Wireless Access

Not applicable

802.11 Security Fundamentals #BMC

A quick overview of the security 802.11 has utilized of the years. Security was my weak spot when trying to acheive certifications. There are many ways to secure a network this is just a highlight if you will of the major updates.



The first amendment of 802.11 employed WEP as a form of security. This was quickly determined to be very insecure. The existence of WEP was short lived as the Wi-Fi Alliance released WPA.



WPA used another form of encryptionknown as TKIP. WPA used TKIP for encryption and the RC4 algorithm was reused. WPA utilized a PSK or pre-shared key and was sometimes known as WPA PSK. WPA also had an enterprise version that used 802.1x and requires a radius server for authentication. Because WPA still used the RC4 algorithm the weakness still existed for different attacks to the network, this pushed the release of WPA2.



WPA2 was a new robust certification that used a new encryption method CCMP and a new cipher AES. The new certification also delivered two versions. First one is WPA2-Personal for SOHO type deployments and WPA-2 Enterprise for businesses to utilize. WPA2 personal still used a pre-shared key but thanks to the new encryption and cipher it was much more secure than the previous WPA. The enterprise is similar to WPA in the fact it used 802.1x or EAP for authentication like WPA, but the new encryption and cipher rendered it the most secure to date.

New Contributor

Re: 802.11 Security Fundamentals #BMC

WPA was released to address the weakness of WEP until WPA2 was ready for prime time. The ultimate security with WPA2 personal is selecting a completely random passphrase of at least 20 plus characters… common dictionary words or something easily guessed is not recommended. Thanks, Dale

Search Airheads
Showing results for 
Search instead for 
Did you mean: