With the recent ratification of 802.11i, and the certification and availability of products enabled for the wireless security specification, the time seems right for enterprises to feel safe in adopting wireless networking en masse. However, eWEEK Labs has found that issues ranging from incompatible legacy hardware to uneven migration strategies may slow adoption of 802.11i technology. To be sure, 802.11i is a huge step forward—it's the first standardized wireless security solution with which government and businesses can be comfortable.Built upon strong AES-CCMP (Advanced Encryption Standard-Counter Mode/ CBC-MAC Protocol)-based encryption, 802.11i avoids the IV (initialization vector) and MIC (Message Integrity Check) flaws that doomed the WEP (Wired Equivalent Privacy) security standard. By relying on AES-CCMP, a block cipher, 802.11i ensures not only that the packet data payload is encrypted but also that selected packet header fields are protected.
802.11i includes a complex series of communications and key exchanges designed to mutually authenticate wireless clients and access points and to reduce as much as possible the impact on back-end authentication systems.
In response to a requesting client's probe, an 802.11i-enabled access point responds with an RSN (Robust Secure Network) Information Element that advertises the network's enabled authentication suites and ciphers. The client then selects a mutually compatible setting and initiates an open system authentication to the access point, which verifies the compatible settings and completes the association request. At this time, 802.1x authentication begins.
Read this full article at eweek.com
|
|
Only registered users can write comments.
Please login or register.
Powered by AkoComment!