Manuals / NETGEAR / Computer Equipment / Network Card

NETGEAR WGE111 user manual How Does WPA Compare to WEP?

Models: WGE111

1 88

Download 88 pages 16.82 Kb

Page 71

How Does WPA Compare to WEP?

User Manual for the NETGEAR 54 Mbps Wireless PC Card WG511

The IEEE introduced the WEP as an optional security measure to secure 802.11b (Wi-Fi) WLANs, but inherent weaknesses in the standard soon became obvious. In response to this situation, the Wi-Fi Alliance announced a new security architecture in October 2002 that remedies the shortcomings of WEP. This standard, formerly known as Safe Secure Network (SSN), is designed to work with existing 802.11 products and offers forward compatibility with 802.11i, the new wireless security architecture being defined in the IEEE.

WPA offers the following benefits:

•Enhanced data privacy

•Robust key management

•Data origin authentication

•Data integrity protection

How Does WPA Compare to WEP?

WEP is a data encryption method and is not intended as a user authentication mechanism. WPA user authentication is implemented using 802.1x and the Extensible Authentication Protocol (EAP). Support for 802.1x authentication is required in WPA. In the 802.11 standard, 802.1x authentication was optional. For details on EAP specifically, refer to IETF's RFC 2284.

With 802.11 WEP, all access points and client wireless adapters on a particular wireless LAN must use the same encryption key. A major problem with the 802.11 standard is that the keys are cumbersome to change. If you do not update the WEP keys often, an unauthorized person with a sniffing tool can monitor your network for less than a day and decode the encrypted messages. Products based on the 802.11 standard alone offer system administrators no effective method to update the keys.

For 802.11, WEP encryption is optional. For WPA, encryption using Temporal Key Integrity Protocol (TKIP) is required. TKIP replaces WEP with a new encryption algorithm that is stronger than the WEP algorithm, but that uses the calculation facilities present on existing wireless devices to perform encryption operations. TKIP provides important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. Through these enhancements, TKIP addresses all of known WEP vulnerabilities.

Wireless Networking Basics

C-9

Image 71

NETGEAR WGE111 user manual How Does WPA Compare to WEP?

