NETGEAR Double 108 Mbps Wireless PC Card WG511U User Manual

User’s Manual for the NETGEAR Double 108 Mbps Wireless PC Card 32-bit CardBus WG511U

Wireless Networking Basics

B-17

August 2004

The supplicant in the station uses the authentication and cipher suite information contained in
the information elements to decide which authentication method and cipher suite to use. For
example, if the access point is using the Pre-shared key method then the supplicant need not
authenticate using full-blown 802.1X. Rather, the supplicant must simply prove to the access
point that it is in possession of the pre-shared key. If the supplicant detects that the service set
does not contain a WPA information element then it knows it must use pre-WPA 802.1X
authentication and key management in order to access the network.

•

Key management. WPA features a robust key generation/management system that integrates
the authentication and data privacy functions. Keys are generated after successful
authentication and through a subsequent 4-way handshake between the station and Access
Point (AP).

•

Data Privacy (Encryption). Temporal Key Integrity Protocol (TKIP) is used to wrap WEP in
sophisticated cryptographic and security techniques to overcome most of its weaknesses.

•

Data integrity. TKIP includes a message integrity code (MIC) at the end of each plaintext
message to ensure messages are not being spoofed.

Figure B-6: WPA/802.1x Authentication Sequence

1

2

3

4

5

6

7

Client with a WPA-enabled
wireless adapter and

supplicant

For example, a

WPA-enabled AP

For example, a

RADIUS server