Task $4$:

In IEEE $802\mathrm{.}11,$ open system authentication simply consists of two communications. An authentication is

requested by the client, which contains the station ID $($typically the MAC address$).$ This is followed by an

authentication response from the AP$/$router containing a success or failure message. An example of when

a failure may occur is if the client's MAC address is explicitly excluded in the AP$/$router configuration.

a$)$ What are the benefits of this authentication scheme?

b$)$ What are the security vulnerabilities of this authentication scheme?

Task $5$:

Prior to the introduction of IEEE $802\mathrm{.}11i,$ the security scheme for IEEE $802\mathrm{.}11$ was Wired Equivalent Privacy

$($WEP$).$ WEP assumed all devices in the network share a secret key. The purpose of the authentication

scenario is for the STA to prove that it possesses the secret key. Authentication proceeds as shown in

Figure below. The STA sends a message to the AP requesting authentication. The AP issues a challenge,

which is a sequence of $128$ random bytes sent as plaintext. The STA encrypts the challenge with the shared

key and returns it to the AP$.$ The AP decrypts the incoming value and compares it to the challenge that it

sent. If there is a match, the AP confirms that authentication has succeeded.

a$)$ What are the benefits of this authentication scheme?

b$)$ This authentication scheme is incomplete. What is missing and why is this important? Hint: The

addition of one or two messages would fix the problem.

c$)$ What is a cryptographic weakness of this scheme?

This has $tobe$ done $by$ hand written. Hand written answers onlyy