ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology Volume 1, Issue 4, June 2012 609 All Rights Reserved © 2012 IJARCET WPA Exploitation In The World Of Wireless Network Pranav S. Ambavkar, Pranit U. Patil, Dr.B.B.Meshram, Prof. Pamu Kumar Swamy VJTI, Matunga, Mumbai, India. ambavkar.pranav@gmail.com Abstract—Wifi device uses security authentication protocol even though they are having some weakness. Generally wep, wpa protocols are used for security purpose. This is already proved that WEP authentication protocol is a weak protocol. By analyzing weakness of wep the concept of WPA and WPA2 developed. In this paper, we will examine the weak- nesses of “Strong WPA/WPA2 Authentication” and see how easy it is to crack the protocol. We will take a look at the new standard’s WPA and WPA2 implementations along with their first minor vulnerabilities and how it is possible to crack it. Index Terms—WEP,WPA,WPA2,Aircrack-ng,John-the- ripper,wordfield,reaver I.INTRODUCTION WEP,WPA and WPA2 are the authentication protocols are used for security of wireless network. Researchers had found various weaknesses in WEP old system .To overcome that its place is taken by WPA and WPA2.Today world says that WPA and WPA2 are very strong protocols providing good security. First we will see the brief history of WEP,WPA and WPA2. A.WEP [1] : WEP protocol was not developed by researchers or experts in security and cryptography. So weakness was not considered in all direction. The name David Wagner proved RC4 vulnerable. In 2001, Scott Fluhrer, Itsik Mantin and Adi Shamir published paper on WEP, showing two vulnerabilities in the RC4 encryption algorithm: invariance weaknesses and known Initialization Vector(IV) attacks. Both attacks rely on the fact that for certain key values it is possible for bits in the initial bytes of the key stream to depend on just a few bits of the encryption key. As the encryption key is nothing but concatenation of secret key and IV, certain IV values yield weak keys. B.WPA : Wifi Protected Access (WPA) was created by the Wi-Fi Alliance, an industry trade group, which owns the trademark to the Wi-Fi name and certifies devices that carry that name. IEEE 802.1X authentication server uses, WPA, in which it provides different keys to each user. However, it can also be used in a less secure "pre-shared key" (PSK) mode. Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used. The factor Key recovery is possible in WEP was removed in WPA by adding large IV in algorithm. WPA has highly secured payload integrity. The CRC used in WEP is not secured as it is possible to change CRC message during cracking even if WEP key is not known. A more secured algorithm named Message Integrity Code (MIC) is used in WPA to overcome WEP weaknesses. Frame counter mechanism is used in MIC of WPA that prevents execution of repeated attacks. C.WPA2 : There is very much similarities between 802.11i/WPA2 authentication security WPA, with a few differences. It uses AES based algorithm.At the end of the proposed 802.11i transition, AES encryption was put to use as hardware was upgraded to allow for the change. II. WPA/WPA2 WEAKNESSESS Weaknesses of WPA/WPA2 has been discovered. A. Weak password : If client is connected to access point using weak password then password cracking attacks are possible. WPA uses a password for accessing. When device is connected to access point with WPA password, its encrypted form is pass over network which is catch by someone who is listening it. Catching the data is not an issue but if encrypted