CompTIA’s Network+ certification Study Guide part 22 is a globally-recognized, vendor neutral exam that has helped over 235,000 IT professionals reach further and higher in their careers. The 2009 Network+ exam (N10-004) is a major update with more focus on security and wireless aspects of networking. Our new study guide has been updated accordingly with focus on network, systems, and WAN security and complete coverage of today’s wireless networking standards. | 196 CHAPTER 5 Wireless Networking dup xcheck 1 index type operatortype ne and bind if pop pop forall end newpath def terminate end end def _ null def ddef Adobe_Illustrator_AI5_vars 3 1 roll put def xput dup load dup length exch maxlength eq dup dup load dup length 2 mul diet copy def if load begin def end def npop pop repeat def hswj dup stringwidth 3 2 roll _hvwb eq exch _hvcx add exch _hvcy add if exch _hvax add exch _hvay add cforall 3. The requestor receives the transmission encrypts the challenge with the secret key and transmits the encrypted challenge back to the authenticator. 4. The authenticator decrypts the challenge text and compares the values against the original. If they match the requestor is authenticated. On the other hand if the requestor does not have the shared key the cipher stream cannot be reproduced therefore the plaintext cannot be discovered and theoretically the transmission is secured. One of the greatest weaknesses in shared-key authentication is that it provides an attacker with enough information to try and crack the WEP secret key. The challenge which is sent from authenticator to requestor is sent in the clear form. The requesting client then transmits the same challenge encrypted using the WEP secret key back to the authenticator. An attacker who captures both of these packets now has two pieces of a three-piece puzzle the cleartext challenge and the encrypted ciphertext of that challenge. The algorithm RC4 is also known. All that is missing is the secret key. To determine the key the attacker may simply try a brute force search of the potential key space using a dictionary attack. At each step the attacker tries to decrypt the encrypted challenge with a dictionary word as the secret key. The result is then compared against the authenticator s challenge. If the two match then the secret key has been determined. In cryptography this attack is termed a known-plaintext attack and is the primary reason why shared-key authentication .
