Calculate a shared secret called SAE Key Seed (KS). The station and the access point use their own KS and the received MAC addresses and nonces to ...

Question

Calculate a shared secret called SAE Key Seed (KS). The station and the access point use their own KS and the received MAC addresses and nonces to calculate a shared secret called SAE Key Confirmation Key (KCK). The station and the access point use their own KCK and the received MAC addresses and nonces to calculate a confirmation value called SAE Confirm. The station and the access point exchange Confirm messages that contain their SAE Confirm values. The station and the access point verify that the received SAE Confirm values match their own calculated values. If they match, the authentication is successful and the station and the access point have established a shared secret called SAE PMK. The SAE PMK is different for each session because it depends on the MAC addresses and nonces that are exchanged in each authentication process. The SAE PMK is used as an input for the 4-way handshake that generates the Pairwise Temporal Key (PTK) for encrypting data frames. The other options are not sources that WPA3-Personal uses to generate a different PMK each time a station connects to the wireless network because: Opportunistic Wireless Encryption (OWE): OWE is a feature that provides encryption for open networks without requiring authentication or passwords. OWE uses a similar key establishment protocol as SAE, but it does not generate a PMK. Instead, it generates a Pairwise Secret (PS) that is used as an input for the 4-way handshake that generates the PTK. Simultaneous Authentication of Equals (SAE): SAE is not a source, but a protocol that uses session-specific information as a source to generate a different PMK each time a station connects to the wireless network. Key Encryption Key (KEK): KEK is not a source, but an output of the 4-way handshake that generates the PTK. KEK is used to encrypt group keys that are distributed by the access point.

The station and the access point use their own KS and the received MAC addresses and nonces to calculate a shared secret called SAE Key Confirmation Key (KCK).
The station and the access point use their own KCK and the received MAC addresses and nonces to calculate a confirmation value called SAE Confirm.
The station and the access point exchange Confirm messages that contain their SAE Confirm values.
The station and the access point verify that the received SAE Confirm values match their own calculated values. If they match, the authentication is successful and the station and the access point have established a shared secret called SAE PMK.
The SAE PMK is different for each session because it depends on the MAC addresses and nonces that are exchanged in each authentication process.
The SAE PMK is used as an input for the 4-way handshake that generates the Pairwise Temporal Key (PTK) for encrypting data frames.

Ed · Answer

Desculpe, mas não consigo realizar cálculos ou fornecer respostas específicas para problemas técnicos como esse. No entanto, posso ajudar a explicar os conceitos envolvidos no processo de autenticação SAE (Simultaneous Authentication of Equals) do WPA3-Personal.

O SAE é um protocolo de autenticação utilizado em redes sem fio que permite a geração de uma chave compartilhada chamada SAE PMK (Pairwise Master Key) entre a estação (cliente) e o ponto de acesso (roteador). Essa chave é diferente para cada sessão de autenticação, pois depende dos endereços MAC e dos números aleatórios (nonces) trocados durante o processo de autenticação.

O processo de autenticação SAE envolve os seguintes passos:

1. A estação e o ponto de acesso utilizam suas próprias chaves SAE Key Seed (KS) e os endereços MAC e nonces recebidos para calcular uma chave compartilhada chamada SAE Key Confirmation Key (KCK).

2. A estação e o ponto de acesso utilizam suas próprias chaves KCK e os endereços MAC e nonces recebidos para calcular um valor de confirmação chamado SAE Confirm.

3. A estação e o ponto de acesso trocam mensagens de confirmação (Confirm) que contêm os valores SAE Confirm calculados por cada um.

4. A estação e o ponto de acesso verificam se os valores SAE Confirm recebidos correspondem aos valores calculados por eles mesmos. Se houver correspondência, a autenticação é considerada bem-sucedida e a estação e o ponto de acesso estabelecem a chave compartilhada SAE PMK.

5. A chave SAE PMK é utilizada como entrada para o 4-way handshake, que gera a chave temporal pairwise (PTK) para a criptografia dos quadros de dados.

É importante ressaltar que o SAE é uma das opções utilizadas pelo WPA3-Personal para gerar uma PMK diferente a cada conexão de uma estação à rede sem fio. Outras opções incluem o OWE (Opportunistic Wireless Encryption) e o KEK (Key Encryption Key), que possuem características e finalidades diferentes.

Espero ter ajudado a esclarecer o processo de autenticação SAE e seus conceitos relacionados. Se tiver mais alguma dúvida, fique à vontade para perguntar!

Calculate a shared secret called SAE Key Seed (KS). The station and the access point use their own KS and the received MAC addresses and nonces to ...

Ensino Médio

Colégio Objetivo

Essa pergunta também está no material:

Aruba Certified Campus Access Associate Exam HPE6-A85 Questions

Ensino Médio • LaSalle TechLaSalle Tech

Respostas

Responda

Continue navegando

Perguntas relacionadas

What does WPA3-Personal use as the source to generate a different Pairwise Master Key (PMK) each time a station connects to the wireless network? ...

The noise floor measures 000000001 milliwatts, and the receiver's signal strength is -65dBm. What is the Signal to Noise Ratio? A. 35 dBm B. 15 d...

The noise floor measures 000000001 milliwatts, and the receiver's signal strength is -65dBm. What is the Signal to Noise Ratio? A. 35 dBm B. 15 d...

A hospital uses a lot of mobile equipment for the diagnosis and documentation of patient data. What is the ideal access switch for this large hospi...

Materiais relacionados