Filter
Top Products
Appendix D Wireless LANs
NBG-460N User’s Guide
365
If this feature is enabled, it is not necessary to configure a default encryption key
in the Wireless screen. You may still configure and store keys here, but they will
not be used while Dynamic WEP is enabled.
Note: EAP-MD5 cannot be used with dynamic WEP key exchange
For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and
PEAP) use dynamic keys for data encryption. They are often deployed in corporate
environments, but for public deployment, a simple user name and password pair
is more practical. The following table is a comparison of the features of
authentication types.
WPA(2)
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2
(IEEE 802.11i) is a wireless security standard that defines stronger encryption,
authentication and key management than WPA.
Key differences between WPA(2) and WEP are improved data encryption and user
authentication.
Encryption
Both WPA and WPA2 improve data encryption by using Temporal Key Integrity
Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. In addition to
TKIP, WPA2 also uses Advanced Encryption Standard (AES) in the Counter mode
with Cipher block chaining Message authentication code Protocol (CCMP) to offer
stronger encryption.
Temporal Key Integrity Protocol (TKIP) uses 128-bit keys that are dynamically
generated and distributed by the authentication server. It includes a per-packet
key mixing function, a Message Integrity Check (MIC) named Michael, an
extended initialization vector (IV) with sequencing rules, and a re-keying
mechanism.
Table 134 Comparison of EAP Authentication Types
EAP-MD5 EAP-TLS EAP-TTLS PEAP LEAP
Mutual Authentication No Yes Yes Yes Yes
Certificate – Client No Yes Optional Optional No
Certificate – Server No Yes Yes Yes No
Dynamic Key Exchange No Yes Yes Yes Yes
Credential Integrity None Strong Strong Strong Moderate
Deployment Difficulty Easy Hard Moderate Moderate Moderate
Client Identity
Protection
No No Yes Yes No