Q

What limitations in 802.11b does 802.11i address?

This Content Component encountered an error

What limitations in 802.11b does 802.11i address? 802.11i specifies advanced network security features for 802.11 wireless LANs, including 802.11a, b, and g. 802.11b defined two security features: shared key authentication to prevent stations without the key from using the LAN, and wired equivalent privacy (WEP) to prevent eavesdropping on wireless traffic. Both mechanisms are better than nothing, but weak and vulnerable to attack and...

key compromise.

802.11i effectively deprecates shared key authentication by replacing it with two options: pre-shared secret authentication and authentication using 802.1X port-based access control. Pre-shared secrets are stronger than shared keys because they are not used directly for encryption and have more entropy. However, everyone in the wireless LAN must still have the same secret, so it is like a group password. 802.1X makes it possible for each user to authenticate with different credentials - for example, everyone can have his or her own username and password. But since 802.1X requires a RADIUS server, it will probably only be used by business WLANs.

802.11i also replaces WEP with TKIP. TKIP uses a key mixing function to generate dynamic encryption keys that change over time. This essentially prevents frames from being sent with the same key, which makes it much, much harder to crack the key using a hacker tool. TKIP also adds a longer initialization vector, a message integrity check, and a sequence number. The longer vector also helps to prevent key reuse, while the integrity check and sequence number lets recipients verify that incoming frames haven't been recorded, modified (forged), and replayed.

The features I mentioned so far are available today in products that support Wi-Fi Protected Access (WPA), a snapshot of 802.11i. The final 802.11i standard will not be done until next year. It will include additional security features, like stronger, more efficient encryption based on the newer Advanced Encryption Standard (AES).

This was first published in August 2003

Dig deeper on Wireless LAN Implementation

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close