Networking Security

Internet Protocols- Details on VPN & Wifi Protocols

khozema

In the world of technology, there are vast numbers of users’ communicating with different devices in different languages. That also includes many ways in which they transmit data along with the
different software they implement. So, communicating worldwide will not be possible if there were no fixed ‘standards’ that will govern the way user communicates for data as well as the way our devices treat those data. Here I will be discussing these standard set of rules.

Yes, I am talking about “protocols” which are set of rules that help in governing the way a particular technology will function for communication. In other words, it can be said that the protocols are digital languages implemented in the form of networking algorithms. There are different networks and network protocols, user’s use while surfing.

VPN

SSL

The SSL protocol, which stands for Secure Sockets Layer, is a cryptographic protocol designed to provide secure communication over the internet. It has been succeeded by the Transport Layer Security (TLS) protocol, but the term “SSL” is still commonly used to refer to both protocols.

SSL/TLS works by establishing an encrypted connection between a client (such as a web browser) and a server (such as a website). The protocol ensures that the data transmitted between the client and server is protected from eavesdropping, tampering, and forgery.

Here’s a simplified explanation of how SSL/TLS works:

  1. Handshake: The client initiates a connection to the server and requests a secure connection. The server responds by sending its digital certificate, which contains its public key and other identifying information.
  2. Certificate Verification: The client verifies the server’s certificate to ensure it is valid and trusted. This involves checking the certificate’s signature and verifying it against a trusted certificate authority (CA).
  3. Key Exchange: The client generates a random session key and encrypts it using the server’s public key from the certificate. The encrypted session key is sent to the server.
  4. Encryption: Both the client and server use the session key to encrypt and decrypt data transmitted between them. This ensures that even if someone intercepts the data, they cannot understand its contents without the session key.
  5. Secure Data Transfer: The client and server exchange encrypted data over the established secure connection. The SSL/TLS protocol ensures the integrity and confidentiality of the data being transmitted.

SSL/TLS is widely used to secure sensitive data transmitted over the internet, such as passwords, credit card information, and personal data. It provides an essential layer of security for online transactions, web browsing, email communication, and other internet-based activities.

IPSec

The IPsec protocol, short for Internet Protocol Security, is a set of cryptographic protocols used to secure communications at the network layer of the internet protocol suite. IPsec is typically employed to establish virtual private networks (VPNs) and ensure secure communication between network devices over potentially insecure networks, such as the internet.

Here’s a simplified explanation of how IPsec works:

  1. Authentication: Before establishing a secure connection, IPsec ensures the authenticity of the communicating parties. This is achieved through a process called mutual authentication, where both the client and the server prove their identities using digital certificates or pre-shared keys.
  2. Key Exchange: Once authentication is complete, IPsec performs a key exchange to establish a shared secret key between the client and the server. This key is used for subsequent encryption and decryption of data.
  3. Encryption and Integrity: IPsec employs cryptographic algorithms to encrypt the data being transmitted and ensure its integrity. There are various encryption algorithms and modes supported by IPsec, such as AES (Advanced Encryption Standard) and HMAC (Hash-based Message Authentication Code).
  4. Tunnel Mode or Transport Mode: IPsec can operate in two modes: tunnel mode and transport mode. In tunnel mode, the entire IP packet is encapsulated within a new IP packet, providing protection for the entire packet. In transport mode, only the payload of the original IP packet is encrypted, leaving the IP header untouched.
  5. Security Associations: IPsec uses Security Associations (SAs) to store the security parameters and keys associated with a particular communication session. SAs define the encryption and authentication algorithms, key lifetimes, and other security parameters used for secure communication.

IPsec provides confidentiality, integrity, and authenticity for IP packets, making it suitable for securing network communications over public or untrusted networks. It is commonly used in VPNs to create secure connections between remote offices, allow remote access to corporate networks, or enable secure communication between networks and individual devices.

It’s important to note that IPsec operates at the network layer, securing the traffic between devices, while protocols like SSL/TLS primarily operate at the application layer, securing specific applications like web browsing.

PPP

The PPP protocol, or Point-to-Point Protocol, is a data link layer protocol used for establishing and maintaining a direct connection between two network devices, typically over serial connections. It is commonly used for dial-up connections and is also utilized by some internet service providers (ISPs) for broadband connections.

