Reference Manual for the NETGEAR 54 Mbps Wireless USB Print Server with 4-Port Switch

Wireless Networking Basics

B-11

202-10083-01

The supplicant in the station uses the authentication and cipher suite information contained in

the information elements to decide which authentication method and cipher suite to use. For

example, if the access point is using the Pre-shared key method then the supplicant need not

authenticate using full-blown 802.1X. Rather, the supplicant must simply prove to the access

point that it is in possession of the pre-shared key. If the supplicant detects that the service set

does not contain a WPA information element then it knows it must use pre-WPA 802.1X

authentication and key management in order to access the network.

•

Key management. WPA features a robust key generation/management system that integrates

the authentication and data privacy functions. Keys are generated after successful

authentication and through a subsequent 4-way handshake between the station and Access

Point (AP).

•

Data Privacy (Encryption). Temporal Key Integrity Protocol (TKIP) is used to wrap WEP in

sophisticated cryptographic and security techniques to overcome most of its weaknesses.

•

Data integrity. TKIP includes a message integrity code (MIC) at the end of each plaintext

message to ensure messages are not being spoofed.

WPA Authentication: Enterprise-level User

Authentication via 802.1x/EAP and RADIUS

Figure B-3:

WPA Overview

WPA

enabled

wireless

client with

“supplicant”

Optional

Certificate

Authority

(eg Win

Server,

VeriSign,

etc)

TCP/IP

Ports Closed

Until

RADIUS Server

Wired Network with

Optional

802.1x Port Based Network

Access Control

WPA enabled

Access Point

using

pre-shared key

or

802.1x

TCP/IP

Ports Opened

After

Authenticated

Wireless LAN

Login

Authentication

Reference Manual for the NETGEAR 54 Mbps Wireless USB Print Server with 4-Port Switch

B-12

Wireless Networking Basics

202-10083-01

IEEE 802.1x offers an effective framework for authenticating and controlling user traffic to a

protected network, as well as providing a vehicle for dynamically varying data encryption keys via

EAP from a RADIUS server, for example. This framework enables using a central authentication

server, which employs mutual authentication so that a rogue wireless user does not join the

network.

It's important to note that 802.1x doesn't provide the actual authentication mechanisms. When

using 802.1x, the EAP type, such as Transport Layer Security (EAP-TLS) or EAP Tunneled

Transport Layer Security (EAP-TTLS) defines how the authentication takes place.

Note

: For environments with a Remote Authentication Dial-In User Service (RADIUS)

infrastructure, WPA supports Extensible Authentication Protocol (EAP). For environments

without a RADIUS infrastructure, WPA supports the use of a preshared key.

Together, these technologies provide a framework for strong user authentication.

Windows XP implements 802.1x natively, and several Netgear switch and wireless access point

products support 802.1x.

Reference Manual for the NETGEAR 54 Mbps Wireless USB Print Server with 4-Port Switch

Wireless Networking Basics

B-13

202-10083-01

Figure B-4:

802.1x Authentication Sequence

The AP sends Beacon Frames with WPA information element to the stations in the service set.

Information elements include the required authentication method (802.1x or Pre-shared key) and

the preferred cipher suite (WEP, TKIP, or AES). Probe Responses (AP to station) and Association

Requests (station to AP) also contain WPA information elements.

1.

Initial 802.1x communications begin with an unauthenticated supplicant (i.e., client device)

attempting to connect with an authenticator (i.e., 802.11 access point). The client sends an

EAP-start message. This begins a series of message exchanges to authenticate the client.

2.

The access point replies with an EAP-request identity message.

1

2

3

4

5

6

7

Client with a WPA-

enabled wireless

adapter and supplicant

(Win XP, Funk,

Meetinghouse, etc.)

For example, a

WPA-enabled AP

For example, a

RADIUS server

Reference Manual for the NETGEAR 54 Mbps Wireless USB Print Server with 4-Port Switch

B-14

Wireless Networking Basics

202-10083-01

3.

