Wpa configuration – Teletronics TT 2400 User Manual

WPA Configuration

Short for Wi-Fi Protected Access, a Wi-Fi standard that was designed to improve upon the security features of WEP.
WPA has the following improvements over the WEP.

Improved data encryption through the temporal key integrity protocol (TKIP). TKIP scrambles the keys using a hashing
algorithm and, by adding an integrity-checking feature, ensures that the ke

ys haven’t been tampered with.

User authentication, which is generally missing in WEP, through the extensible authentication protocol (EAP). WEP
regulates access to a wireless network based on a computer’s hardware-specific MAC address, which is relatively
simple to be sniffed out and stolen. EAP is built on a more secure public-key encryption system to ensure that only
authorized network users can access the network.


WPA Enabled

To enable the WPA Authenticator

*Remember that any client that does not support the WPA standard will not be able to handshake / authenticate with
WPA enabled.


WPA Mode



WPA

o WPA addresses all known vulnerabilities in WEP, the original, less secure 40 or 104-bit encryption

scheme in the IEEE 802.11 standard. WPA also provides user authentication, since WEP lacks any
means of authentication. Designed to secure present and future versions of IEEE 802.11 devices,
WPA is a subset of the IEEE 802.11i specification. WPA replaces WEP with a strong new encryption
technology called Temporal Key Integrity Protocol (TKIP) with Message Integrity Check (MIC). It also
provides a scheme of mutual authentication using either IEEE 802.1X/Extensible Authentication
Protocol (EAP) authentication or pre-shared key (PSK) technology. WPA was designed and has been
scrutinized by well-known cryptographers. It can be implemented immediately and inexpensively as a
software or firmware upgrade to most existing Wi-

Fi CERTIFIED™ access points and client devices

with minimal degradation in network performance. WPA offers standards-based, Wi-Fi CERTIFIED
security. It assures users that the Wi-Fi CERTIFIED devices they buy will be cross-vendor compatible.
When properly installed, WPA provides a high level of assurance to enterprises, small businesses and
home users that data will remain protected and that only authorized users may access their networks.
For enterprises that have already deployed IEEE 802.1X authentication, WPA offers the advantage of
leveraging existing authentication databases and infrastructure.



WPA2

o WPA2 is the second generation of WPA security; providing enterprise and consumer Wi-Fi® users with

a high level of assurance that only authorized users can access their wireless networks. Launched in
September 2004 by the Wi-Fi Alliance, WPA2 is the certified interoperable version of the full IEEE
802.11i specification which was ratified in June 2004. Like WPA, WPA2 supports IEEE 802.1X/EAP
authentication or PSK technology. It also includes a new advanced encryption mechanism using the
Counter-Mode/CBC-MAC Protocol (CCMP) called the Advanced Encryption Standard (AES). AES
satisfies U.S. government security requirements. It has been adopted as an official government
standard by the U.S. Department of Commerce and the National Institute of Standards and
Technology (NIST). Organizations that require the AES encryption available in WPA2 should be aware
that upgrading to it may require new hardware. Section II of this document offers a roadmap for
organizations planning to upgrade to WPA2. Considerations for its deployment are outlined in Section
III.

Cipher Type



TKIP

o Temporal Key Integrity Protocol is an upgrade to the WEP known as WEP 1.1 that fixes known

security problems in WEP’s implementation of the RC4 stream cipher. TKIP scrambles the keys using