Connectivity and Data Protection
FIGURE 3.10
WEP Data Frame Body Structure Using WEP
Wi-Fi
®
Protected Access (WPA
®
), 802.1X/EAP, & 802.11i
Because 802.11 WEP was easy to crack, the Wi-Fi Alliance took a bold
step forward to expedite the availability of effective, standardized
wireless LAN security by defining Wi-Fi Protected Access (WPA).
Most wireless LAN vendors now support WPA. The initial WPA
(version 1) is actually a snapshot of the 802.11i standard, which
includes Temporal Key Integrity Protocol (TKIP) and the IEEE
802.1X/EAP authentication framework. The combination of these two
mechanisms provides dynamic key distribution and mutual
authentication, something much needed in wireless LANs. WPA2
(version 2) is the Wi-Fi Alliance’s® security interoperability
certification that complies with the 802.11i standard.
TKIP
As with WEP, TKIP uses the RC4 stream cipher provided by RSA
Security to encrypt the frame body of each 802.11 frame before
transmission. The cryptographic weakness issues with WEP have little
to do with the RC4 encryption algorithm. Instead, the problems
primarily relate to key generation and how encryption is implemented.
