User Manual for the NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111

The supplicant in the station uses the authentication and cipher suite information contained in the information elements to decide which authentication method and cipher suite to use. For example, if the access point is using the Pre-shared key method then the supplicant need not authenticate using full-blown 802.1X. Rather, the supplicant must simply prove to the access point that it is in possession of the pre-shared key. If the supplicant detects that the service set does not contain a WPA information element then it knows it must use pre-WPA 802.1X authentication and key management in order to access the network.

Key management. WPA features a robust key generation/management system that integrates the authentication and data privacy functions. Keys are generated after successful authentication and through a subsequent 4-way handshake between the station and Access Point (AP).

Data Privacy (Encryption). Temporal Key Integrity Protocol (TKIP) is used to wrap WEP in sophisticated cryptographic and security techniques to overcome most of its weaknesses.

Data integrity. TKIP includes a message integrity code (MIC) at the end of each plaintext message to ensure messages are not being spoofed.

C lie n t with a W P A -e n a b le d wire le ss a d a p te r a n d 

su p p lica n t

F or e xa m p le , a  W P A -e n a b le d A P

F or e xa m p le , a  R A D I U S se rve r

1

2

3

4

6

5

7

Figure B-6: WPA/802.1x Authentication Sequence

W ire le ss N e tworkin g B a sics

B -1 7

202-10076-01

Page 63
Image 63
NETGEAR WPN111 user manual Figure B-6 WPA/802.1x Authentication Sequence