Wireless Access

Reply
Frequent Contributor I
Posts: 63
Registered: ‎03-17-2016

What AES bitrate does wpa2-aes encryption use?

Another forum post indicated that TAC stated WPA2-AES-PSK used 256 bit since ArubaOS 6.3.

 

Does this same apply to 802.1x  WPA2-AES?

Wireless newb
MVP
Posts: 465
Registered: ‎11-04-2011

Re: What AES bitrate does wpa2-aes encryption use?

Patrick,

 

That question is not so easy to answer. WPA2-PSK and WPA2-Enterprise both use 128 bit keys (TK1 & TK2)  for the data encryption. However that key is derived from a Master key (MK) that must be at least 128 bits long (key strength), and it depends on what provides the MK what the actual strength is. For WPA2-PSK it is derived from the PSK, for WPA2 Enterprise it is derived during the authentication.

 

This is defined in the 802.11i standard (https://www.ietf.org/rfc/rfc4017.txt), and if you want to understand it more, you can check the standard itself or a better readable summary like http://tldp.org/HOWTO/8021X-HOWTO/intro.html#Key

 

Be warned: there are quite some keys, derivation, algorithms used together each with its own key length and purpose. That makes is impossible to answer your question.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC.
Frequent Contributor I
Posts: 63
Registered: ‎03-17-2016

Re: What AES bitrate does wpa2-aes encryption use?

I've found mention of Aruba platforms supporting AES-256-GCM with an ACR license, and that Aruba platforms also support suite B cyphers. Without the license, we use AES-CCM .

 

ref http://www.arubanetworks.com/techdocs/ArubaOS_65x_WebHelp/Content/ArubaFrameStyles/VirtualAPs/SSID_Profiles.htm

 

If I understand it correctly, it sounds as if 256 bit encryption is possible.  Without the ACR license, it is unlikely that a normal controller running WPA2-AES w/ 802.1x auth is using 256 bit encryption, though.

Wireless newb
Guru Elite
Posts: 8,456
Registered: ‎09-08-2010

Re: What AES bitrate does wpa2-aes encryption use?

Do you need Suite B ciphers in your environment?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 63
Registered: ‎03-17-2016

Re: What AES bitrate does wpa2-aes encryption use?

It isn't so much as we -need- 256-bit or suite b encryption -- we are currently under an audit, and I'm trying to find out a definitive yes/no for the standard wpa2-aes encryption opmode bitrate.  The documentation I've found doesn't clearly say it one way or another.

Wireless newb
Search Airheads
Showing results for 
Search instead for 
Did you mean: