FINAL STRETCH/ WIRELESS SECURITY

Wi-Fi Protected Access (WPA):

An improvement to WEP, This protocol adds, among other changes, a key (TKIP, or temporal key integrity protocol) that changes dynamically over time, which eliminates the greatest shortcoming of WEP. This protocol is the minimum level of security you should choose if at all possible. The Enterprise version adds in 802.1X authentication to make the network even more secure.

802.11i:

The IEEE standard for enhanced security in a Wi-Fi network, This protocol includes AES encryption and other enhancements to Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access(WPA). (See Wired Equivalent Privacy and Wi-Fi Protected Access.) WPA2 systems are compliant with 802.11i.

Wired Equivalent Privacy (WEP):

The encryption system used by wireless LANs to provide security on the network. This protocol uses an encryption key (which can be 40 or 108 bits long - these are often referred to as 64- and 128-bit keys, due to some extra bits used in the system) to encrypt data flowing across the network. This protocol is considered insecure because the encryption key can easily be "broken" using free tools downloaded from the Internet.

Wi-Fi Protected Access 2 (WPA2):

This protocol (aka also 802.11i) adds even further enhancements to WPA, including AES (Advanced Encryption Standard), which makes the encryption key almost impervious to current cracker attacks.

PEAP (Protected Extensible Authentication Protocol)

This protocol encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption.

LEAP (Lightweight Extensible Authentication Protocol).

This protocol is a Cisco proprietary alternative to TKIP for WPA. This was developed to address deficiencies in TKIP before the 802.11i/ WPA2 system was ratified as a standard. An attack tool known as Asleap was released in 2004 that could exploit the ultimately weak protection provided by This protocol . This protocol should be avoided when possible; use of EAP-TLS as an alternative is recommended, but if This protocol is used, a complex password is strongly recommended.

EAP (Extensible Authentication Protocol)

This protocol is not a specific mechanism of authentication; rather it is an authentication framework. Effectively, This protocol allows for new authentication technologies to be compatible with existing wireless or point-to-point connection technologies.

CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)

This protocol was created to replace WEP and TKIP/ WPA. This protocol uses AES (Advanced Encryption Standard) with a 128-bit key. This protocol is the preferred standard security protocol of 802.11 wireless networking indicated by 802.11i. To date, no attacks have yet been successful against the AES/ and this protocols encryption.

TKIP (Temporal Key Integrity Protocol).

Was designed as the replacement for WEP without requiring replacement of legacy wireless hardware. This protocol was implemented into 802.11 wireless networking under the name WPA (Wi-Fi Protected Access). This protocol improvements include a key-mixing function that combines the initialization vector (IV) (i.e., a random number) with the secret root key before using that key with RC4 to perform encryption; a sequence counter is used to prevent packet replay attacks; and a strong integrity check named Michael is used. This protocol and WPA were officially replaced by WPA2 in 2004.