Avaya AP-6, AP-5 manual Avaya Wireless AP-4/5/6 User’s Guide 125

Security

WPA is a replacement for Wired Equivalent Privacy (WEP), the encryption technique specified by the original 802.11 standard. WEP has several vulnerabilities that have been widely publicized. WPA addresses these weaknesses and provides a stronger security system to protect wireless networks.

WPA provides the following new security measures not available with WEP:

•Improved packet encryption using the Temporal Key Integrity Protocol (TKIP) and the Michael Message Integrity Check (MIC).

•Per-user, per-session dynamic encryption keys:

—Each client uses a different key to encrypt and decrypt unicast packets exchanged with the AP

—A client's key is different for every session; it changes each time the client associates with an AP

—The AP uses a single global key to encrypt broadcast packets that are sent to all clients simultaneously

—Encryption keys change periodically based on the Re-keying Interval parameter

—WPA uses 128-bit encryption keys

•Dynamic Key distribution

—The AP generates and maintains the keys for its clients

—The AP securely delivers the appropriate keys to its clients