802.11i / WPA2

Latest update on Thursday 16 October 2008 à 09:43 by Jean-François Pillou.

Introduction to 802.11i

802.11i was ratified on 24 June 2004, in order to address security issues in WiFi networks. Like WPE, it relies on the TKIP encryption algorithm, but it also supports the much more secure AES (Advanced Encryption Standard).

The Wi-Fi Alliance created a new certification, called WPA2, for devices that support the 802.11i standard (like laptop computers, PDAs, network cards, etc.)

Unlike WPA, WPA2 can secure wireless networks in infrastructure mode as well as networks in ad hoc mode.

WPA Architectures

The IEEE 802.11i standard defines two operating modes:

WPA-Personal: This mode allows for the implementation of a secure infrastructure based on WPA without having to implement an authentication server. WPA-Personal rests on the use of a shared key, called PSK for Pre-shared Key, which is stored at both the access point and the client devices. Unlike WEP, it is not necessary to enter a key of pre-defined length. WPA lets the user enter a passphrase, which a hash algorithm then converts into a PSK.
WPA-Enterprise: Enterprise mode requires 802.1x authentication infrastructure using an authentication server, generally a RADIUS server (which stands for Remote Authentication Dial-in User Service), and a network controller (the access point).

More information

Introduction of WPA2 by the Wi-Fi Alliance

802.11i vs wpa2
Psp wifi not supported wpa2 - How-To - PSP

This document, titled « 802.11i / WPA2 », is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (ccm.net).

WPA

WiFi

Introduction to 802.11i

WPA Architectures

More information

Subscribe To Our Newsletter!