Here’s a simplified explanation of how PPP works:

  1. Link Establishment: The PPP protocol begins with a process called link establishment. During this phase, the two devices negotiate parameters and authenticate each other. The devices exchange packets known as Link Control Protocol (LCP) packets to establish and configure the link.
  2. Authentication: After the link is established, PPP supports various authentication methods to verify the identity of the connecting devices. These methods can include passwords, digital certificates, or other authentication protocols like the Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP).
  3. Data Transfer: Once the link is established and authenticated, PPP encapsulates network layer packets (such as IP packets) within PPP frames. It provides a reliable and error-checked connection for transmitting data between the two devices. PPP frames contain control information, payload data, and error checking mechanisms to ensure reliable delivery.
  4. Error Detection and Recovery: PPP includes error detection and recovery mechanisms to ensure the integrity and reliability of data transmission. It uses a cyclic redundancy check (CRC) to detect errors in the received data. In case of errors, PPP can request retransmission of the corrupted frame.
  5. Link Termination: When the communication session is complete, either device can request the termination of the link. The devices exchange Link Control Protocol Termination (LCP Termination) packets to cleanly close the connection.

PPP is a versatile protocol that supports various network layer protocols, making it widely used for establishing connections over different types of physical media, such as serial cables, telephone lines, or fiber-optic links. It provides a standardized and reliable way to establish and maintain direct connections between network devices, making it suitable for both dial-up and broadband connections.

CHAP

The CHAP protocol, which stands for Challenge Handshake Authentication Protocol, is an authentication protocol used in computer networks. It is commonly employed in Point-to-Point Protocol (PPP) connections to verify the identity of connecting devices, such as dial-up or broadband connections.

Here’s a simplified explanation of how CHAP works:

  1. Initial Request: When a PPP connection is established, the authenticating device (known as the authenticator) sends a challenge to the connecting device (known as the peer). The challenge is a random value or string of characters.
  2. Response: The peer device receives the challenge and combines it with a secret password known only to the peer. It then applies a one-way hash function (usually MD5) to create a hash value, which becomes the response.
  3. Challenge Response: The peer sends the response back to the authenticator.
  4. Verification: The authenticator receives the response and independently calculates the expected response by applying the same hash function to the stored password and the received challenge.
  5. Authentication: The authenticator compares the expected response with the received response. If the two match, the authentication is successful, and the connection is allowed. Otherwise, the authentication fails, and the connection is typically terminated.

CHAP provides a higher level of security compared to the Password Authentication Protocol (PAP) used in PPP connections. Unlike PAP, which sends the password as plain text, CHAP uses a hashed value that is never transmitted across the network, making it less vulnerable to eavesdropping or interception attacks.

One advantage of CHAP is that it supports periodic reauthentication during a PPP session. After the initial authentication, the authenticator can send subsequent challenges at regular intervals. The peer responds with a new hashed value based on the new challenge, and the authentication process is repeated. This helps to maintain the integrity of the connection and protect against unauthorized access if a session is compromised.

CHAP is widely supported and provides a reliable method for verifying the identity of devices in PPP connections, making it suitable for securing dial-up connections, virtual private networks (VPNs), and other network environments where authentication is necessary.

PAP

The PAP protocol, or Password Authentication Protocol, is an authentication protocol used in computer networks, particularly in Point-to-Point Protocol (PPP) connections. It is a simple and insecure authentication method that transmits passwords in plain text over the network.

Here’s a simplified explanation of how PAP works:

  1. Authentication Request: When a PPP connection is established, the authenticating device (known as the authenticator) sends an authentication request to the connecting device (known as the peer). This request includes a username and password prompt.
  2. User Response: The peer receives the authentication request and prompts the user to enter their username and password.
  3. Password Transmission: The peer sends the user’s entered password back to the authenticator in plain text, without any encryption or hashing.
  4. Verification: The authenticator receives the plain text password and compares it with the stored password for the corresponding username. If the passwords match, the authentication is successful, and the connection is allowed. Otherwise, the authentication fails, and the connection is typically terminated.

PAP is considered a weak authentication method because it transmits passwords in plain text, making them susceptible to eavesdropping and interception attacks. If an attacker manages to intercept the PAP authentication exchange, they can easily capture and obtain the user’s password.

Due to its inherent security vulnerabilities, PAP is generally not recommended for use in modern networks or environments where secure authentication is essential. Instead, more secure authentication protocols such as Challenge Handshake Authentication Protocol (CHAP) or Extensible Authentication Protocol (EAP) are preferred. These protocols employ stronger encryption and authentication mechanisms to protect sensitive information during the authentication process.

