Configuring wpa/wpa2 using, Tkip and ccmp, Configuring wpa/wpa2 using tkip and ccmp – Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual
Page 142
128
Brocade Mobility RFS7000-GR Controller System Reference Guide
53-1001944-01
Viewing and configuring switch WLANs
4
Configuring WPA/WPA2 using TKIP and CCMP
Wi-Fi Protected Access (WPA) is a robust encryption scheme specified in the IEEE Wireless Fidelity
(Wi-Fi) standard, 802.11i. WPA provides more sophisticated data encryption than WEP. WPA is
designed for corporate networks and small-business environments where more wireless traffic
allows quicker discovery of encryption keys by an unauthorized person.
WPA's encryption method is Temporal Key Integrity Protocol (TKIP). TKIP addresses WEP’s
weaknesses with a re-keying mechanism, a per-packet mixing function, a message integrity check,
and an extended initialization vector. WPA also provides strong user authentication based on
802.1x EAP.
WPA2 is a newer 802.11i standard that provides even stronger wireless security than WPA and
WEP. CCMP is the security standard used by the Advanced Encryption Standard (AES). AES serves
the same function TKIP does for WPA-TKIP. CCMP computes a Message Integrity Check (MIC) using
the proven Cipher Block Chaining (CBC) technique. Changing just one bit in a message produces a
totally different result.
WPA2-CCMP is based on the concept of a Robust Security Network (RSN), which defines a
hierarchy of keys with a limited lifetime (similar to TKIP). Like TKIP, the keys the administrator
provides are used to derive other keys. Messages are encrypted using a 128-bit secret key and a
128-bit block of data. The end result is an encryption scheme as secure as any the switch provides.
To configure WPA/WPA2-TKIP/CCMP encryption:
1. Select Network > Wireless LANs from the main menu tree.
2. Select an existing WLAN from those displayed within the Configuration tab and click the Edit
button.
A WLAN screen displays with the WLAN’s existing configuration. Refer to the Authentication
and Encryption columns to assess the WLAN’s existing security configuration.
3. Select either the WPA/WPA2-TKIP or WPA2-CCMP button from within the
Encryption field.
4. Click the Config button to the right of the WPA/WPA2-TKIP and WPA2-CCMP checkboxes.
The WPA/WPA2-TKIP/CCMP screen displays. This single screen can be used to configure
either WPA/WPA2-TKIP or WPA-CCMP.