IEEE 802.11i
This tutorial has been building toward this discussion-almost everything discussed so far will help you understand the why and the how behind IEEE 802.11i.
The why was answered in the discussion about WEP and WPA. WEP was one of the earlier attempts at providing some kind of security for wireless communications. In due time, several vulnerabilities were discovered in WEP that made it no longer suitable. However, WEP was so widely engrained in so many wireless network security solutions that great care had to be taken to provide an alternative for it. This was especially important because proposed alternatives had to work with existing and widely deployed wireless hardware. The stop-gap solution was WPA, and the requirements for WPA were designed such that existing equipment that use WEP could be easily upgraded to support WPA via software or firmware updates. Eventually, WPA2 was finalized and was a big part of the IEEE 802.11i picture.
The how behind IEEE 802.11i is in all the pieces that work together to offer a longterm authentication, confidentiality, and integrity as a security solution for wireless networks. Some of the pieces are 802.1X/EAP, which is used for authentication, and the AES-CCMP, which is used for satisfying the integrity and confidentiality needs.
In this tutorial:
- Securing Wireless Networks
- Security Background
- Security Services
- Cryptographic Concepts and Terms
- Encryption and Decryption
- Keyspace
- Exclusive OR (XOR)
- Algorithm
- Asymmetric Encryption Algorithms
- Public-Private Key Cryptography
- Cipher
- Concealment Ciphers vs. Running Key Ciphers
- Stream Ciphers vs. Block Ciphers
- Cipher Examples
- Cipher Implementations
- Wi-Fi Protected Access
- TKIP/WPA
- Wi-Fi Protected Access 2 (WPA2)
- CCMP/AES
- Hash Functions
- EAP
- EAP Entities
- EAP Grammar
- EAP Types
- EAP-TTLS
- EAP-PSK
- EAP-SIM
- EAP-AKA
- IEEE 802.11i
- Four-Way Handshake
- IEEE 802.11i Considerations