Reference Manual for the NETGEAR WG102 ProSafe 802.11g Wireless Access Point

Temporal Key Integrity Protocol (TKIP)

WPA uses TKIP to provide important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. TKIP also provides for the following:

The verification of the security configuration after the encryption keys are determined.

The synchronized changing of the unicast encryption key for each frame.

The determination of a unique starting unicast encryption key for each preshared key authentication.

Michael

With 802.11 and WEP, data integrity is provided by a 32-bit integrity check value (ICV) that is appended to the 802.11 payload and encrypted with WEP. Although the ICV is encrypted, you can use cryptanalysis to change bits in the encrypted payload and update the encrypted ICV without being detected by the receiver.

With WPA, a method known as Michael specifies a new algorithm that calculates an 8-byte message integrity check (MIC) using the calculation facilities available on existing wireless devices. The MIC is placed between the data portion of the IEEE 802.11 frame and the 4-byte ICV. The MIC field is encrypted together with the frame data and the ICV.

Michael also provides replay protection. A new frame counter in the IEEE 802.11 frame is used to prevent replay attacks.

Optional AES Support to be Phased In

One of the encryption methods supported by WPA, besides TKIP, is the advanced encryption standard (AES), although AES support will not be required initially for Wi-Fi certification. This is viewed as the optimal choice for security conscience organizations, but the problem with AES is that it requires a fundamental redesign of the NIC’s hardware in both the station and the access point. TKIP is a pragmatic compromise that allows organizations to deploy better security while AES capable equipment is being designed, manufactured, and incrementally deployed.

Wireless Networking Basics

B-15

October 2004

Page 88 Page 90
Page 89
Image 89
NETGEAR WG102 manual Temporal Key Integrity Protocol Tkip
Page 88 Page 90

WG102 specifications

The NETGEAR WG102 is a robust and versatile wireless access point designed to enhance network connectivity in a variety of environments, from small businesses to larger enterprise settings. This device is well-regarded for its ease of use, reliable performance, and a feature set that caters to both basic and advanced networking needs.

One of the key features of the WG102 is its support for the IEEE 802.11g standard, which provides data rates of up to 54 Mbps. This makes it suitable for high-speed internet access and seamless data transfer for users connected to the network. Additionally, the WG102 is backward compatible with the 802.11b devices, ensuring that existing hardware can be integrated into the network without issues, thereby protecting investment in older technology.

The WG102 also excels in its deployment flexibility. With Power over Ethernet (PoE) support, installation becomes significantly easier, as the access point can receive power through the Ethernet cable, eliminating the need for additional power outlets. This feature is particularly advantageous in locations where power supply access is limited or where aesthetic considerations are key.

Security is a vital aspect of any network, and the WG102 does not disappoint. It supports Wi-Fi Protected Access (WPA and WPA2) for secure wireless communications, ensuring that user data is encrypted and protected from potential threats. The device also features WEP encryption, allowing users to implement various security measures based on their specific needs.

The WG102's management capabilities include a web-based interface, enabling administrators to configure settings easily and monitor network performance. The device supports VLAN tagging, which can help in segmenting network traffic for better performance and security. The ability to manage multiple access points through a single interface also streamlines network management.

In terms of physical characteristics, the NETGEAR WG102 is designed for durability and reliability. Its compact form factor allows for discreet installation, whether mounted on a ceiling, wall, or placed on surfaces.

Overall, the NETGEAR WG102 is a dependable access point that offers a combination of speed, security, and ease of management, making it an excellent choice for those looking to enhance their wireless networking capabilities.
Top Page Image Contents