Chapter 5 — Network Support

Encryption

AES

A block cipher, a type of symmetric key cipher that uses groups of bits of a fixed length - called blocks.

(Advanced

A symmetric key cipher is a cipher using the same key for both encryption and decryption.

Encryption

As implemented for wireless, this is also known as CCMP, which implements AES as TKIP and WEP

Standard)

are implementations of RC4.

CKIP (Cisco

This is Cisco's version of the TKIP protocol, compatible with Cisco Aironet products.

Key Integrity

 

Protocol)

 

TKIP (Temporal

This protocol is part of the IEEE 802.11i encryption standard for wireless LANs, which provides per-

Key Integrity

packet key mixing, a message integrity check and a re-keying mechanism, thus overcoming most of

Protocol)

the weak points of WEP. This encryption is more difficult to crack than the standard WEP. Weak

 

points of WEP include: No Initiation Vector (IV) reuse protection, weak keys, no protection against

 

message replay, no detection of message tampering, and no key updates.

WEP (Wired

With preconfigured WEP, both the client 751G and access point are assigned the same key, which

Equivalent

can encrypt all data between the two devices. WEP keys also authenticate the 751G to the access point

Privacy)

- unless the 751G can prove it knows the WEP key, it is not allowed onto the network. WEP keys are

encryption

only needed if they are expected by your clients. There are two types available: 64-bit (5-character

 

strings, 12345) (default) and 128-bit (13-character strings, 1234567890123). Enter these as either

 

ASCII (12345) or Hex (0x3132333435).

Key Management Protocols

WPA (Wi-Fi

This is an enhanced version of WEP that does not rely on a static, shared key. It encompasses a

Protected Access)

number of security enhancements over WEP, including improved data encryption via TKIP and

 

802.11b/g authentication with EAP. WiFi Alliance security standard is designed to work with existing

 

802.11 products and to offer forward compatibility with 802.11i.

WPA2 (Wi-Fi

Second generation of WPA security. Like WPA, WPA2 provides enterprise and home Wi-Fi users

Protected Access)

with a high level of assurance that their data remains protected and that only authorized users can

 

access their wireless networks. WPA2 is based on the final IEEE 802.11i amendment to the 802.11

 

standard ratified in June 2004. WPA2 uses the Advanced Encryption Standard (AES) for data

 

encryption and is eligible for FIPS (Federal Information Processing Standards) 140-2 compliance.

Authentication

EAP (Extensible

802.11b/g uses this protocol to perform authentication. This is not necessarily an authentication

Authentication

mechanism, but is a common framework for transporting actual authentication protocols. Intermec

Protocol)

provides a number of EAP protocols for you to choose the best for your network.

EAP-FAST

A publicly accessible IEEE 802.1X EAP type developed by Cisco Systems. It is available as an IETF

(Flexible

informational draft. An 802.1X EAP type that does not require digital certificates, supports a variety

Authentication

of user and password database types, supports password expiration and change, and is flexible, easy to

via Secure

deploy, and easy to manage.

Tunneling)

 

LEAP

Also known as Cisco-Wireless EAP, provides username/password based authentication between a

(Lightweight

wireless client and a RADIUS server. In the 802.1x framework, traffic cannot pass through a wireless

Extensible

network access point until it successfully authenticates itself.

Authentication

 

Protocol)

 

EAP-PEAP

Performs secure authentication against Windows domains and directory services. It is comparable to

(Protected

EAP-TTLS both in its method of operation and its security, though not as flexible. This does not

Extensible

support the range of inside-the-tunnel authentication methods supported by EAP-TTLS. Microsoft

Authentication

and Cisco both support this protocol.

Protocol)

 

751G Color Mobile Computer User’s Manual

119

Page 133
Image 133
Intermec 751G user manual Eap-Fast, Leap, Eap-Peap