English

How do I know the type of wifi security actually being used?

wifi
Tags: #<Tag:0x00007fefc2c5b570>

#1

I was wondering, in the wifi settings of the network I’m connected to, it says “WPA/WPA2” as the type of security.
That’s true as it matches the router setting.

But is it possible to actually find out if the phone is connected with WPA or WPA2 as I assume it can’t be both at the same time?


#2

I assume the used Android function does not give more details. But you can check on the router’s side if that’s management is in your hands.


#3

I later had a look at the logcat and searched for “wpa”. There are entries with “WPA: key negotiation completed”.

At home those entries contained [PTK=CCMP GTK=TKIP] (displayed as “WPA + WPA2”) while at work it is [PTK=CCMP GTK=CCMP] (displayed as “WPA2”).

So it seems it can be both at the same time :wink:

According to https://en.wikipedia.org/wiki/IEEE_802.11i-2004 PTK is the “Pairwise Transient Key” and GTK the “Group Temporal Key”. Not that I would know what this means exactly :smiley:


#4

Interesting: same combinations here… (home vs. work…) :smiley:


#5

When your device connects with a WiFi Access Point, they identify each other. The AP authenticates that the device knows the password and then they negotiate (handshake) cryptographic keys to encrypt further messages and protect them. PTK and GTK are two such crypto keys. The former is used for direct communication from the device to the AP (normal internet requests), while the later is for something called multicast, which I don’t know for sure but I guess it’s for intranet comunication (between peers in the same network.)

TKIP and CCMP are two different ways of negotiating crypto keys. TKIP (later named WPA) was designed as a contingency measure when WEP security was broken, and was later superseeded by CCMP (WPA2). It was deprecated in 2012, so it’s an obsolete prococol, which doesn’t sounds good at all.

Home ISP routers are bad at security, specially wireless-wise. They are hardly updated, if ever. I have an OpenWRT wifi router linked by an ethernet cable to my ISP router with wireless disabled because it’s a mess.

[I already knew some little things about how WiFi worked (what the handshake was used for), but that was more specific knowledge. It was easy to find at the Wikipedia page you linked.]


#6

Today I checked: my router supports WPA2-only and I changed to that. But for some reason my FP2 couldn’t connect anymore. The only visible difference is: the home router only has 2.4MHz while at work it’s 5MHz. But no idea if that can have any effect on the cryptographic functions. I guess different vendor implementations are to blame here.

In fact my question originally arose from someone on Twitter having problems with their wifi and there was a comment in https://bugtracker.fairphone.com/project/fairphone-android-7/issue/87 that one person was able to fix their problem by switching to “WPA + WPA2” instead of “WPA2” (with the clear hint about security concerns).


#7

No idea why that’d happen, :man_shrugging:


#8

For completeness sake, I’m on LOS, and my router is WPA2+CCMP, no problems connecting. So it’s not a hardware thing, I’d say


#9

My FP2 shows for WLAN settings “Security - WPA2 PSK”.
And it connects really fine building a quite stable connection.
If my memory serves me right, that’s the router setting.


#10

Funny thing: in the room with a repeater at home, the connections shows as WPA2 on 5Mhz


#12

WP2 is the best for wifi security.