This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

derive WPA session key from PSK and 4way handshake

0

Hello Forum

a friend(which owns a small business) told me that he replaced his WEP based AP by a new AP with WPA PSK encryption. He believes that from now on, nobody(even between his employees using the same PSK) can intercept/decrypt the traffic of other legitimate users. My idea is that with the PSK and the 4way handshake it's not too difficult to decrypt his traffic and I would like to show him this fact:-)

Question: Is Wireshark to tool of choice for deriving the WPA session key from the PSK and the 4way handshake?

Thank's a lot for any feedback! Joe

asked 07 Jul '16, 08:29

joseph123's gravatar image

joseph123
119912
accept rate: 0%


One Answer:

1

You are correct, Wireshark can decrypt WPA encrypted communications. I assume you have seen this:

https://wiki.wireshark.org/HowToDecrypt802.11

There are some other tools, but Wireshark is straightforward and easy to use, with instructions.

It is correct that each user will have a unique encryption key which is called the PTK. This is based off the master key whcih everyone shares - this is derived fro the Passphrase (i.e. PSK) and SSID. But with this PMK, and the handshake, each unique PTK can be derived so traffic can be encrypted.

If your friend moves to WPA-Enterprise, then each client gets a separate PMK, making it harder for others to get at unencrypted data. The PMK will likely change on a session timeout, so that is another tool to reduce the ability of others to get at the data.

answered 07 Jul '16, 11:13

Bob%20Jones's gravatar image

Bob Jones
1.0k2515
accept rate: 21%

Hello again! I took me some time to get back to this interesting case. Sorry for that delay!

My friend told me "even if you are watching all this videos on Youtube you wont be able to decrypt my personal communication. Did you know by the way, how much i spent for this new equipment" and "you can stay as long as you want beside my AP and try, as long you are not cheating by connecting my LAN directly via the Ethernet"

Ok.. I do know the AP-password(the PSK which is the same for all users connecting to that AP), the SSID and did successfully capture the 4way-handshake. As i understand, with the help of the PMK each unique PTK can be derived.

I dont have the impression that https://wiki.wireshark.org/HowToDecrypt802.11 does address this task.

Question: What are the next steps to get to know the PMK each unique PTK in order to be able to decrypt the traffic?

Any feedback is appreciated very much! Thank's.

Joe

(17 Sep '16, 05:33) joseph123

I do know the AP-password(the PSK which is the same for all users connecting to that AP), the SSID and did successfully capture the 4way-handshake.

Therefore you should be able to decrypt the traffic regardless of what your friend says. Are you sure you have wireless traffic to decrypt?

Question: What are the next steps to get to know the PMK each unique PTK in order to be able to decrypt the traffic?

The PMK is derived from the Passphrase (Wireshark calls WPA-PWD) and the SSID that is entered. If you want the details, see 802.11-2012 and it indicates the method to convert the (Passphrase,SSID) --> PMK. Wireshark does it for you, and there are websites around that will do it too. If you have the information as claimed and it is correct, follow the Wireshark directions and you should start to see decrypted traffic. A couple of tips:

  1. Make sure you have all four eapol messages. They are labeled 1 of 4, 2 of 4, etc. You can have RETRIES, but one of each type must be present. As soon as the next set comes around, the previous PTK would be invalid and you need another full set or your decryption capability will suddenly cease.

  2. Reload the trace after you enter the key if they are not decrypted. There are some other points in the Wireshark document to check if it is not working. Also test the process with the sample provided at that link. Until you successfully decrypt the sample, you likely won't be able to do a real trace.

  3. Make sure you have data frames to decrypt from the devices in question. You should be able to identify type QoS-Data (likely) or Data frames from the devices/BSSID under review in the trace. It's somewhat common to not have data frames as these are unicast and you need proper capture equipment/methods to be able to get them. Sometimes, we see the complaint 'I can't decrypt' but root cause is really improper capture technique as there are no data frames to decrypt.

  4. The other option for entering key information into Wireshark (ignoring WEP as that is basically no security) is WPA-PSK. To use this, we need to generate the PMK outside of Wireshark (through something like this https://www.wireshark.org/tools/wpa-psk.html). Note that Wireshark does this step for you, so you do not need to use this unless you want to when using WPA2-Personal.

  5. To gain proficiency, setup your own wifi infrastrucuture for test with WPA2 and generate traffic to be sure you can decrypt.

(18 Sep '16, 03:08) Bob Jones