Shared Key Authentication (SKA)

What is Shared Key Authentication (SKA)?

Shared Key Authentication (SKA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. With SKA, a computer equipped with a wireless modem can fully access any WEP network and exchange encrypted or unencrypted data.

For SKA to function, a WEP encryption key, obtained in advance by the connecting computer, must match a key stored at the wireless access point. To begin the connection process, the computer sends a request for authentication to the access point. The access point responds by generating a sequence of characters called a challenge text for the computer. The computer encrypts the challenge text with its WEP key and transmits the "message" back to the access point. The access point decrypts the "message" and compares the result with the original challenge text. If there are no discrepancies, the access point sends an authentication code to the connecting computer. Finally, the computer accepts the authentication code and becomes part of the network for the duration of the session or for as long as it remains within range of the original access point. If the decrypted "message" does not precisely agree with the original text, the access point does not allow the computer to become part of the network.

Content Continues Below

A wireless-equipped computer can connect to a WEP network access point without shared keys using a process known as Open System Authentication (OSA) but this method does not allow the computer to receive encrypted data.

This was last updated in February 2012

Next Steps

Move beyond SKA to multifactor authentication, but first read about the 11 questions to ask before buying an MFA product and dig deeper into the pros and cons of leading MFA solutions like Symantec Validation and ID Protection Service and Vasco IDENTIKEY.

Continue Reading About Shared Key Authentication (SKA)

Dig Deeper on Web authentication and access control

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Is shared key authentication really secure?
Personally, I wouldn't advice anyone to use a shared key authentication simply because I do NOT consider it secure. Just like a pre-shared key authentication, a shared key authentication verifies that the station authenticating-initiation is aware of the shared key.

Given that a shared key authentication has to be shared and typed, I tend to find such authentication system insecure especially in institutions with large network infrastructure schemes such as Universities and other corporate organizations.
In my experience, I'd say it requires people on both ends to be educated about it.  As with any tool, it can be misused.  Especially when you have an environment where it might be easy to mis share part of a key, or leave it open for malware interception due to other security issues being low.

Extensiones de Documento y Formatos de Documento

Accionado por: