*** Welcome to piglix ***

Wi-Fi Protected Setup


Wi-Fi Protected Setup (WPS; originally, Wi-Fi Simple Config) is a network security standard to create a secure wireless home network.

Created by the Wi-Fi Alliance and introduced in 2006, the goal of the is to allow home users who know little of wireless security and may be intimidated by the available security options to set up Wi-Fi Protected Access, as well as making it easy to add new devices to an existing network without entering long passphrases. Prior to the standard, several competing solutions were developed by different vendors to address the same need.

A major security flaw was revealed in December 2011 that affects wireless routers with the WPS PIN feature, which most recent models have enabled by default. The flaw allows a remote attacker to recover the WPS PIN in a few hours with a brute-force attack and, with the WPS PIN, the network's WPA/WPA2 pre-shared key. Users have been urged to turn off the WPS PIN feature, although this may not be possible on some router models.

The standard emphasizes usability and security, and allows four modes in a home network for adding a new device to the network:

The last two modes are usually referred to as out-of-band methods as there is a transfer of information by a channel other than the Wi-Fi channel itself. Only the first two modes are currently covered by the WPS certification. The USB method has been deprecated and is not part of the Alliance's certification testing.

Some wireless access points have a dual-function WPS button, and holding this button down for a shorter or longer time may have other functions, such as factory-reset or toggling WiFi.

Some manufacturers, such as Netgear, use a different logo and/or name for Wi-Fi Protected Setup; the Wi-Fi Alliance recommends the use of the Wi-Fi Protected Setup Identifier Mark on the hardware button for this function.

The WPS protocol defines three types of devices in a network:

The WPS standard defines three basic scenarios that involve components listed above:

The WPS protocol consists of a series of message exchanges that are triggered by a user action, relying on an exchange of descriptive information that should precede that user's action. The descriptive information is transferred through a new Information Element (IE) that is added to the beacon, probe response, and optionally to the probe request and association request/response messages. Other than purely informative type-length-values, those IEs will also hold the possible and the currently deployed configuration methods of the device.


...
Wikipedia

...