moreover the

WAP is considered the most secure network protocol because it also integrates a pre shared

key (PSK) for enhancing the encryption functions as well as it also uses various other keys

such as TKIP (Temporal Key Integrity Protocol) which is also known as a WPA personal.

The second way for hacking is to use the tools to hack WEP/WPA1 and WPA2. There are

many tools available that is used to crack eth wireless passwords and network

troubleshooting.

Air crack: it is said that the air crack is known as the most popular and most rated hacking

tool that is used to crack the password of the wireless. It is used for 8.02.11a/b/g WEP and

WPA cracking. In this the hackers can uses the best algorithm that can easily recover the

password through packets. After collecting the packets it can easily recover the password
Encryption Types & Wireless Security Cracking 9

through these packets. The companies provide the online tutorial through which the hackers

can easily learned how to use this tool to recover the passwords.

Air snort: Air snort is also known as the popular tool that is used to decrypting the WEP

encryption on Wi-Fi 802.11b network. This tool is used on windows and Linux as well. The

working of Air snort is also based on collecting packets it works by computing g the

encryption keys and by passively monitoring transmission (Baek, Tan, Zhou, & Wong,

2008).

Cain and able: this is also a popular tool that is used for cracking password of wireless

system. With the help of this tool the hackers can easily intercept the traffic of network and

then by brute forcing it can discover the passwords. It can use cryptanalysis attack methods to

discover password.

Kismet: kismet is known as the Wi-Fi 802.11 a/b/g/n/ layer 2 the sniffer and IDS of the

network system. It can works with the help of the Wi-Fi card which can easily support the

Rfmon mode. To identify the packets it can works passively on the system to recover the

password. Client/Server architecture model is used in this tool (Lin, Chung, Chen, Song, &

Wang, 2008).

Net stumbler: Through this net stumble the hackers can easily find the open wireless access

point. There is also a small version of this tool and that is known as ministumbler.

InSSIDer: this tool is used to detect the Wi-Fi of OS X operating and Microsoft systems.

This tool can easily perform the different task and can easily find the access point of Wi-Fi.

Wireshark: wireshark is used by the hacker’s through this tool the hackers can easily identify

different activities perform in the wireless system (Geng, Rong, Veigner, Wang, & Cheng,

2006).

CoWPAtty: It is an automated dictionary that runs of Linux. It is an attack tool for WPA-

PSK. It operates through command lines interface. It attacks the word-list in which the
Encryption Types & Wireless Security Cracking 10

password is present. This tool is not efficient but it is very easy to be used. It is because SHA

1 is used by the hash along with a seed of SSID. There will be a different SSIM for the same

password. Therefore the rainbow table will not be used through all the access points. Hack

against each of the word is provided through the use of password dictionary using the SSID

It is concluded for the above discussion that the encryption supports the transmitting

data over the airwaves by increasing vulnerabilities and computer power by reducing the

older risks to the wireless networks. The essay will highlight in detail the processing of these

network security protocols. To store the data in my document folder as by default to protect

your data because my document folder encrypted by all users. Implement the recovery system

on the computer to make sure that the encrypted files can be recovered by using the recovery

key. Nowadays the companies are facing threats of malware through which the hacker can

easily get access to the system and steal their confidential data. The organization should

apply the firewall system ion their system’s window. The companies nowadays should hire

the people in IT department which can ability to apply the different techniques in the system

to make it secure. The system should contain the password so only the authorized users can

get access to data. The system in the organization should be password protected and

encrypted so only the authorized user can access it. The development and introduction of

WPA standards has enabled various changes and a greater effectiveness in the security of

network protocols, such as these changes include message integrity check which enables the

wireless network to determine easily and proactively if there are any altered packets between

client and access point deliberately created by the hacker. Furthermore, the integration of

temporal key integrity protocol enables the security protocol to implement a per packet keys

system through which there is a fixed greater security for the wireless network as compared

to the WEP systems.

Encryption Types & Wireless Security Cracking 11

References

Baek, J., Tan, H. C., Zhou, J., & Wong, J. W. (2008). Realizing stateful public key encryption
in wireless sensor network. Paper presented at the IFIP International Information
Security Conference.
Bulbul, H. I., Batmaz, I., & Ozel, M. (2008). Wireless network security: comparison of wep
(wired equivalent privacy) mechanism, wpa (wi-fi protected access) and rsn (robust
security network) security protocols. Paper presented at the Proceedings of the 1st
international conference on Forensic applications and techniques in
telecommunications, information, and multimedia and workshop.
Geng, Y., Rong, C.-m., Veigner, C., Wang, J.-T., & Cheng, H.-B. (2006). Identity-based key
agreement and encryption for wireless sensor networks. The Journal of China
Universities of Posts and Telecommunications, 13(4), 54-60.
Karlof, C., Sastry, N., & Wagner, D. (2004). TinySec: a link layer security architecture for
wireless sensor networks. Paper presented at the Proceedings of the 2nd international
conference on Embedded networked sensor systems.
Kumkar, V., Tiwari, A., Tiwari, P., Gupta, A., & Shrawne, S. (2012). Vulnerabilities of
Wireless Security protocols (WEP and WPA2). International Journal of Advanced
Research in Computer Engineering & Technology (IJARCET), 1(2), 34-38.
Lashkari, A. H., Danesh, M. M. S., & Samadi, B. (2009). A survey on wireless security
protocols (WEP, WPA and WPA2/802.11 i). Paper presented at the Computer Science
and Information Technology, 2009. ICCSIT 2009. 2nd IEEE International Conference
on.
Lashkari, A. H., Towhidi, F., & Hosseini, R. S. (2009). Wired equivalent privacy (WEP).
Paper presented at the Future Computer and Communication, 2009. ICFCC 2009.
International Conference on.
Lin, C.-F., Chung, C.-H., Chen, Z.-L., Song, C.-J., & Wang, Z.-X. (2008). A chaos-based
unequal encryption mechanism in wireless telemedicine with error decryption.
WSEAS Transactions on Systems, 7(2), 49-55.
Mavridis, I., Androulakis, A.-I., Halkias, A., & Mylonas, P. (2011). Real-life paradigms of
wireless network security attacks. Paper presented at the Informatics (PCI), 2011 15th
Panhellenic Conference on.
Nichols, R. K., & Lekkas, P. C. (2002). Wireless security: McGraw-Hill New York.
Potlapally, N. R., Ravi, S., Raghunathan, A., & Lakshminarayana, G. (2002). Optimizing
public-key encryption for wireless clients. Paper presented at the Communications,
2002. ICC 2002. IEEE International Conference on.
Ugus, O., Westhoff, D., Laue, R., Shoufan, A., & Huss, S. A. (2009). Optimized
implementation of elliptic curve based additive homomorphic encryption for wireless
sensor networks. arXiv preprint arXiv:0903.3900.