Pages

Friday, February 1, 2013

What is Wi-Fi Protected Setup (WPS)

Nowadays Wi-Fi is common in many houses and offices.But Configuring the AP is not easy for new users. If they want to configure the better security such a way that others don't use your Wi-Fi ,we should configure Higher security methods like WPA/WPA2. If they use open security others can easily access your network.

        To overcome this problem Wi-Fi introduced the concept of Wi-Fi Protected Setup(WPS) which is the easy way to configure your new Wi-Fi setup securely without understanding higher security methods like WPA/WPA2.

Wi-Fi Protected Setup certification started from  January  2007.

WPS uses WPA2 Personal method and is compatible with legacy devices that are  CERTIFIED for WPA/WPA2 Personal.


Products certified for WPS offer users at least one of three easy setup solutions
1. Personal Information Number (PIN)
2. Push Button Configuration (PBC)
3. Near-Field Communication (NFC)

WPS are tested and certified to include both PIN and PBC configurations in APs, and at a minimum, PIN in client devices.


Traditional Way of Connecting WLAN 



1. User activates the AP by connecting it to a power source and to a wired network from a computer 
2. User launches a web browser to log into an administrative page and access the AP .
3. User assigns a network name to set the SSID 
4. Navigates to a security settings page to select the type of security to be used.
5. User will  enter a passphrase which the AP will use to generate the security key .
6. The user configures the device to connect  the network through WLAN application on the device, 
7. The client device presents the user with the network names (SSIDs) of all WLANs it finds in the vicinity. 
       The user selects the appropriate network name (created in Step 3) and connects to the network
8. The user is then prompted to enter the passphrase created in Step 5 . 
9. The client and the AP exchange security credentials and the new device is securely connected to the   
     WLAN. 




With WPS we will get below benefits.


          1.  In most cases, WPS eliminates for the user Steps 2-5 of the legacy method.
          2.  it simplifies some of the remaining tasks required of the user, such as the establishment of a               
              passphrase.
          3. Ensures that the SSID and WPA2 security key are properly configured
          4 .Adding new devices is  based upon a discovery protocol that is consistent across vendors
          5. Registrar will issue the credentials of devices being enrolled on the network. Usually AP will be  
             registrar on the network.
          6. When a new device that support  for WPS comes within range of an active AP, its presence is  
              detected, communicated to the Registrar 
          7.  the user is prompted to initiate the action that authorizes the issuance of registration credentials.

1. Personal Information Number (PIN)


  • Usually called as PIN method
  • PIN is provided for each device that will join the network
  • A fixed label may be placed on a device to identify the PIN for the user, or a dynamic PIN can be generated and shown on the device’s display
  • The PIN is used to ensure that the device that the user intends to add to the network is the one that is added and to help avoid accidental or malicious attempts of others to add unintended devices to the network
  • User accesses the Registrar through a GUI on the AP, or via a Web browser or UI on another device on the network
  • User enters client’s PIN into the Registrar via UI or Web browser
  • AP validates the PIN and connects to the network through Registrar, Most the cases AP acts as Registrar.

2. Push Button Configuration (PBC)


  • Usually called as Push method
  • Network name (SSID) is generated automatically for the AP and broadcast for discovery by clients
  • User pushes buttons on both the AP and client device
  • Then AP automatically  connect to the AP and join the network. 

3. Near-Field Communication (NFC)

  • This is optional feature of WPS for connecting the network
  • Network name (SSID) is generated automatically for the AP and broadcast for discovery by clients
  • User touches an NFC-enabled client device to the NFC target mark on the AP or brings the client within close proximity of it, approximately 10cm.
  • The Registrar reads the client’s identifying credentials from an NFC token embedded in the device
  • Then AP automatically  connect to the AP and join the network. 
  • Testing for NFC began in 2008