Contents

NETGEAR, Inc User Manual for the NETGEAR WGE111 Wireless Game AdapterE-mail support@netgear.com Technical SupportStatement of Conditions NETGEAR, INC. Support InformationTested to Comply with FCC Standards NETGEAR Wireless Game Adapter WGE111VCCI Statement Federal Communications Commission FCC Radiation Exposure StatementCanadian Department of Communications Radio Interference Regulations Chapter ContentsBasic Setup Chapter About This ManualChapter Chapter Web ConfigurationTroubleshooting Technical SpecificationsWireless Channels Appendix C Wireless Networking BasicsWireless Networking Overview Authentication and WEPContents Audience, Conventions, Scope Chapter About This ManualHow to Use this Manual How to Print this Manual About This Manual User Manual for the NETGEAR WGE111 Wireless Game AdapterChapter Introduction About the NETGEAR WGE111 Wireless Game AdapterNETGEAR WGE111 Wireless Game Adapter Resource CD, including Key Features and Related NETGEAR ProductsWhat’s in the Box? Introduction LED Descriptions Status Indicators and Ports of the WGE111See the table below for a description of the LED indicator lights User Manual for the NETGEAR WGE111 Wireless Game AdapterReset Push Button Introduction User Manual for the NETGEAR WGE111 Wireless Game Adapter“Personal Computer Plug-and-Go Scenario” on page Chapter Basic SetupPreparing to Install Your WGE111 Wireless Game Adapter “Game Console Plug-and-Go Scenario” on pageSystem Requirements Placement and Range GuidelinesYour System Operating ModesSwitch Position ModeWhat you do Wizard ConfigurationPersonal Computer Plug-and-Go Scenario Fixed IP Planning the WGE111 Wireless Game Adapter ConfigurationPlanning for TCP/IP Configuration Dynamic IP using DHCPSubnet mask Understanding WEP Authentication and EncryptionAuthentication Scheme Selection Encryption Strength Choices Understanding WPA-PSK Encryption Security Using the NETGEAR Smart Wizard Configuration Assistanta. Connect one end of the Ethernet cable to the Wireless Game Adapter Double-click setup.exe if the program does not start automatically Select the Infrastructure and/or Ad-Hoc mode network settings Select the TCP/IP Settings 3-14 User Manual for the NETGEAR WGE111 Wireless Game AdapterBasic Setup Configuring the Wireless Game Adapter Using TCP/IP Chapter Web ConfigurationViewing the Wireless Game Adapter Status Connecting to the Wireless Game AdapterWireless Settings Device Information Configuring the Adapter for Infrastructure Mode AccessIP Settings The data rate is set to Auto by default Data Rateg only - operates in 802.11g mode only b only - operates in 802.11b mode onlyNetwork Name SSID Using WEP Security EncryptionWireless Security Authentication TypeAutomatic Key Generation Passphrase Configuring the Wireless Game Adapter for Ad-Hoc ModeUsing WPA-PSK Security Encryption Manual Entry ModeTo configure the WGE111 for Ad-Hoc access Figure 4-4 Wireless Networks Available Viewing the Wireless Networks AvailableConfiguring the IP Settings The default values are suitable for most users and situations Upgrading the Firmware Changing the WGE111 Wireless Game Adapter PasswordFigure 4-7 Restore Factory Defaults screen Restoring the Factory DefaultsGo to “Restoring the Default Configuration and Password” on page Chapter TroubleshootingGo to “Troubleshooting the TCP/IP Settings Using Ping” on page Cause SymptomSolution Basic Tipssure all the devices are on the same IP network wireless router or access point, wait, and thenchange the wireless game adapters IP address Configuration Assistant” on page 3-9 for See “Using the NETGEAR Smart WizardI cannot configure the WGE111 from a browser Frequently Asked QuestionsTroubleshooting the Web Configuration Interface Troubleshooting the TCP/IP Settings Using PingRestoring the Default Configuration and Password Troubleshooting User Manual for the NETGEAR WGE111 Wireless Game AdapterTechnical Specifications Appendix A Technical SpecificationsTechnical Specifications User Manual for the NETGEAR WGE111 Wireless Game AdapterIP Addresses and the Internet Appendix B Understanding IP AddressesThe five address classes are Class A Netmask Figure 5-2 Example of Subnetting a Class B Address Subnet AddressingDotted-Decimal Value Table 5-1. Netmask Notation Translation Table for One OctetTable 5-2. Netmask Formats Number of BitsPrivate IP Addresses IP Configuration by DHCP Address Resolution ProtocolUnderstanding IP Addresses User Manual for the NETGEAR WGE111 Wireless Game AdapterInfrastructure Mode Appendix C Wireless Networking BasicsWireless Networking Overview Network Name Extended Service Set Identification ESSID Authentication and WEPAd Hoc Mode Peer-to-Peer Workgroup Open System Authentication 802.11 Authentication3 Client connects to network Client attempting to connect 802.11b Authentication Open System Steps1 Authentication request sent to AP 2 AP authenticates Access Pointthe data 1. Do Not Use WEP TheKey Size WEP Configuration OptionsWireless Channels WPA Wireless Security How Does WPA Compare to WEP? How Does WPA Compare to IEEE 802.11i? What are the Key Features of WPA Security?The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods include 802.1X and Pre-shared key. Pre-shared key is an authentication method that uses a statically configured passphrase on both the stations and the access point. This obviates the need for an authentication server, which in many home and small office environments will not be available nor desirable. Possible cipher suites include WEP, TKIP, and AES Advanced Encryption Standard. We talk more about TKIP and AES when addressing data privacy below Figure C-3 WPA Overview Wireless LANWired Network with Optional 802.1x Port Based Network Access Control Login Authentication2. The access point replies with an EAP-request identity message WPA Data Encryption Key Management Michael Optional AES Support to be Phased InTemporal Key Integrity Protocol TKIP Product Support for WPA Supporting a Mixture of WPA and WEP Wireless Clients is DiscouragedIs WPA Perfect? The new WPA information element Changes to Wireless Access PointsThe WPA two-phase authentication Changes to Wireless Network AdaptersChanges to Wireless Client Programs 802.3 List of Glossary Terms1000BASE-T 802.1QDHCP User Manual for the NETGEAR WGE111 Wireless Game AdapterDynamic Host Configuration Protocol GlossaryInternet service provider User Manual for the NETGEAR WGE111 Wireless Game AdapterNetwork Address Translation User Manual for the NETGEAR WGE111 Wireless Game AdapterWINS User Manual for the NETGEAR WGE111 Wireless Game AdapterWindows Internet Naming Service GlossaryGlossary User Manual for the NETGEAR WGE111 Wireless Game AdapterNumerics Index