4 keyguard encryption, 6 wpa2-ccmp (802.11i) encryption, Keyguard encryption -12 – Symbol Technologies AP-5131 User Manual

Page 28: Keyguard encryption, Wi-fi protected access (wpa) using tkip encryption, Wpa2-ccmp (802.11i) encryption

Advertising
background image

AP-5131 Access Point Product Reference Guide

1-12

1.2.8.4 KeyGuard Encryption

Use KeyGuard to shield the master encryption keys from being discovered through hacking. KeyGuard
negotiation takes place between the access point and MU upon association. The access point can
use KeyGuard with Symbol MUs. KeyGuard is only supported on Symbol MUs making it a Symbol
proprietary security mechanism.

For detailed information on KeyGuard configurations, see

Configuring KeyGuard Encryption on page

6-18

.

1.2.8.5 Wi-Fi Protected Access (WPA) Using TKIP Encryption

Wi-Fi Protected Access (WPA) is a security standard for systems operating with a Wi-Fi wireless
connection. WEP’s lack of user authentication mechanisms is addressed by WPA. Compared to WEP,
WPA provides superior data encryption and user authentication.

WPA addresses the weaknesses of WEP by including:

a per-packet key mixing function

a message integrity check

an extended initialization vector with sequencing rules

a re-keying mechanism

WPA uses an encryption method called Temporal Key Integrity Protocol (TKIP). WPA employs 802.1X
and Extensible Authentication Protocol (EAP).

For detailed information on WPA using TKIP configurations, see

Configuring WPA Using TKIP on page

6-20

.

1.2.8.6 WPA2-CCMP (802.11i) Encryption

WPA2 is a newer 802.11i standard that provides even stronger wireless security than Wi-Fi Protected
Access (WPA) and WEP. Counter-mode/CBC-MAC Protocol (CCMP) is the security standard used by
the Advanced Encryption Standard (AES). AES serves the same function TKIP does for WPA-TKIP.
CCMP computes a Message Integrity Check (MIC) using the proven Cipher Block Message
Authentication Code (CBC-MAC) technique. Changing just one bit in a message produces a totally
different result.

WPA2-CCMP is based on the concept of a Robust Security Network (RSN), which defines a hierarchy
of keys with a limited lifetime (similar to TKIP). Like TKIP, the keys the administrator provides are used
to derive other keys. Messages are encrypted using a 128-bit secret key and a 128-bit block of data.
the end result is an encryption scheme as secure as any the AP-5131 provides.

Advertising
Popular Brands
Popular manuals