Manualshelf

User's Manual

ManualsBrandsEION ManualsElectronicsWIRELESS NETWORKING DEVICE
51525354555657585960
Table Of Contents
Applies Temporal Key Integrity Protocol (TKIP) on existing RC4 WEP to impose strong data en-
cryption.
Uses Michael Message Integrity Check for message integrity. MIC is based on a 128-bit temporal
key that is shared by both clients and access points, a MAC address of a client device and a 48-bit
initialization vector describes a packet sequence number.
Temporal Key Integrity Protocol (TKIP) is aimed to address WEP's known vulnerabilities in the area
of data encryption. Specifically, TKIP fixes the security flaw of key reuse in WEP.
In order to be compatible with existing hardware, TKIP uses the same encryption algorithm (RC4) as
WEP. As such, only a software or firmware upgrade is required to implement TKIP. Compared with
WEP, TKIP changes the temporal keys every 10000 packets. This dynamic distribution leaves potential
attackers little room to crack the TKIP key. In general, most security experts believe that TKIP is a
stronger encryption than WEP. However, they also agree that TKIP is an interim solution because of
its use of RC4 algorithm.
Finally, Message Integrity Check (MIC) is a 64-bit message calculated using "Michael" algorithm. Its
aim is to detect potential packet content alteration due to transmission error or deliberate manipulation.
The MIC is much more reliable than generic CRC32 checksum of IEEE 802.11.
WPA PSK
WPA can also be used in a less secure pre-shared key (PSK) mode, where every supplicant is given
the same pass-phrase. WPA-PSK is suitable for small sites, when authentication server deployment is
unreasonable.
IEEE 802.11i WPA2
The 802.11i specification is a solution that the IEEE 802.11 committee designed to target security
problems created by the WEP. 802.11i has all the advantages provided by WPA as mentioned above.
In addition, 802.11i offers:
stronger encryption through the implementation of AES;
roaming support.
IEEE 802.11i uses CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code
Protocol). Advanced Encryption Standard (AES) is a core algorithm of CCMP. In the CCMP, unlike
TKIP, key management and message integrity is handled by a single component built around AES.
LibraPlus implements both WPA and WPA2 support.
4.2.5.2. Configuring Wired Equivalent Privacy (WEP)
LibraPlus supports 40 and 104 bit WEP encryption. One can configure up to four WEP keys per inter-
face. Each key is identified by index from 1 to 4. The keys are static. Only one key is used at a time,
the keys can be selected manually using the interface encryption key command.
47
Configuration