The client sends an EAP-response packet containing the identity to the authentication server.

The access point responds by enabling a port for passing only EAP packets from the client to

an authentication server located on the wired side of the access point. The access point blocks

all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the

client's identity using an authentication server (e.g., RADIUS).

4.

The authentication server uses a specific authentication algorithm to verify the client's identity.

This could be through the use of digital certificates or some other EAP authentication type.

5.

The authentication server will either send an accept or reject message to the access point.

6.

The access point sends an EAP-success packet (or reject packet) to the client.

7.

If the authentication server accepts the client, then the access point will transition the client's

port to an authorized state and forward additional traffic.

The important part to know at this point is that the software supporting the specific EAP type

resides on the authentication server and within the operating system or application “supplicant”

software on the client devices. The access point acts as a “pass through” for 802.1x messages,

which means that you can specify any EAP type without needing to upgrade an 802.1x-compliant

access point. As a result, you can update the EAP authentication type to such devices as token

cards (Smart Cards), Kerberos, one-time passwords, certificates, and public key authentication or

as newer types become available and your requirements for security change.

WPA Data Encryption Key Management

With 802.1x, the rekeying of unicast encryption keys is optional. Additionally, 802.11 and 802.1x

provide no mechanism to change the global encryption key used for multicast and broadcast

traffic. With WPA, rekeying of both unicast and global encryption keys is required.

For the unicast encryption key, the Temporal Key Integrity Protocol (TKIP) changes the key for

every frame, and the change is synchronized between the wireless client and the wireless access

point (AP). For the global encryption key, WPA includes a facility (the Information Element) for

the wireless AP to advertise the changed key to the connected wireless clients.

If configured to implement dynamic key exchange, the 802.1x authentication server can return

session keys to the access point along with the accept message. The access point uses the session

keys to build, sign and encrypt an EAP key message that is sent to the client immediately after

sending the success message. The client can then use contents of the key message to define

applicable encryption keys. In typical 802.1x implementations, the client can automatically change

encryption keys as often as necessary to minimize the possibility of eavesdroppers having enough

time to crack the key in current use.

Reference Manual for the NETGEAR 54 Mbps Wireless USB Print Server with 4-Port Switch

Wireless Networking Basics

B-15

202-10083-01

Temporal Key Integrity Protocol (TKIP)

WPA uses TKIP to provide important data encryption enhancements including a per-packet key

mixing function, a message integrity check (MIC) named Michael, an extended initialization

vector (IV) with sequencing rules, and a re-keying mechanism. TKIP also provides for the

following:

•

The verification of the security configuration after the encryption keys are determined.

•

The synchronized changing of the unicast encryption key for each frame.

•

The determination of a unique starting unicast encryption key for each preshared key

authentication.

Michael

With 802.11 and WEP, data integrity is provided by a 32-bit

integrity check value

(ICV) that is

appended to the 802.11 payload and encrypted with WEP. Although the ICV is encrypted, you can

use cryptanalysis to change bits in the encrypted payload and update the encrypted ICV without

being detected by the receiver.

With WPA, a method known as

Michael

specifies a new algorithm that calculates an 8-byte

message integrity code

(MIC) using the calculation facilities available on existing wireless

devices. The MIC is placed between the data portion of the IEEE 802.11 frame and the 4-byte ICV.

The MIC field is encrypted together with the frame data and the ICV.

Michael also provides replay protection. A new frame counter in the IEEE 802.11 frame is used to

prevent replay attacks.

AES Support

One of the encryption methods supported by WPA beside TKIP is the advanced encryption

standard (AES), although AES support is required for WPA2 for Wi-Fi certification. This is

viewed as the optimal choice for security conscience organizations, but AES requires a

fundamental redesign of the NIC’s hardware in both the station and the access point. TKIP was a

pragmatic compromise that allowed organizations to deploy better security while AES capable

equipment is being designed, manufactured, and incrementally deployed.