The Wi-Fi/802.11 standard introduced two new Information elements to cater to the new WPA/WPA2 encryption scheme. They are the WPA (Wireless Protected Access) and RSN (Robust Security Network) Information Elements.
为了适应新的WPA/WPA2加密体系, WiFi/802.11 标准引入了两种新的信息元素。它们是WPA(无线接入保护)和RSN(强健安全网络)信息要素。
Any Station containing a WPA/RSN information element in its Association request would need to perform an 802.11i/802.1X security handshake.
任何Station(站点)的Association request(关联请求)中包含 WPA/RSN 信息元素都需要执行 802.11i/802.1x安全握手。
The WPA Information Element is shown below
WPA信息元素如下图所示:
The WPA Element ID is set to 0x221. The WPA Element ID is same as the vendor specific element ID. Hence, whenever a vendor specific Element ID is received – the OUI needs to be checked by the Station/AP to see if the Information Element is WPA. If it is not WPA – AP/Station can choose to ignore parsing the Information Element
WPA的 元素ID 是0x221,和厂商的元素ID相同。因此当Station/AP收到厂商的元素ID后要检查OUI值看该元素是不是WPA。如果不是WPA,AP/Station 可以选择忽略解析这个信息元素。
The WPA OUI (Organizationally Unique Identifier) is set to 00-50-f2
WPA的OUI(组织唯一标识符)是00-50-f2.
The Type or Version of WPA is 1
WPA的类型或者版本是1
The Multicast cipher suite and Type (together termed as Multicast/Group Cipher suite selector) indicates the multicast cipher that is supported.
The Unicast Cipher count – indicates the number of unicast cipher suites present
The Unicast Cipher List – is variable based on the number of Unicast cipher count value.
The tabular column indicates some of the different cipher lists that are supported
表格中的列 表明支持的一些不同的加密列表
| OUI | Suite Type | Meaning |
| 00-50-f2 | 0 | Use Group Cipher Suite |
| 00-50-f2 | 1 | WEP-40 |
| 00-50-f2 | 2 | TKIP |
| 00-50-f2 | 3 | Reserved |
| 00-50-f2 | 4 | Reserved |
| 00-50-f2 | 5 | WEP-104 |
TKIP is the Default Cipher suite in WPA
WPA中的默认密码套件是TKIP。
NOTE: WEP-40 and WEP-104 can only be used as group cipher suites in the Transition Station network (TSN).
AKM Count – the Authentication Key Management count provides the number of Authentication key management suites that are supported.
AKM List – The number of different authentication mechanisms that is supported. The tabular column indicates some of the cipher suite and Type combination
| OUI | Suite Type | Meaning |
| 00-50-f2 | 0 | Reserved |
| 00-50-f2 | 1 | 802.1X |
| 00-50-f2 | 2 | PSK |
The Packet capture below indicates the details of a PSK AKM suite selected and TKIP as Multicast/Unicast Cipher suite
原文:LINK
扫一扫
743
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
