Shared key authentication (SKA) is a verification method in which a computer or terminal uses the Wired Equivalent Privacy (WEP) protocol to access a wireless network. It pre-establishes that a requesting system has knowledge of a shared secret key required for authentication.
The Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard assumes that the key is delivered to wireless clients using a secured channel that is independent of the standard. In practice, the user simply types in the password for the Wi-Fi network in order to gain access.
Shared key authentication (SKA) is not considered a secure method of granting network access because it uses conventional unsecured channels, like writing and verbal exchange, to share a security key for granting access.
Although the dissemination of the key is a large security issue, the authentication itself is secured using 64 or 128-bit encryption. It is difficult for an intruder to gain access without knowledge of the key.
SKA employs the following steps:
- The requesting wireless device/client sends an identity assertion and authentication request to the access point (AP).
- The access point challenges the client by sending a challenge text.
- Using WEP and an encryption key, which is derived from the secret shared key (password), the client encrypts the challenge text and sends it back to the AP.
- The AP decrypts the challenge text, and if it matches the one originally sent to the client, the authentication result is positive and the AP authenticates the client.
- The client successfully connects to the network.