• Home
• Protector
• Portable Penetrator
• Cloud Penetrator
• Penetrator
• Partners

You are here: Encyclopedia > Encyclopedia Part 4 > Wireless Encryption Standards

• WEP (Wired Equivalent Privacy): The old, original, and currently discredited wireless security standard. Easily cracked.

• WEP 40/128-bit key, WEP 128-bit Passphrase: See WEP. The user key for WEP is generally either 40- or 128-bit, and usually has to be supplied as a hexadecimal string.

• WPA, WPA1: Wi-Fi Protected Access. The initial version of WPA, sometimes called WPA1, is essentially a brand name for TKIP. TKIP was chosen as an interim standard because it could be implemented on WEP hardware with just a firmware upgrade.

• WPA2: The trade name for an implementation of the 802.11i standard, which includes AES and CCMP.

• TKIP: Temporal Key Integrity Protocol. The replacement encryption system for WEP. Several features were added to make keys more secure than they were under WEP.

• AES: Advanced Encryption Standard. This is now the preferred encryption method, replacing the old TKIP. AES is implemented in WPA2/802.11i.

• Dynamic WEP (802.1x): When the WEP key/passphrase is entered by a key management service. Therefore, WEP didn't support dynamic keys until the advent of TKIP and CCMP.

• EAP: Extensible Authentication Protocol. A standard authentication framework. EAP supplies common functions and a negotiation mechanism, but not a specific authentication method. Currently, there are about forty different methods implemented for EAP. See WPA Enterprise.

• 802.1x, IEEE8021X: The IEEE family of standards for authentication on networks. In this context, the term is hopelessly ambiguous.

• LEAP, 802.1x EAP (Cisco LEAP): The Lightweight Extensible Authentication Protocol is a proprietary method of wireless LAN authentication developed by Cisco Systems. Supports dynamic WEP, RADIUS, and frequent reauthentication.

• WPA-PSK, WPA-Preshared Key: Use of a shared key, meaning one manually set and manually managed. Does not scale with a large network either for manageability or security, but needs no external key management system.

• RADIUS: Remote Authentication Dial In User Service. A very old protocol for centralizing authentication and authorization management. The RADIUS server acts as a remote service for these functions.

• WPA Enterprise, WPA2 Enterprise: A trade name for a set of EAP types. Products certified as WPA Enterprise or WPA2 Enterprise will interoperate (EAP-TLS, EAP-TTLS/MSCHAPv2, PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC & EAP-SIM).

• WPA-Personal, WPA2-Personal: See Pre-Shared Key.

• WPA2-Mixed: Support for both WPA1 and WPA2 on the same access point.

• 802.11i: An IEEE standard that specifies security mechanisms for 802.11 networks. 802.11i uses AES, and includes improvements in key management, user authentication through 802.1X, and data integrity of headers.

• CCMP: Counter Mode with Cipher Block Chaining Message Authentication Code Protocol. An encryption protocol that uses AES.