CWNP CWSP – Module 03 – Encryption Ciphers and Methods Part 5

13. CCMP Part4

Now from there, that random number announced is going to be created from the packet number, the transmitter address and the priority data using QoS. And from then, the eight octet CCMP header is going to be constructed. So that’s going to have the key ID, the packet number, as we said, which will be divided into six different octets. And you’ll notice it says here that the construction of the header is basically identity identical to that header that we saw in the temporal key header.

From there, the CCM module, which now is going to use the AES cipher, will now be used to create a data integrity check and encrypt the upper layer data. That 128 bit temporal key, the nonce, the AAD and the plain text data are processed to be able to create that eight byte Michael or mic. And then the MSDU payload of that frame body and the mic are then encrypted in 128 bit blocks and they call that the CCM originator processing. All right, so a lot of work to verify integrity. Did you notice a lot of this is about verifying integrity, not so much about the actual encryption process, but making sure that what was sent was not altered or changed or that it’s a part of these attacks.

Then once we have that MSDU, the original Mac header is appended to the CCMP header. Again, we need to have something in clear text that both the transmitter and receiver can actually read and verify that it was sent to them or being sent to them. The frame check sequence is going to be calculated over all the fields, which is put at the end of the layer two.

And so that resulting 32 bit see, I told you. They call it the CRC. And the frame check, whatever you want to think of it, is in place in that FCS field. So by the time you’re all done, I’m going back to this packet again. And this is not the illustration I was promising you. We have that unencrypted layer two and then the rest of this packet. So there is a physical header, right, the MP, that contains the MSDU. But what’s in this Mpdu is used to help verify the MSDU information as well as the layer two header. And maybe that is sufficient for a picture to kind of give you an idea of how that whole process works. But like I said, I’m going to try to draw that out for you.

14. CCMP Part5

All right, let’s see how well I can do in trying to kind of draw out this picture of this process that I just went through. So we start off basically with the Mac header, and part of that, like we said, is where it’s going to go, the transmitter address. And then of course, we had the plain text data. So think about it, right? We’re starting with the original. We want to do the encryption and data into integrity. Now, the Mac header at some point, this is why I hope I planned well enough ahead for my picture, is still going to be there by the time we’re done. We’re still going to have that same Mac header. I keep saying that that’s not going to change. Now we had to create the nonce, the randomness. Remember I said that the randomness is designed to help us with the actual encryption.

I called it salt because it just makes it harder for people to guess what the key is. But what did we say has to happen is that first of all, we had to create a packet number and that’s the one that’s going to continue to change at some point. We created that 128 bit temporal key and we also recognized the key with a key ID. And let’s see how well I can do this. We take what did we say, the address, the transmitter address. We take the packet number here and with that information is how we help create that nonce, that random number. And then we take the packet number and we take that key ID to help us in creating the CCMP header. Now that we’ve done that, what else did we say we had to do? We also had to create the AAD.

And remember what we said about that AAD, that at some point we’re going to do the processing, right? And part of that processing is to get ready to encrypt things. So this is going to be the CCM, what they call the originator processing. And we use a lot of that information, we use the AAD to help us with that. Remember, we also took a hash information of the plain text data to make this as a part of what we do. The nonce is being used that’s adding the salt, and obviously we need that 128 bit key to be able to do that processing and then we’re ready to create this finished product. So we have the Mac, we also have the CCMP header, and that header is basically like we said, we use the key ID and the packet number to be able to help create that header over here.

And part of that frame, as we said, contained the encrypted data, the MSDU. So obviously the MSDU is coming from the process of doing the encryption as though I just talked about before. And we use that information again to be able to help us with adding in the mic and then when it’s all said and done, at the end we put that frame check sequence. So here then is the encrypted portion and the headers to verify that the encrypted portion hasn’t changed. And when it’s unencrypted, part of that header, as we just said, is that we can look at the hash of the plaintext data and make sure that that plaintext data hasn’t changed.

15. WPA/WPA2

So we’re going to get further into this process of WiFi protected access. WPA WPA two So the goal of Eight or 211, I was the WPA Two, but again, we wanted something more secure. So WPA was actually in use in the Enterprise. Even though it came before the ratification of the actual amendment. It was kind of considered a snapshot of what was coming and still shouldn’t be used. We should be settling on the WPA Two because we have the personal home use and the Enterprise.

The idea, and this is where we’re going to get into more detail as we go through this course about this process, is that it had a strong authentication using the extensible authentication protocol EB. It used AES again as the cipher and it had a stronger integrity. The Sha One for hashing, and I didn’t really get into a lot of the hashing mechanisms, but MD Five was one of our first ones. And then Sha One is a little more secure because it’s a longer hash, a little harder to be able to do what they call the birthday attack, which is trying to find two objects with the same hash. So that’s great. It’s using good encryption, good hashing mechanisms to help protect our information.