802.11i / WPA2

December 2016

Introduction to 802.11i

802.11i was ratified on 24 June 2004, in order to address security issues in WiFi networks. Like WPE, it relies on the TKIP encryption algorithm, but it also supports the much more secure AES (Advanced Encryption Standard).

The Wi-Fi Alliance created a new certification, called WPA2, for devices that support the 802.11i standard (like laptop computers, PDAs, network cards, etc.)

Unlike WPA, WPA2 can secure wireless networks in infrastructure mode as well as networks in ad hoc mode.

WPA Architectures

The IEEE 802.11i standard defines two operating modes:

  • WPA-Personal: This mode allows for the implementation of a secure infrastructure based on WPA without having to implement an authentication server. WPA-Personal rests on the use of a shared key, called PSK for Pre-shared Key, which is stored at both the access point and the client devices. Unlike WEP, it is not necessary to enter a key of pre-defined length. WPA lets the user enter a passphrase, which a hash algorithm then converts into a PSK.
  • WPA-Enterprise: Enterprise mode requires 802.1x authentication infrastructure using an authentication server, generally a RADIUS server (which stands for Remote Authentication Dial-in User Service), and a network controller (the access point).

More information


Related :


802.11i / WPA2
802.11i / WPA2
802.11i / WPA2
802.11i / WPA2
802.11i/WPA2
802.11i/WPA2
802.11i / WPA2
802.11i / WPA2
This document entitled « 802.11i / WPA2 » from CCM (ccm.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.