NETGEAR MP115NA MP3 Player User Manual


 
User’s Manual for the Wireless Digital Media Player MP115
Wireless Networking Basics B-11
November 2004 202-10038-01
The primary information conveyed in the Beacon frames is the authentication method and the
cipher suite. Possible authentication methods include 802.1X and Pre-shared key. Pre-shared
key is an authentication method that uses a statically configured passphrase on both the
stations and the access point. This removes the need for an authentication server, which in
many home and small office environments will not be available nor desirable. Possible cipher
suites include: WEP, TKIP, and AES (Advanced Encryption Standard). We’ll talk more TKIP
and AES when addressing data privacy below.
Authentication. EAP over 802.1X is used for authentication. Mutual authentication is
gained by choosing an EAP type supporting this feature and is required by WPA. The 802.1X
port access control prevents full access to the network until authentication completes. The
802.1X EAPOL-Key packets are used by WPA to distribute per-session keys to those stations
successfully authenticated.
The supplicant in the station uses the authentication and cipher suite information contained in
the information elements to decide which authentication method and cipher suite to use. For
example, if the access point is using the Pre-shared key method then the supplicant need not
authenticate using full-blown 802.1X. Rather, the supplicant must simply prove to the access
point that it is in possession of the pre-shared key. If the supplicant detects that the service set
does not contain a WPA information element then it knows it must use pre-WPA 802.1X
authentication and key management in order to access the network.
Key management. WPA features a robust key generation/management system that integrates
the authentication and data privacy functions. Keys are generated after successful
authentication and through a subsequent four-way handshake between the station and access
point (AP).
Data Privacy (Encryption). Temporal Key Integrity Protocol (TKIP) is used to wrap WEP in
sophisticated cryptographic and security techniques to overcome most of its weaknesses.
Data integrity. TKIP includes a message integrity code (MIC) at the end of each plain text
message to ensure messages are not being spoofed.