Shared Key Authentication
Shared Key Authentication uses a shared secret such as the WEP key to authenticate the client. The exact exchange of information is illustrated next (taken from http://www.netgear.com):
The wireless client sends an authentication request to the access point, which responds back with a challenge. The client now needs to encrypt this challenge with the shared key and send it back to the access point, which decrypts this to check if it can recover the original challenge text. If it succeeds, the client successfully authenticates, else it sends an authentication failed message.
The security problem here is that an attacker passively listening to this entire communication by sniffing the air has access to both the plain text challenge and the encrypted challenge. He can apply the XOR operation to retrieve the keystream. This keystream can be used to encrypt any future challenge sent by the access point without needing to know the actual key.
In this exercise, we will learn...