Along with the progress of the times, technology is advancing rapidly. Information delivery systems are very diverse. One of the most widely used systems is communication through the internet. The need for internet access is often prioritized today, one of which is the use of wireless networks on local computer networks or commonly referred to as WLAN (Wireless LAN). so the need for wireless or wireless computer networks is also increasing. With the increasing use of this wireless device, it is certain that the use of wifi has increased dramatically. However, security is needed to guard it. This is accompanied by a large variety of disruptions that will attack information security. One of them is WPA. WPA stands for Wireless Protected Access, which is an open international standard for applications that use wireless communications or wireless applications. WPA has the function of securing wireless networks from various internal and external threats.
Humans are social creatures. Human nature as social beings cannot be eliminated at all costs. It is already a condition of human nature from birth so that no human can live alone. Humans need to communicate and build good relationships between people. Therefore, created media for communication that are continuously improved from generation to generation. Starting from the traditional way, cable services, to services without cable or wireless. With this wireless service, it is easier for humans to communicate. No need to worry about distance, cost, time, etc. Because with this service humans can be connected to each other anywhere, anytime, and with anyone in a short time. In short, the development of technology has directed people to the effectiveness and efficiency in various ways. But it cannot be denied that every technology has advantages and disadvantages. So it is with this wireless service. Although this service is very effective and efficient, in terms of security, this service is vulnerable. This is because data transmission that uses air media causes anyone to cut and use it. Therefore, algorithms are made in such a way that can function to secure the information transmitted.
It is indeed quite difficult to secure something invisible. But this does not undermine efforts to create algorithms to ensure the security of the information in them. The rise of data thieves on wireless networks forces humans to continue to develop existing security algorithms. Starting from WEP, WPA, to WPA2. But as said in the film “Who Am I”, no system is safe is a real reality. In fact it is true that there has never been a single safe system. There must be loopholes in all systems. So it is necessary to continue to develop for the sake of the creation of a system that is at least difficult to find a gap. Then what about the WPA security algorithm which is a wireless network security, which is now being replaced by WPA2.
Wi-Fi is an acronym for Wireless Fidelity, which means a set of standards used for wireless local / WLAN networks based on the specifications of IEEE 802.11. At first, Wi-Fi was used for wireless devices and Local Area Connection (LAN), but at this time Wifi was widely used to access the internet. Wi-Fi enables a mobile device or more to send and receive data wirelessly from any location. Uses radio frequency transmission as a tool to send data to devices that are Wi-Fi equipped and within access range.
B. WiFi vulnerability
Various vulnerabilities and threats in wireless networks
- Sniffing to Eavesdrop. Packages that are data such as HTTP access, e-mail and others, which are passed by wireless waves can be easily picked up and analyzed by the attacker using the Packet Sniffer application.
- Man in the Middle Attack. Improved security with encryption and authentication techniques can still be penetrated by looking for weaknesses in the operation of the network protocol. One of them is by exploiting the Address Resolution Protocol (ARP) on TCP / IP so that hackers can take over the network
- Denial of Service. This attack is carried out by flooding (flooding) the network so that wireless signals collide and produce damaged packets.
- Rogue / Unauthorized Access Point. Rogue AP can be installed by those who want to spread / transmit wireless transmissions illegally / without permission. The goal, the attacker can infiltrate the network through this Access Point.
Activities that threaten the wireless network above are carried out by means of WarSpamming, WarSpying and so forth. The number of access points that are built along with the increasingly low cost of subscribing to an internet connection causes hacking activities are often applied to get internet access illegally.
C. Wireless Protected Access
WPA stands for Wireless Protected Access, which is an open international standard for applications that use wireless communications or wireless applications. WPA functions to secure the wireless network. WPA was created to complement the security system of WEP (Wired Equivalent Privacy), this is because there are many gaps or weaknesses in wireless infrastructure that uses WEP security.
WPA implements a layer or model compatible with the IEEE draft standard specifications, which is 802.11i. This layer has several objectives in its design, which are sturdy, interoperable, able to be used to replace WEP, and can be implemented in the scope of housing or companies, and available to the public.
WPA was designed using a static security key using TKIP (Temporal Key Integrity Protocol) which is able to dynamically change after 10,000 data packets are transmitted. The TKIP protocol will take the primary key as a prefix which is then regularly changed so that no encryption key is used twice. Background process is automatically carried out without being noticed by the user. By regenerating the encryption key every five minutes or so, WiFi networks that use WPA have slowed down the work of hackers who try to crack the key first.
The WPA authentication process uses 802.1x and EAP (Extensible Authentication Protocol) which together provide these two strong frameworks for the user authentication process. The framework will utilize a centralized authentication server. Mutual authentication is also applied, so that wireless network users do not accidentally join other networks that might steal network identities. WPA functions to secure wireless networks. WPA serves to secure a wireless network, where WPA is designed and used with other additional tools, namely a personal computer or Private Computer (PC). The function of this personal computer is known as the authentication server, which is a computer that functions to authenticate or prove the authenticity of a network, the PC that gives a different key to each user / client of a wireless network that uses the access point as a central medium of communication.
The PC is tasked to provide a different key or key to each user / client of a wireless network that uses an access point as a central medium of communication. In doing security, WPA encrypts using the RC4 algorithm, which is an algorithm that generates a series of random keys. The WPA security includes a Computer Server to which the access point provides authentication to the client. Next there is the Port, a mechanism that allows a computer to support several sessions of other computer connections and programs on the network, using port 1812. Furthermore, Shared Secret, which is a key that is distributed to computers and to clients transparently.
D. Strengths and weaknesses of WPA
The advantage of WPA is that it increases data encryption with the Temporal Key Integrity Protocol technique, which is a protocol that takes the primary key as a prefix then regularly changes so that the key is used once. While WPA is lacking in the process of slow encryption and decryption calculations, data overhead is greater so the data transmission process is slower. Not all wireless supports the use of WPA security, there is a rapid decline in throughput. And only safer when used on a small scale, because TKIP has the potential to be broken by attackers.