Last Post: May 9, 2010:
OK, I've already forgotten some basics here!! Linksys wireless router specs say they support up to 128-bit encryption using WPA2. Somebody remind me why we have a 256-bit PSK, and how this relates to a 128-bit key?
WPA2 AES encryption uses two keys : PTK nad GTK, each 128 bit long.
This is an extract from
AES is a block cipher, a type of symmetric key cipher that uses groups of bits of a fixed length - called blocks. A symmetric key cipher is a cipher that uses the same key for both encryption and decryption. The word cipher is used in cryptography to describe the instructions or algorithm used for encrypting and decrypting information.
With AES, bits are encrypted in blocks of plaintext that are calculated independently, rather than a key stream acting across a plaintext data input stream. AES has a block size of 128 bits with 3 possible key lengths 128, 192 and 256 bits as specified in the AES standard. For the WPA2/802.11i implementation of AES, a 128 bit key length is used. AES encryption includes 4 stages that make up one round. Each round is then iterated 10, 12 or 14 times depending upon the bit-key size. For the WPA2/802.11i implementation of AES, each round is iterated 10 times.
AES uses the Counter-Mode/CBC-Mac Protocol (CCMP). CCM is a new mode of operation for a block cipher that enables a single key to be used for both encryption and authentication. The 2 underlying modes employed in CCM include Counter mode (CTR) that achieves data encryption and Cipher Block Chaining Message Authentication Code (CBC-MAC) to provide data integrity.
CBC-MAC is used to generate an authentication component as a result of the encryption process. This is different from prior MIC implementations, in which a separate algorithm for integrity check is required. To further enhance its advanced encryption capabilities, AES uses a 48-bit Initialization Vector (IV). AES has no known attacks and the current analysis indicates that it takes 2<sup>120 operations to break an AES key—making it an extremely secure cryptographic algorithm. </sup>
I will correct myself and explain AES-128 (CCMP) and GTK derivation steps in 802.11i standard
1. Pairwise Master Key (PMK) = TLS-PRF(MasterKey, “client EAP encryption” | clientHello.random | serverHello.random)
2. Pairwise Transient Key (PTK) = EAPoL-PRF(PMK, AP Nonce | STA Nonce | AP MAC Addr| STA MAC Addr)
3. Pairwise Transient Key –Collection of operational keys:
PTK = KCK|KEK|TK (bits 0-383)
–Key Confirmation Key (KCK bits 0-127) –used to bind PMK to the AP, STA; used to prove possession of the PMK
–Key Encryption Key (KEK bits 128-255) –used to distribute Group Transient Key (GTK)
–Temporal Key (TK bits 256-383) –used to secure data traffic and actually encrypt data with CCMP algorithm in Your case.
Among the options you'll see for activating wireless encryption, 128-bit WEP is a safe bet. Older 40 or 64-bit WEP offers inadequate protection.