11i: Robust Security Networks, TKIP, and CCMP

i Robust Security Networks, TKIP, and CCMP

802.1X provides a framework for authentication and key management, which addresses two of the major flaws in the design of WEP. The major remaining flaw to be addressed is the lack of confidentiality provided by WEP encryption. Fixing link layer encryption was taken on by Task Group I of the 802.11 working group. In June 2004, their work was finally complete when the standard was ratified, after several delays.

802.11i takes a two-track approach to addressing the weaknesses in link-layer encryption. Its major components are two new link-layer encryption protocols. The first, the Temporal Key Integrity Protocol (TKIP) was designed to bolster security to the greatest extent possible on pre-802.11i hardware. The second, Counter Mode with CBC-MAC Protocol (CCMP), is a new encryption protocol designed from the ground up to offer the highest level of security possible.