EAP

The EAP protocol, or Extensible Authentication Protocol, is an authentication framework used in computer networks. It provides a flexible and extensible method for authenticating users or devices in various network environments, such as wireless networks, virtual private networks (VPNs), and 802.1X port-based network access control.

Here’s a simplified explanation of how EAP works:

  1. EAP Start: When a device (known as the supplicant) attempts to connect to a network, it sends an EAP Start message to the network access point (known as the authenticator) to initiate the authentication process.
  2. EAP Request/Response: The authenticator responds with an EAP Request message, specifying the type of authentication method or protocol to be used. The supplicant sends an EAP Response message, which contains the authentication information or credentials based on the requested method.
  3. Method-specific Exchange: The authenticator and supplicant engage in an exchange of messages specific to the chosen authentication method. This can include challenges, cryptographic calculations, or any other mechanism defined by the selected EAP method.
  4. Authentication Result: Once the authentication process is complete, the authenticator sends an EAP Success or EAP Failure message to the supplicant, indicating the outcome of the authentication attempt. If successful, the supplicant is granted access to the network.

EAP itself is an authentication framework, and it supports various authentication methods within its framework. Some commonly used EAP methods include EAP-TLS (Transport Layer Security), EAP-TTLS (Tunneled Transport Layer Security), EAP-PEAP (Protected Extensible Authentication Protocol), and EAP-MSCHAPv2 (Microsoft Challenge Handshake Authentication Protocol version 2). These methods differ in their cryptographic algorithms, certificate requirements, and level of security.

The flexibility of EAP allows network administrators to choose the most appropriate authentication method based on their specific security requirements and infrastructure. EAP is widely used in enterprise networks to provide strong and secure authentication, ensuring that only authorized users or devices gain access to the network resources while protecting sensitive information during the authentication process.

WIFI Security

WEP

The WEP protocol, which stands for Wired Equivalent Privacy, is an older security protocol used for securing wireless networks. It was one of the earliest encryption methods used for Wi-Fi networks but is now considered insecure and easily compromised.

Here’s a simplified explanation of how WEP works:

  1. Key Generation: When setting up a WEP-protected wireless network, a shared key is generated. This key is typically a fixed string of characters entered manually by the network administrator.
  2. Encryption: WEP uses the RC4 encryption algorithm to encrypt data transmitted over the wireless network. The shared key is combined with an initialization vector (IV), which is a random value used to prevent encryption patterns from repeating. The resulting encryption key is then used to encrypt the data.
  3. Data Transmission: When data is transmitted over the wireless network, it is encrypted using the encryption key generated in the previous step. The encrypted data is then transmitted over the air.
  4. Key Distribution: WEP uses a shared key approach, meaning that all devices on the wireless network use the same encryption key. The network administrator manually configures each device with the shared key.

One of the major weaknesses of WEP is its use of a static encryption key. This means that the same key is used for an extended period, making it vulnerable to various attacks. WEP has known security flaws that allow attackers to easily crack the encryption and gain unauthorized access to the network.

Due to these security vulnerabilities, WEP is no longer recommended for use in securing wireless networks. It has been largely replaced by more secure encryption protocols such as WPA (Wi-Fi Protected Access) and WPA2, which use stronger encryption algorithms and offer enhanced security features.

WPA

The WPA protocol, which stands for Wi-Fi Protected Access, is a security protocol designed to secure wireless networks. It was introduced as an upgrade to the insecure WEP protocol and offers stronger encryption and enhanced security features.

Here’s a simplified explanation of how WPA works:

  1. Authentication and Key Management: WPA uses a mechanism called 802.1X authentication, also known as EAP (Extensible Authentication Protocol). This allows for more robust and flexible authentication methods, such as username/password, digital certificates, or other authentication protocols.
  2. Encryption: WPA introduced the use of Temporal Key Integrity Protocol (TKIP) as the encryption algorithm. TKIP dynamically generates a unique encryption key for each packet, making it significantly more secure than the static encryption key used in WEP. This helps prevent the types of attacks that compromised WEP.
  3. Message Integrity: WPA incorporates a message integrity check called Michael (MIC), which provides protection against data modification and tampering. The MIC ensures the integrity of transmitted data and helps detect any unauthorized modifications.
  4. Key Distribution: WPA uses a protocol called the 4-way handshake to securely negotiate and distribute the encryption keys between the client device and the wireless access point. This ensures that the encryption keys are regularly changed and provides a higher level of security.
  5. Compatibility: WPA includes a compatibility mode called WPA-PSK (Pre-Shared Key) for devices that do not support the more advanced 802.1X authentication. WPA-PSK uses a pre-shared passphrase, similar to WEP, but with stronger encryption and better security.

