Wireless Access

Frequent Contributor II

What AES bitrate does wpa2-aes encryption use?

Another forum post indicated that TAC stated WPA2-AES-PSK used 256 bit since ArubaOS 6.3.


Does this same apply to 802.1x  WPA2-AES?

rwin = 0

Re: What AES bitrate does wpa2-aes encryption use?



That question is not so easy to answer. WPA2-PSK and WPA2-Enterprise both use 128 bit keys (TK1 & TK2)  for the data encryption. However that key is derived from a Master key (MK) that must be at least 128 bits long (key strength), and it depends on what provides the MK what the actual strength is. For WPA2-PSK it is derived from the PSK, for WPA2 Enterprise it is derived during the authentication.


This is defined in the 802.11i standard (https://www.ietf.org/rfc/rfc4017.txt), and if you want to understand it more, you can check the standard itself or a better readable summary like http://tldp.org/HOWTO/8021X-HOWTO/intro.html#Key


Be warned: there are quite some keys, derivation, algorithms used together each with its own key length and purpose. That makes is impossible to answer your question.

If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Frequent Contributor II

Re: What AES bitrate does wpa2-aes encryption use?

I've found mention of Aruba platforms supporting AES-256-GCM with an ACR license, and that Aruba platforms also support suite B cyphers. Without the license, we use AES-CCM .


ref http://www.arubanetworks.com/techdocs/ArubaOS_65x_WebHelp/Content/ArubaFrameStyles/VirtualAPs/SSID_Profiles.htm


If I understand it correctly, it sounds as if 256 bit encryption is possible.  Without the ACR license, it is unlikely that a normal controller running WPA2-AES w/ 802.1x auth is using 256 bit encryption, though.

rwin = 0
Guru Elite

Re: What AES bitrate does wpa2-aes encryption use?

Do you need Suite B ciphers in your environment?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: What AES bitrate does wpa2-aes encryption use?

It isn't so much as we -need- 256-bit or suite b encryption -- we are currently under an audit, and I'm trying to find out a definitive yes/no for the standard wpa2-aes encryption opmode bitrate.  The documentation I've found doesn't clearly say it one way or another.

rwin = 0
Search Airheads
Showing results for 
Search instead for 
Did you mean: