Education at Lviv Polytechnic

A wireless network authentication

Students Name: Novak Dmytro Vadymovych

Qualification Level: magister

Speciality: System Programming

Institute: Institute of Computer Technologies, Automation and Metrology

Mode of Study: full

Academic Year: 2020-2021 н.р.

Language of Defence: ukrainian

Abstract: Novak D.V., Berezko L.O. (supervisor). A wireless network authentication. Master’s thesis. – Lviv Polytechnic National University, Lviv, 2020. Extended abstract. Today, the number of wireless networks and their popularity are constantly growing every day. Nowadays, the number of devices that support wireless communication technologies has significantly increased. And this is not surprising, because it is very convenient and modern. Every year, the percentage of wireless networks compared to cable networks increases and this will continue in the future. The main feature and advantage of wireless networks, such as Wi-Fi or cellular networks, is the absence of a large number of cables, which is very convenient for users. Do not forget that this also has economic advantages, because it allows you to reduce the cost of deploying and expanding the network. Wireless networks simplify connection, as well as save users and network administrators from having troubles with the parameters of the cables used, connectors, and so on. [1] Wi-Fi technology is a wireless analog of the Ethernet standard. Current implementations allow you to get data transfer speeds of more than 100 Mbit/s, while users can move between access points in the network coverage area using mobile devices equipped with client Wi-Fi receiving and transmitting devices and access the Internet. [2] But like everything else in life, wireless networks have their drawbacks, namely, a high vulnerability of the network in terms of security. The radio broadcast used for wireless data transmission is an open medium and, accordingly, can be listened to by those who are in the signal propagation zone. Also, do not forget about fake access points. The attacker learns information about the real access point that the potential victim will connect to, creates a full copy of it, and tries to connect the client to the fake one. To successfully access the network, an attacker must be within the signal propagation radius of this network. [3] Study object: a wireless network authentication algorithm. Scope of research: protocols, methods and technologies that provide secure use of wireless networks, modern authentication algorithms. Goal of research is to analyze the existing means of providing information protection of wireless networks from attacks by intruders (hackers), which will help prevent the loss of personal data by users connected to the access point and search for methods and further develop an algorithm to improve user security. As a result of the research, the existing wireless network protection protocols were analyzed: WEP, WPA, WPA2, WPA3. WEP protocol is cannot be called secure, because it uses a shared key that an attacker can quickly pick up by intercepting only a few packets. The disadvantage of WPA is the use of the outdated TKIP encryption standard, and the protocol itself was a temporary replacement for poorly protected WEP. WPA2 cannot provide you with the necessary protection if an attacker has already entered the network. WPA3 is a fairly new protocol and is rarely used, because a large number of old routers are not able to support the new standard, due to hardware and software limitations. [4] The OWE traffic encryption method and VPN and IPSec technologies were analyzed. The OWE algorithm is used by the WPA3 protocol and is aimed at encrypting data transmitted over public networks. [5] Its advantage is that as long as the network and client device support OWE, the user’s device does not require any authentication or password to protect against passive eavesdropping. The advantage of using VPN technology is to create a secure connection with encryption of all traffic, creating a so-called tunnel. The downside is using more computing power and sending more data over the network. [6] IPSec is organized on the basis of a VPN and is supported by almost all routers, and encryption of traffic on a small local network practically does not affect network performance. HOTP, TOTP, OCRA, SCRAM, and CHAP authentication algorithms are analyzed. Among them, the OCRA algorithm was highlighted, which is based on HOTP and TOTP. Its advantage is the use of additional parameters to protect against hacking, as well as a random value is used as one of the parameters, rather than a counter, which makes it more secure than its predecessors. [7] Keywords: wireless networks, authentication, encryption. References. 1. Wireless networks. Their advantages and disadvantages (2020, October 17). https://mobiz.com.ua/bezdrotovi-merezhi-wi-fi-ikh-perevahy-i-nedoliky.html. 2. Wi-Fi - Wikipedia (2020, October 17). https://en.wikipedia.org/wiki/Wi-Fi. 3. Stewart S. Miller. Wi-fi Security / Stewart S. Miller. – 2003. 460 p. 4. Wireless Security Protocols: WEP, WPA, WPA2 and WPA3 (2020, October 17). https://www.cyberpunk.rs/wireless-security-protocols-wep-wpa-wpa2-and-wpa3. 5. Opportunistic Wireless Encryption...Um, What’s That Again? | Network World (2020, October 17). https://www.networkworld.com/article/3325745/ opportunistic- wireless-encryption-um-what-s-that-again.html. 6. What is VPN? Virtual Private Network | Why Use a VPN (2020, October 19). https://www.kaspersky.com/resource-center/definitions/what-is-vpn-why-use-vpn. 7. OCRA — Wikipedia (2020, October 20). https://uk.wikipedia.org/wiki/OCRA.