Note Steps 1 -3 are the same as Open Authentication, but this time Shared Key Authentication will be used. Using Shared Key Authentication the wireless client will attempt to associate with an access point.
1. The client sends an Authentication Request to Access Point (A).
2. Access Point (A) sends an authentication response. The authentication response from the access point to the client is sent containing "challenge" text. This packet is unencrypted.
3. The client then uses the text from the authentication response to form another authentication packet, which will be encrypted using one of the client's WEP keys, and sends this as a response to the access point.
4. Access Point (A) will then compare the encrypted "challenge" text against the access point's own copy of the encrypted "challenge" text. If the encrypted text is the same, then the access point allows the client on the WLAN.
Shared Key Authentication is considered less secure than OPEN Authentication because of the challenge text packet. Because this packet is sent unencrypted and then returned as an encrypted packet, it may be possible to capture both packets and determine the stream cipher.
Was this article helpful?