Public Key Infrastructure Overview
In WPA and WPA2 "Enterprise", authentication is handled by five EAP (Extensible Authentication Protocols) standards, which rely on a Public Key Infrastructure (PKI). Now, cryptography can scare even the most hardened system admins and the documentation is, well... awful. Here's a brief overview to help bring you up to speed.
In PKI, Alice and Bob each have a set of two keys, a public key and a private key. The keys work in such a way that if something is encrypted with the public key, only the private key is able to decrypt it and vice versa (I won't get into the details of how this works mathematically, you can read all about the gory details here).
The public key, as the name implies, is released to the public. That way, when Alice wants to send a message to Bob, she can encrypt it using Bob's public key. Once the message is encrypted, not even Alice can decrypt it without using Bob's private key. When Bob wants to send something back to Alice, he uses Alice's public key to encrypt the message so that only Alice will be able to decrypt it, using her private key (Figure 1).
Figure 1: Bob sending an encrypted message to Alice (Courtesy Wikipedia)
This sounds pretty secure right? And it is, but we're still missing one piece. Since the public key is, well, public, someone could create a another key pair that has the same identity as Bob's. So, how can Alice know for sure that Bob's key is really his?
This is handled by introducing an independent third party: a Certificate Authority (CA for short). The CA acts as a trusted intermediary that creates and vouches for the authenticity of public keys. As you might expect, this is a big responsibility. Companies like VeriSign make a business from issuing digital certificates that contain public keys with the identity of the owner and attesting to the authenticity of the key and owner.
This is not as easy as it sounds, since it requires actually verifying an applicant's credentials and documents of identity. But this scheme allows anyone to check the validity of a public key against a trusted third party (the CA).
Now, in the process of encrypting a message to Bob, Alice can check Bob's public key to see if it was signed by a trusted CA's. That way, Alice knows for sure that she is using Bob's public key, and that only Bob will be able to decrypt the message.
The actual authentication process used in EAP is a little more complicated than this, but this is a pretty good overall picture of how things work. By the way, our weapon of choice for creating our PKI in Part 2 will be OpenSSL.
Symmetric Key Underpinnings
All these private and public keys enhance security, but at the cost of performance. As you might expect, it takes a lot of computational horsepower and extra bandwidth to do all this encryption.
In WPA / WPA2 Enterprise, the client and server authenticate each other in a heavily-encrypted "tunnel", but then agree on a symmetric-key encryption scheme—such as AES or TKIP)—that is used for the rest of the conversation. This is done because symmetric key encryption is much less computation and bandwidth intensive.
Temporal Key Integrity Protocol
WPA uses TKIP as the underlying symmetric key encryption mechanism. TKIP uses the same RC4 based cipher as WEP, but rotates the key on a per-packet basis, making it practically impossible to back out the key with a traditional WEP attack. RC4 is a stream cipher, meaning it operates bit by bit which is generally faster but not necessarily as secure.
In addition, TKIP hashes the initialization vector with the symmetric key, whereas WEP only concatenated them. WEP's main vulnerability is that the IV is included in plaintext in the packets that are sent over the network, making it easy to pick out the key with enough captured packets.
Advanced Encryption Standard
AES, implemented in WPA2, is the encryption standard used by the U.S. government. Normally, that wouldn't make me feel too much better about using it, until I read that it's also the encryption scheme they use all the way up to the "Top Secret" level. Now we're talkin'!
In contrast to RC4, AES is a block cipher, meaning it performs the encryption on a fixed "block" of bits. This provides stronger encryption, but takes a bit more horsepower to compute. But this generally isn't a problem on modern computers.