82 Eleventh Hour Security : Exam SY0-201 Study Guide WPA and WPA2 The issues with WEP were cause enough for concern that the WiFi Alliance cre- ated a certification program for its replacements, Wi-Fi Protected Access (WPA) and WPA2. These improvements were needed to address the serious weaknesses in the way in which WEP was implemented. WPA was designed to meet these short-term needs of wireless security as a stopgap measure. One big change between WEP and WPA was the advancement of Temporal Key Integrity Protocol (TKIP). TKIP increases the Initialization Vector (IV) from 24-bits to 48-bits. WPA was designed to also use a different secret key for each packet and also featured Message Integrity Code (MIC), which was designed to detect invalid packets. WPA was effective in that it was designed as a stopgap measure until a completely new replacement could be approved and released. This replacement was WPA2 (802.11i). WPA2 implemented all the elements that were requirements of the Wi-Fi Alliance and as specified in 802.11i. The standard took so long to be released that it was branded WPA-2 even though it uses a completely different method of security. WPA2 includes Robust Security Network (RSN) support, which includes added protection for ad-hoc networks, key caching, and pre-roaming authentication. WPA2 is built around the following: 802.1x used for authentication RSN used for tracking client association Advanced Encryption Standard (AES) with mandatory support for Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) used for confidentiality, integrity, and availability WAP The Wireless Application Protocol (WAP) is an open specification designed to enable mobile wireless users to easily access and interact with information and services. WAP is designed for hand-held digital wireless devices such as mobile phones, pagers, two-way radios, smartphones, and other communicators. It works over most wireless networks and can be built on many operating systems (OSs) including PalmOS, Windows CE, JavaOS, and others. The WAP specifica- tion added two significant enhancements to the above programming model: push and telephony support (Wireless Telephony Application, WTA). A WAP push is a Short Message Service (SMS) message containing a link to a WAP page. When the receiving handset gets the WAP push, the user can access the content in the page. WAP telephony support allows for telephone services to be avail- able in a data environment so that WAP phones can be operated as both a tele- phone and a Web device. WTLS Wireless Transport Layer Security (WTLS) is an attempt by the WAP Forum to introduce a measure of security into WAP.