WPA2-PSK - what is it? Security type WPA2-PSK

Table of contents:

WPA2-PSK - what is it? Security type WPA2-PSK
WPA2-PSK - what is it? Security type WPA2-PSK

Wireless LAN connection today is not something out of the ordinary. However, many users (especially mobile device owners) face the problem of which security system to use: WEP, WPA or WPA2-PSK. What kind of technology, we now see. However, the greatest attention will be paid to WPA2-PSK, since it is this protection that is most in demand today.

WPA2-PSK: what is it?

Let's say right away: this is a system for protecting any local connection to a wireless network based on WI-Fi. Wired NIC-based systems using a direct Ethernet connection are not affected.

what is wpa2 psk
what is wpa2 psk

WiFi network protection using WPA2-PSK technology is the most "advanced" today. Even somewhat outdated methods that require a login and password request, as well as encrypting confidential data during transmission and reception, look, to put it mildly, childish babble. Here's why.

Varieties of protection

So, let's start with the fact that until recently the mostThe WEP structure was considered a secure connection security technology. It used a key integrity check when connecting any device wirelessly and was the IEEE 802 standard. 11i.

wifi network protection
wifi network protection

WPA2-PSK WiFi security works basically the same way, but it checks the passkey at the 802.1X level. In other words, the system checks all possible options.

However, there is a newer technology called WPA2 Enterprise. Unlike WPA, it requires not only the request for a personal access key, but also the presence of a Radius server that provides access. At the same time, such an authentication algorithm can work simultaneously in several modes (for example, Enterprise and PSK, while using AES CCMP encryption).

wpa2 psk hack
wpa2 psk hack

Basic protection and security protocols

As well as those of the past, modern protection methods use the same protocol. This is TKIP (WEP security system based on software update and RC4 algorithm). All this involves entering a temporary key to access the network.

As shown by practical use, by itself, such an algorithm did not give a special security connection in a wireless network. That is why new technologies were developed: first WPA and then WPA2, supplemented by PSK (Personal Access Key) and TKIP (Temporary Key). In addition, the data encryption algorithms for transmitting and receiving, now known as the AES standard, were also included here.

wpa2 psk password
wpa2 psk password

Obsolete technology

The WPA2-PSK security type is relatively recent. Prior to this, as mentioned above, the WEP system was used in combination with TKIP. TKIP protection is nothing more than a means of increasing the bit length of the access key. At the moment, it is believed that the basic mode allows you to increase the key from 40 to 128 bits. With all this, you can also change the one and only WEP key to several different ones, generated and sent automatically by the server itself, which authenticates the user at login.

In addition, the system itself provides for the use of a strict key distribution hierarchy, as well as a technique to get rid of the so-called predictability problem. In other words, when, say, for a wireless network using WPA2-PSK security, the password is set in the form of a sequence like "123456789", it is easy to guess that the same key and password generator programs, usually called KeyGen or something like that, when entering the first four characters, they can automatically generate the next four. Here, as they say, you do not need to be unique in order to guess the type of sequence used. But this, as probably already understood, is the simplest example.

As for the date of birth of the user in the password, this is not discussed at all. You can easily be identified by the same registration data in social networks. Digital passwords of this type themselves are absolutely unreliable. It’s better to use numbers, letters, and symbols together (you can even use non-printable ones, providedhot key combinations) and a space. However, even with this approach, it is possible to crack WPA2-PSK. Here it is necessary to explain the method of operation of the system itself.

Typical access algorithm

Now a few more words about the WPA2-PSK system. What is it in terms of practical application? This is a combination of several algorithms, so to speak, in working mode. Let's explain the situation with an example.

Ideally, the sequence of execution of the connection protection procedure and encryption of transmitted or received information is as follows:


In this case, the main role is played by a common key (PSK) with a length of 8 to 63 characters. In what sequence the algorithms will be involved (either encryption will occur first, or after transmission, or in the process using random intermediate keys, etc.), does not matter.

But even with protection and an encryption system at the level of AES 256 (meaning the width of the cipher key), cracking WPA2-PSK for hackers who are knowledgeable in this matter will be a task, albeit difficult, but possible.


Back in 2008, at the PacSec conference, a technique was presented that allows you to hack a wireless connection and read the transmitted data from the router to the client terminal. All this took about 12-15 minutes. However, the backhaul (client-router) was never hacked.

