What limitations in 802.11b does 802.11i address? 802.11i specifies advanced network security features for 802.11 wireless LANs, including 802.11a, b, and g. 802.11b defined two security features: shared key authentication to prevent stations without the key from using the LAN, and wired equivalent privacy (WEP) to prevent eavesdropping on wireless traffic. Both mechanisms are better than nothing, but weak and vulnerable to attack and...
802.11i effectively deprecates shared key authentication by replacing it with two options: pre-shared secret authentication and authentication using 802.1X port-based access control. Pre-shared secrets are stronger than shared keys because they are not used directly for encryption and have more entropy. However, everyone in the wireless LAN must still have the same secret, so it is like a group password. 802.1X makes it possible for each user to authenticate with different credentials - for example, everyone can have his or her own username and password. But since 802.1X requires a RADIUS server, it will probably only be used by business WLANs.
802.11i also replaces WEP with TKIP. TKIP uses a key mixing function to generate dynamic encryption keys that change over time. This essentially prevents frames from being sent with the same key, which makes it much, much harder to crack the key using a hacker tool. TKIP also adds a longer initialization vector, a message integrity check, and a sequence number. The longer vector also helps to prevent key reuse, while the integrity check and sequence number lets recipients verify that incoming frames haven't been recorded, modified (forged), and replayed.
The features I mentioned so far are available today in products that support Wi-Fi Protected Access (WPA), a snapshot of 802.11i. The final 802.11i standard will not be done until next year. It will include additional security features, like stronger, more efficient encryption based on the newer Advanced Encryption Standard (AES).
Related Q&A from Lisa Phifer, Wireless Networking Expert
Wireless expert Lisa A. Phifer explains to what extent WEP cracking remains a worrisome issue. It all depends on your company's WLAN security policy.continue reading
Wireless expert, Lisa Phifer explains that it may not be worth enhancing Wi-Fi ad hoc mode since Wi-Fi Direct is a better alternative for enabling ...continue reading
Wireless expert Lisa Phifer responds to a question regarding a Mi-Fi and Android smartphone mobile hotspot comparison. She provides an in depth ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.