NETGEAR WG102 manual Temporal Key Integrity Protocol Tkip

Page 89

Reference Manual for the NETGEAR WG102 ProSafe 802.11g Wireless Access Point

Temporal Key Integrity Protocol (TKIP)

WPA uses TKIP to provide important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. TKIP also provides for the following:

The verification of the security configuration after the encryption keys are determined.

The synchronized changing of the unicast encryption key for each frame.

The determination of a unique starting unicast encryption key for each preshared key authentication.

Michael

With 802.11 and WEP, data integrity is provided by a 32-bit integrity check value (ICV) that is appended to the 802.11 payload and encrypted with WEP. Although the ICV is encrypted, you can use cryptanalysis to change bits in the encrypted payload and update the encrypted ICV without being detected by the receiver.

With WPA, a method known as Michael specifies a new algorithm that calculates an 8-byte message integrity check (MIC) using the calculation facilities available on existing wireless devices. The MIC is placed between the data portion of the IEEE 802.11 frame and the 4-byte ICV. The MIC field is encrypted together with the frame data and the ICV.

Michael also provides replay protection. A new frame counter in the IEEE 802.11 frame is used to prevent replay attacks.

Optional AES Support to be Phased In

One of the encryption methods supported by WPA, besides TKIP, is the advanced encryption standard (AES), although AES support will not be required initially for Wi-Fi certification. This is viewed as the optimal choice for security conscience organizations, but the problem with AES is that it requires a fundamental redesign of the NIC’s hardware in both the station and the access point. TKIP is a pragmatic compromise that allows organizations to deploy better security while AES capable equipment is being designed, manufactured, and incrementally deployed.

Wireless Networking Basics

B-15

October 2004

Page 88 Page 90
Image 89
Page 88 Page 90
Contents October Technical Support FCC Statement RF Exposure Warning for North America, and Australia Antenna Statement for North America and Australia 0681 Requirements For Operation in the European Community October Antenna Statement for the European Community October Contents Appendix a Specifications Appendix B Wireless Networking Basics Contents Audience, Versions, Conventions Chapter About This ManualHtml version of this manual How to Use this ManualHow to Print this Manual About This Manual Chapter Introduction Supported Standards and Conventions Key FeaturesAutosensing Ethernet Connections with Auto Uplink 802.11g Standards-based Wireless NetworkingCompatible and Related Netgear Products System RequirementsWhat’s In the Box? Need Product Photo Or Illustration Hardware DescriptionDetachable Antenna Observing Placement and Range Guidelines Chapter Basic Installation and ConfigurationCabling Requirements Feature Factory Default Settings Default Factory SettingsLUHOHVVDWD 6HFXULW\2SWLRQV Understanding WG102 Wireless Security OptionsSET UP the WG102 Access Point Installing the WG102 Access PointLogin window Web browser will then display the WG102 settings Configure the settings appropriate for your network Deploy the WG102 Access Point Verify Wireless Connectivity How to Log In to the WG102 Using Its Default IP Address Understanding Basic Wireless Settings Basic Installation and Configuration Understanding WEP/WPA Security Options Wireless Security SettingsWireless LAN options are explained in the following table Field Description WPA-PSK Wi-Fi WEP Encryption Keys Before You Change the Ssid and WEP SettingsHow to Set Up and Test Basic Wireless Connectivity Select the Turn Access Control On check box How to Restrict Wireless Access by MAC AddressTo configure WEP data encryption, follow these steps How to Configure WEPHow to Configure WPA 11 Wireless Settings menu 13 Wireless Settings menu How to Configure WPA-PSKIP Address Using the Basic IP Settings OptionsTime Zone Chapter Management Using Syslog and Activity Log InformationThis screen shows the following parameters Viewing General, Log, Station, and Statistical InformationGeneral Information Fields Statistics Field Description Wired Ethernet Received/TransmittedViewing a List of Attached Devices Upgrading the Wireless Access Point SoftwareSettings Backup menu Configuration File ManagementUsing the Reset Button to Restore Factory Default Settings Saving and Retrieving the ConfigurationRestoring the WG102 to the Factory Default Settings Set Password menu Changing the Administrator PasswordRemote Management settings Using Snmp Remote ManagementManagement Hotspot Settings Chapter Advanced ConfigurationTable below describes the advanced wireless parameters Configuring Advanced Wireless SettingsPoint-to-Point Bridge AP Settings Enabling Wireless Bridging and RepeatingRepeater with Wireless Client Association How to Configure a WG102 as a Point-to-Point BridgeMulti-Point bridging How to Configure Multi-Point Wireless BridgingAdvanced Configuration How to Configure Wireless Repeating Advanced Configuration No lights are lit on the access point Chapter TroubleshootingLAN light is not lit Wireless LAN activity light does not light upUsing the Reset Button to Restore Factory Default Settings Cannot connect to the WG102 to configure itWhen I enter a URL or IP address I get a timeout error October Specifications for the WG102 Appendix a SpecificationsWPA Infrastructure Mode Appendix B Wireless Networking BasicsWireless Networking Overview Network Name Extended Service Set Identification Essid Authentication and WEP Data EncryptionAd Hoc Mode Peer-to-Peer Workgroup Open System Authentication Authentication802.11b Authentication Open System Steps 802.11b Authentication Shared Key Steps Key Size WEP Configuration Options Wireless ChannelsWPA Wireless Security How Does WPA Compare to WEP? How Does WPA Compare to Ieee 802.11i? What are the Key Features of WPA Security?Wireless Networking Basics Figure B-3 WPA Overview Access point replies with an EAP-request identity message WPA Data Encryption Key Management Temporal Key Integrity Protocol Tkip Product Support for WPA Is WPA Perfect?Changes to Wireless Access Points Changes to Wireless Client Programs Glossary Dhcp DSL Internet service provider Radius TLS Wins Glossary Numerics IndexWEP B-3
Related manuals
Manual 2 pages 31.24 Kb Manual 23 pages 35.1 Kb Manual 2 pages 35.77 Kb
Top Page Image Contents