SEARCH

— 葡萄酒 | 威士忌 | 白兰地 | 啤酒 —

Does the Wi-Fi WPA3 Protocol Renew Every 12 Hours?

BLOG 500

 

2d60291ebd68ff27533ff5363422a67d

My router’s security mode is set to “WPA2-PSK/WPA3-SAE.” My new phone supports Wi-Fi 6 and WPA3, but it disconnects and reconnects to the Wi-Fi network every 12 hours or so. Other Wi-Fi 6 devices in my home do not have this issue. After packet analysis by the phone manufacturer, they said this is a WPA3 protocol issue that requires renewal. Is this statement correct?

The engineer is diligent and responsible, and the product has no issues. The PTK (Pairwise Transit Key) is simply configured to expire after 43200 seconds, which is 12 hours.

From the image, we can see that the MSK (Master Session Key) update interval is 86400 seconds, which is 24 hours.

I remember an article mentioning that wireless network security mainly revolves around the PMK (Pairwise Master Key). Why isn’t the PMK mentioned here?

The PMK is derived from the MSK. For example, if the MSK is 512 bits long, the protocol allows for the extraction of the first 256, 384, or 512 bits from the MSK. Different encryption algorithms may require different lengths. Therefore, the MSK is long enough to meet the extraction needs of various encryption algorithms, providing flexibility.

The life cycle of the PMK is equal to the life cycle of the MSK, which is 24 hours.

If the PMK is derived by shortening the MSK, what is the relationship between the PTK and the PMK?

The PTK is derived by each party contributing a nonce and then combining it with the PMK according to the algorithm.

Once the PMK expires, the PTK also expires, so the PTK life time ≤ PMK life time == MSK life time.

 

Is the PTK the encryption/decryption key?

No, the PTK is still an intermediate transitional key.

Both parties derive KCK (Key Confirmation Key), KEK (Key Encryption Key), and TK (Temporal Key) from the PTK using predefined algorithms. As long as both parties have the same PTK, the highlighted three keys will also be the same.

What users are most concerned about is the TK, which is used to encrypt/decrypt user data.

The life cycle relationship is as follows:

TK life time == PTK life time ≤ PMK life time == MSK life time

According to the strict requirement of one-time use, the famous TK can only be used once, right?

However, based on the image and real-world experience, the TK is continuously used for encryption/decryption during its lifetime (12 hours), which does not meet the one-time use requirement.

Have readers heard of initialization vectors (IVs), nonces, random numbers, and salts?

They are essentially the same thing. Each time a different IV/nonce is used in a calculation (such as XOR) with the TK, the output = key pad. As long as the IV/nonce used for each encryption is different, even if the TK remains unchanged, the key pad will always be different.

What is the key pad for?

The key pad is used in one-time pad encryption/decryption algorithms, appearing as a randomized sequence of 128/192/256 bits.

How does the receiver know the different IV/nonce used by the sender?

It can be sent in plaintext along with the packet.

However, as different IV/nonces are used within a limited length (usually 128 bits), the remaining options decrease over time. If the sender accidentally reuses the same IV/nonce, it poses a significant security risk in encryption algorithms and must be absolutely avoided.

How to avoid it?

By forcing the PTK to expire, thereby deleting the PTK SA and TK SA, making the TK expire (here, 12 hours) and unable to be reused.

As long as both parties use the PMK (which has 12 hours left before expiration), they can perform a 4-way handshake, each contributing a new nonce, and derive a new PTK and TK, naturally meeting the one-time use requirement of the algorithm!

Finally, where does the MSK come from?

If using 802.1x (EAP/TLS) authentication, it is obtained from the EAP TLS secure connection negotiation.

If using PSK authentication, it is derived from the password, both parties’ MAC addresses, and predefined characters.

Lastly, the SAE authentication used in WPA3 involves elliptic curve cryptography (ECC). Essentially, it involves deriving a starting point on the elliptic curve, called the base point. Understanding the base point and the cyclic nature of elliptic curve discrete finite elements makes the series of calculations involving public and private keys as fun and playful as a child’s game.

 

The prev: The next:

Related recommendations

Expand more!

Mo