Advanced Cyber Security

Resources / IT Security Resources Part4 /

WPA2

The WiFi Protected Access 2 (also known as WPA2) is a security standard based on the ratified IEEE 802.11i protocol that offers network administrators everywhere peace of mind because of its high-level guarantee that only users who are authorized to access a network can do so, determined hacker or no determined hacker. WPA2 employs industrial-grade security that the government can vouch for by implementing the AES encryption algorithm (an algorithm that's compliant with NIST (National Institute of Standards and Technology) FIPS 140-2.

There are over two versions of WPA2: WPA2 Personal and WPA2 Enterprise.

WPA2 Enterprise detects and verifies network users using a server.

Meanwhile, WPA2 Personal shields a network from unauthorized access by using a setup password.

WPA2 Technology 

WPA2 features backward compatibility with WPA.

The WiFi Protected Access series as a whole serves as the latest standard for secure encryption and data integrity protection as approved by the WiFi Alliance, especially in light of the advances that WPA2 has brought to the table at present.

Just as IEEE 802.11i replaced the very unsafe Wired Equivalent Privacy or WEP policy and previous IEEE 802.11-based iterations, WPA and WPA2 replaced IEEE 802.11i. Because the WPA family serves as a subset of the 802.11i policy, both WPA types support TKIP or Temporal Key Integrity Protocol (a recent encryption algorithm creation), Michael (an integrity algorithm), the 802.1X authentication (that is, the WPA Enterprise), and a preshared key or PSK protocol (that is, the WPA Personal).

WPA Enterprise

The more in-depth differences between WPA Personal and WPA Enterprise are as follows: The server-based WPA2 Enterprise is mostly used by big businesses and multinational corporations because it uses open-system authentication as the first phase of its security measures and the Extensible Authentication Protocol or EAP method plus the 802.1X as its extra second level shield.

On the other hand, the WPA2 Personal employs a PSK to streamline its capabilities within systems and environments that lack a Remote Authentication Dial-In User Service or RADIUS)infrastructure such as small office/home office or SOHO networks; in other words, WPA2 is best used for small-business or home-based setups).

Certified WiFi Alliance

The fact that WPA2 also works with certified WiFi Alliance products.

This certification assures customers that the wireless devices they've bought are compliant with the 802.11i gold standard of encrypted transmissions, data integrity, and system protection.

The main purpose of WPA2 certification is to promote and support the 802.11i standard's extra compulsory security measures that aren't currently part of WPA-enabled appliances.

WPA2 offers supplementary benefits that improve upon the WPA standard's earlier flaws when it was first launched for worldwide public use.

Like its predecessor, WPA2 requires the calculation of a set of transient keys through a 4way connection handshake as well as the resolution of a PMK or a shared pairwise master key that's based on the EAP and PSK authentication processes.

Naturally, the mind-boggling convolution by which the WiFi Protected Access 2 runs on guarantees users that it's not going to be easy at all to hack or crack through this impressive and innovative network protocol

WPA2 Encryption

WPA, otherwise known as WiFi Protected Access, is the current standard for data integrity protection and secure encryption as adopted by the WiFi Alliance—or, at least, the WPA2 is the one being followed at present. Basically, the IEEE 802.11i standard was established to replace the tragically flawed WEP (Wired Equivalent Privacy) policy and any other security measures based on its predecessor, the original IEEE 802.11 standard.

The subset of 802.11i specification, the WPA and WPA2 support the preshared key (PSK) protocol known as WPA Personal, the 802.1X authentication (also known as WPA Enterprise), an integrity algorithm known as Michael, and a recent encryption algorithm innovation called TKIP (also known as Temporal Key Integrity Protocol).

Enterprise Mode

Moreover, WPA2 is also a WiFi Alliance product certification assuring consumers that the wireless equipment that they've purchased supports the 802.11i gold standard of system protection, data integrity, and encrypted transmissions.

The main objective of the WPA2 certification is to support and promote the added compulsory security measures of the 802.11i standard that aren't presently included for other WPA-enabled products.

Like its earlier iteration, WPA2 offers Personal and Enterprise modes of operation plus a few supplementary features that improve upon the weaknesses that the WPA policy had when it was first introduced into mainstream use.

RADIUS Server

The differences between the WPA2 Personal and the WPA2 Enterprise go like this: The WPA2 Personal utilizes a PSK in order to optimize its effectiveness within environments without a RADIUS Remote Authentication Dial-In User Service found as SOHO small sized office networks (that is, medium-sized, non-enterprise-level setups).

Meanwhile, like its name suggests, the WPA2 Enterprise caters specifically to big businesses and multinational-level networks with its open system authentication as its first phase and the EAP (Extensible Authentication Protocol) method and the 802.1X protocol as its second phase.

Just like WPA, WPA2 necessitates the resolution of a shared pairwise master key (PMK) modeled after the PSK or EAP authentication processes as well as the calculation of pairwise transient keys via a 4-way handshake.

Obviously, the sheer complexity by which the WPA2 operates assures users that it's no easy task to crack or hack through this latest network protocol.

It is an advanced encryption standard that presently has no equal. 

Pricing Click Here ->

Buy from a VAR or VAD Click Here ->

Get a Free Vulnerability Scan Click Here ->


Ingenco2 Trustmark SecPoint Trustpilot Emaerket

➤ Related Pages

802.11 Protocol
CSRF
DDoS
DLP
Ethical Hacker
IPX
NetBEUI
OSI
OpenBSD
RC4
RSA
SEO Check links
SOX
TCP/IP
The Sarbanes-Oxley Act of 2002
UTM Appliance Review
Vulnerability Testing Appliance
WPA Handshake
WPA2
WPA2 Password Handshake
Web Scan
What is Bandwidth Management ?
Wireless Access Point