The fact is that when the QoS router mode is enabled, you can not only read the transmitted information, but also replace it with a fake one. In 2009Japanese specialists have presented a technology that can reduce the time of hacking to one minute. And in 2010, information appeared on the Web that the easiest way to crack the Hole 196 module present in WPA2 is using your own private key.

how to hack wpa2 psk
how to hack wpa2 psk

There is no question of any intervention in the generated keys. First, the so-called dictionary attack is used in combination with brute force, and then the wireless connection space is scanned in order to intercept transmitted packets and then record them. It is enough for the user to make a connection, as he is immediately deauthorized, intercepting the transmission of initial packets (handshake). After that, even being close to the main access point is not required. You can easily work offline. True, to perform all these actions, you will need special software.

How to hack WPA2-PSK?

For obvious reasons, the full algorithm for breaking the connection will not be given here, since it can be used as some kind of instruction for action. We will dwell only on the main points, and then only in general terms.

security type wpa2 psk
security type wpa2 psk

As a rule, with direct access to the router, it can be put into the so-called Airmon-NG mode to monitor traffic (airmon-ng start wlan0 - rename the wireless adapter). After that, the traffic is captured and fixed using the airdump-ng mon0 command (monitoring link data, beacon rate, rate and encryption method,amount of data transferred, etc.).

what is wpa2 psk
what is wpa2 psk

Next, the command to fix the selected channel is activated, after which the Aireplay-NG Deauth command is entered with associated values (they are not given for reasons of the legality of using such methods).

After that (when the user has already passed authorization when connecting), the user can simply be disconnected from the network. At the same time, when you re-enter from the hacking side, the system will repeat the login authorization, after which it will be possible to intercept all access passwords. Next, a window will appear with a "handshake" (handshake). Then you can apply the launch of a special WPAcrack file, which will allow you to crack any password. Naturally, no one will tell anyone exactly how it is launched. We only note that with certain knowledge, the whole process takes from several minutes to several days. For example, an Intel-level processor running at a stock clock speed of 2.8 GHz can process no more than 500 passwords in one second, or 1.8 million per hour. In general, as is already clear, you should not flatter yourself.

Instead of afterword

That's it for WPA2-PSK. What it is, perhaps, from the first reading it is clear and will not be. Nevertheless, it seems that any user will understand the basics of data protection and the encryption systems used. Moreover, today almost all owners of mobile gadgets face this. Have you ever noticed that when you create a new connection on the same smartphone, the system suggests using a certain type of protection(WPA2-PSK)? Many simply do not pay attention to it, but in vain. In the advanced settings, you can use a fairly large number of additional options in order to improve the security system.

Popular topic

Editor's choice

  • Let's build iOs apps! Overview of programs, instructions, recommendations
    Let's build iOs apps! Overview of programs, instructions, recommendations

    Today more and more people are starting to dive into the world of IT. A fairly common industry is the creation of various kinds of mobile applications. Quite a lot of different games and programs have already been developed for Android. It is because of this that many developers have begun to move to the iOS platform. This is not a very crowded industry where you can find a lot of clients and make quite a lot of money

  • Moving WordPress to another hosting: features, procedure
    Moving WordPress to another hosting: features, procedure

    Today, every person who has his own website on the Internet may face the problem that he will need to transfer the site to another hosting. There can be many different reasons for this. Of course, the most common of them is dissatisfaction with the services provided. If you can't take it anymore, then you need to act. This is a rather long procedure. If you do everything step by step, you can safely transfer the site, and not redo everything several times

  • How to pass on the rights in "SAMP RP"?
    How to pass on the rights in "SAMP RP"?

    Every person who plays online games is trying to upgrade his character and achieve many interesting things. Users who prefer SAMP try to get a driver's license even from the first level. Experienced players may not take the exam, but simply go to the instructor and buy rights from him. Of course, it will be somewhat more expensive, but this way you can save your time. How to pass on the rights to "SAMP"? Let's review this

  • How to turn off the camera on a laptop? 3 easy ways
    How to turn off the camera on a laptop? 3 easy ways

    Today, hacking has begun to actively develop in the world of information technology. An experienced hacker can get into almost any computer and get the user's information, provided, of course, the laptop is connected to the network. Recently, users have been complaining that their webcam turns on by itself. This way hackers can see where you are and what you are doing. In the future, this information can be used in completely different ways, up to the fact that you become a star on YouTube

  • Shared AppStore Account Features
    Shared AppStore Account Features

    A shared App Store account has many features. It allows users to install games and applications, as well as watch movies in high definition. Shared accounts give official access to app and game downloads for Apple devices (iPhone, iPad, iPod Touch)