Hi forum as i understand in a preshared-key network, the PSK (which is actually the PMK) can be derived from the WPA-password and the SSID... Questions: If a user would like to join an AP and he is asked to enter a password, is this password called the WPA-password or is this the PSK? Thank you very much for any clarifications! Joe asked 17 Dec '16, 06:00  joseph123 |
One Answer:
Not really a Wireshark question, but anyway here is a view. WiFi Alliance refers to it this way:
So 'Personal' would take a passphrase or password and derive a PSK through a process with example code given in 802.11-2012 Annex M.4, also loosely described in the wikipedia reference below. An example implementation is the Wireshark online calculator. I prefer the way they refer to it:
The PSK would be the PMK in this case. In addition, 802.11-2012 describes how to use these:
So to answer your specific question, I prefer to call it a passphrase. I like the term passphrase because from a security context, a passphrase is usually better than a password, but both are better than PSK because PSK is derived from this along with the SSID. But you will see all variants described in different ways. In WPA2-Enterprise, the PMK is transferred from the RADIUS server after authentication and delivered to both the AP and the wireless client for use so there is no offline calculator. It makes decryption very difficult as well, because we need the four way handshake and the PMK from the authentication step; the PMK usually changes every session timeout period, which can be short (e.g. adjustable, but commonly 30 minutes or sometimes a few hours). Some references: https://en.wikipedia.org/wiki/IEEE_802.11i-2004 802.11-2012 specification (see IEEE website, it is free) http://www.wi-fi.org/node/7924 answered 17 Dec '16, 06:27  Bob Jones edited 17 Dec '16, 06:34 |
