WPA Theory

In this section, we are going to discuss Wi-Fi Protected Access(WPA) encryption. After WEP, this encryption was designed to address all of the issues that made WEP very easy to crack. In WEP, the main issue is the short IV, which is sent as plain text in each packet. The short IV means that the possibility of having a unique IV in each packet can be exhausted in active network so that when we are injecting packets, we will end up with more than one packet that has the same IV. At that time, aircrack-ng can use statistical attacks to determine the key stream and WEP key for the network.

In WPA, each packet is encrypted using a temporary key or unique key. It means that the number of data packets that we collect is irrelevant. If we collect one million packets, these packets are also not useful because they do not contain any information that we can use to crack the WPA key. WPA2 is the same as WPA. It works with the same methods and using the same method it can be cracked. The only difference between WPA, WPA2 is that WPA2 uses an algorithm called Counter-Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) for encryption.