How are Wi-Fi passwords sent to the router securely

How are Wi-Fi passwords sent to the router securely


Maybe I’m just being stupid, but whenever you type the password to gain access to a certain Wi-Fi network, how is the password sent to the router securely? Wouldn’t it be easy to intercept the password and thus gain access to the network?

Best Answer

  • The wifi password is never sent to the router. The pre-shared-key is something they already both know, so all the client and AP have to do is prove to each other they know what it is.

    The PSK, or password, is used to create a pairwise master key (PMK). You can think of this as the password you type in characters converted to a proper key that can be used for encryption and authentication.

    The AP transmits an Anonce, which is just an internally created random number effectively.

    The client creates an Snonce which is another random number. It then uses the PMK, and the Anonce and the Snonce to create a MIC – a message integrity check.

    The MIC and the Snonce are sent back to the AP. The AP goes through the same process the client would have, by using the Anonce, the Snonce and the PMK, it should be able to create the same MIC that it received from the client. If it did, then both parties have confirmed they know the preshared key.

    Both parties use this same info to create a PTK – pairwise transient key, with which (indirectly) they encrypt data going across the wire.

    So neither party needs to actually communicate the secret across the wire.

  • Add a Comment

    Your email address will not be published. Required fields are marked *