I asked ChatGPT several Wi-Fi security questions. See how it responded and my ratings for each!
Happy new year, and welcome to the first edition of “Ask JJX.” I had a few questions to pick from (and I’ll try to work through as many as I can) but this inquiry quite literally made me laugh out loud.
“Your book is really long. Can I just use ChatGPT to learn about wireless security?”
Touché, Randy, touché.
It’s a valid and, in my opinion, an interesting question. I’ve conversed with ChatGPT and asked it critical questions such as “I’ve never seen Doctor Who. Which series should I start with?” Although my Doctor Who fan friends vehemently disagree with Professor GPT, its rationale made sense to me.
So back to the burning question of, “Can I learn Wi-Fi security from ChatGPT?” The short answer is—kinda. I asked several Wi-Fi-related questions in ChatGPT. I’ve shared the questions and responses below, along with a rating for each response.
Read more of my #AskJJX content at Packet Pushers!
The longer answer is that while ChatGPT impressed me with its (her? his?) knowledge of even some of the more obscure protocol and terms in Wi-Fi, it failed to stitch together different pieces of information. Specifically it seems unaware of the timeline of technologies and standards, and is not able to answer the question of what’s current or how to get from point A to point B in a migration.
Before we get into ChatGPT, I do have to defend the book length. The book referenced is “Wireless Security Architecture: Designing and Maintaining Secure Wireless for Enterprise“, and yes it did end up as a 600-page volume. But, it’s comprehensive, covers all industries and sizes of organizations, and (this is for you, Randy) – it includes several cheat sheets including a full Appendix with just tables of what to design and configure, if you didn’t want to read the whole book.
Here’s an excerpt of my Q&A session with ChatGPT.
ChatGPT: “Wi-Fi is a technology… Wi-Fi security is important because it protects the information transmitted over the network from being accessed by unauthorized users. There are several types of security measures that can be used to protect Wi-Fi networks:
Encryption: This is the process of encoding data so that it can only be accessed by someone with the correct decryption key. Wi-Fi networks can use several different encryption standards, such as WEP, WPA, and WPA2. WPA2 is currently the most secure option, as it uses a strong encryption algorithm called AES to secure data…
My rating: ?????
ChatGPT gets a solid 2 out of 5 for this one. It’s conceptually accurate for someone with no knowledge of Wi-Fi or security. However, WEP and WPA are very old and deprecated. WPA2 can (and should) use AES but also supports TKIP. There’s no mention of WPA3!!
ChatGPT: Its response was long. It did call out Simultaneous Authentication of Equals (SAE) which is the AKM that replaces the WPA2-Personal Pre-Shared Key (PSK) function. It mentions Opportunistic Wireless Encryption (OWE), which isn’t technically part of WPA3, but I’m okay with it.
My rating: ?????
I can’t in good faith award anything that a 1-star here. I’m giving a point for the SAE and OWE call-outs, however ChatGPT missed several critical pieces here. WPA3 not only includes, but is defined by, the use of Protected Management Frames — something it didn’t even mention. Also, even though SAE is mentioned, it did not put that in the context of WPA3-Personal classes of networks, and it makes no mention of the enhancements for WPA3-Enterprise including the 192-bit security option. It also claims that WPA3 is not backwards compatible with WPA2. While technically accurate in the strictest interpretation, there is a WPA3-Transition Mode that supports both standards simultaneously on the same SSID available for both Personal/Passphrase and Enterprise/802.1X networks, so this isn’t really true.
ChatGPT: “IEEE 802.1X is a networking standard that defines an authentication framework for wired and wireless networks. It is often used in conjunction with the Extensible Authentication Protocol (EAP) to provide secure authentication for devices attempting to access a network.” It went on to define the steps involved in the AP communicating to the Authentication Server (RADIUS).
My rating: ?????
I’m giving a 4. ChatGPT’s answer was in no way technical enough in nature to appease the more discerning of my fellow engineers, but the information it did provide was accurate. No complaints here.
All in all, when asked pointed questions about a specific technology or operation, ChatGPT did a pretty good job. When asked about comparing WPA2 to WPA3, or how to migrate to the latest security, it fell on its face.
Sorry Randy. I guess you’ll still need the book. ?
If you want to learn more about ChatGPT or give it whirl yourself, visit https://chat.openai.com/. Oh, and if you find any amazing or amusing answers about Wi-Fi security, please share!
Check it out to see how ChatGPT did in answering Wi-Fi Security questions.
Read more of my #AskJJX content at Packet Pushers!