WPA has since been succeeded by WPA2, which provides further enhancements and uses the Advanced Encryption Standard (AES) algorithm as the default encryption method. WPA2 is considered the industry standard for securing Wi-Fi networks today.

It’s important to note that WPA and WPA2 are vulnerable to specific attacks, such as brute force attacks on weak passwords. To mitigate these vulnerabilities, it is recommended to use strong and complex passwords, regularly update Wi-Fi equipment with the latest firmware, and consider transitioning to the even more secure WPA3 protocol, which provides improved security features and protections against emerging threats.

WPA vs WPA2

WPA (Wi-Fi Protected Access) and WPA2 are both security protocols designed to secure wireless networks, with WPA2 being an evolution and improvement over WPA. Here are the key differences between WPA and WPA2:

  1. Encryption Algorithm: WPA uses the Temporal Key Integrity Protocol (TKIP) as the encryption algorithm, which replaces the weak encryption algorithm of WEP (Wired Equivalent Privacy). WPA2, on the other hand, uses the Advanced Encryption Standard (AES) algorithm, which is more secure and widely regarded as highly resistant to cryptographic attacks.
  2. Security Enhancements: WPA2 offers stronger security enhancements compared to WPA. While WPA uses TKIP for encryption and the Michael Message Integrity Check (MIC) for data integrity, WPA2 uses AES for encryption, which provides a higher level of security. WPA2 also includes stronger cryptographic algorithms and security protocols.
  3. Key Management: WPA and WPA2 both use the 4-way handshake for key management, which securely negotiates and distributes encryption keys between the client device and the wireless access point. However, WPA2 includes additional security measures and improvements in the key management process, making it more robust and resistant to attacks.
  4. Compatibility: WPA2 is backward compatible with WPA. This means that devices that support WPA2 can also connect to WPA networks, providing interoperability with older devices or networks that have not upgraded to WPA2.
  5. Industry Standard: WPA2 is considered the industry standard for securing Wi-Fi networks and is widely adopted. It has undergone rigorous testing and scrutiny, making it the recommended choice for securing wireless networks.

WPA3

WPA3 (Wi-Fi Protected Access 3) is the latest generation of Wi-Fi security protocol designed to provide stronger and more robust security for wireless networks compared to its predecessors, WPA and WPA2. It introduces several significant enhancements to address the security vulnerabilities present in earlier protocols. Here are the key features and improvements of WPA3:

  1. Enhanced Encryption: WPA3 replaces the aging TKIP encryption algorithm used in WPA/WPA2 with the more secure and modern Simultaneous Authentication of Equals (SAE) algorithm, also known as Dragonfly. SAE offers stronger protection against offline dictionary and brute-force attacks, making it more resistant to password cracking attempts.
  2. Robust Protection for Public Networks: WPA3 introduces a new feature called Opportunistic Wireless Encryption (OWE), also known as Enhanced Open. OWE provides encryption even for open or public Wi-Fi networks that do not require a password. It protects users’ data from eavesdropping and ensures a higher level of privacy and security when connecting to public hotspots.
  3. Individualized Data Encryption: Another key improvement in WPA3 is Individualized Data Encryption. This feature encrypts each wireless connection with a unique encryption key, preventing attackers from intercepting and decrypting data transmitted between devices on the network. It provides improved privacy and security for each user’s communication.
  4. Protection against Brute-Force Attacks: WPA3 adds additional safeguards against brute-force attacks on passwords. It includes a mechanism that imposes time delays and locks out attackers after multiple failed authentication attempts, making it significantly harder for them to guess or crack the Wi-Fi password.
  5. Forward Secrecy: WPA3 incorporates forward secrecy by generating a unique session key for each Wi-Fi session. This means that even if an attacker captures and decrypts one session’s data, they cannot use that information to decrypt past or future sessions, enhancing the overall security of the network.

WPA3 is designed to provide stronger security and better protection against various types of attacks, including password cracking, eavesdropping, and unauthorized access. It offers improved privacy and encryption for both personal and enterprise Wi-Fi networks. While WPA3 is gradually being adopted, it’s important to note that not all devices and access points support WPA3. Compatibility may vary, and devices that do not support WPA3 can still connect to networks using WPA2 or WPA.

Related Posts

Password managers
Security Tech News

The Truth About Password Managers: Benefits, Risks & More

khozema
Choose the Right UPS
Networking Security

How to Choose the Right UPS for Your Server Room

khozema

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.