IEEE 802.11 WLAN Protected Access?
Last Post: September 16, 2006:
-
WPA are three letters we see a lot of these days in the IEEE 802.11 WLAN industry. Here are some of the things they mean:
"WPA is Wi-Fi Protected Access"
"WPA is a registered trademark of the Wi-Fi Alliance"
"WPA is an assurance of multi-vendor interoperability"
"WPA(2003) is a subset of the unratified IEEE 802.11i"
"WPA(2004) is a subset of the ratified IEEE 802.11i"
"WPA(2003) is TKIP and 802.1X/EAP (and not PSK)"
"WPA(2004) is TKIP (802.1X/EAP or PSK, pick one)"
"WPA(2004) is TKIP and 802.1X/EAP and PSK"
"WPA is a brand regardless of configuration"
"WPA is a configuration regardless of brand"
"WPA2 is the complete IEEE 802.11i (just don't mention RSN/RSNA)"
"WPA2 is one of four cipher suites described in IEEE 802.11i"
"WPA2 is CCMP (CCMP uses AES)"
"WPA2 is AES (AES uses CCMP)"
"WPA2 is a brand regardless of configuration"
"WPA2 is a configuration regardless of brand"
None of this is an exaggeration despite its hilarity. In my opinion "WPA" is seriously imprecise, may be just what the marketplace and many novice users need, and has little place in a professional technical discussion or explanation. WLAN professionals should understand all the nuances of WPA but think and act in terms of IEEE 802.11.
It may be that a device can only display the WPA and WPA2 trademarks if it is a Wi-Fi CERTIFIED device vended by a member of the Wi-Fi Alliance. In my opinion all IEEE 802.11 WLAN devices should use vendor neutral terms for their configuration choices, such as Robust Security Network (RSN) cipher suites CCMP and TKIP, legacy cipher suites WEP-104 and WEP-40, and authentication & key management 802.1X/EAP and PSK.
Here is one simplified way to offer security configuration choices:
Cipher Suite: Best (CCMP/AES), Good (TKIP/RC4), Poor (WEP/RC4), None
Authentication: Best (802.1X/EAP), Good (PSK), Poor (WEP), None
I hope this helps. Thanks. /criss
- 1