Wednesday, November 13, 2019
Solution WPA2 Wi-Fi Protected Access 2 (WPA2) based on the IEEE 802.11i standard is an improvement to the 802.11 standard that specifying security mechanisms for wireless networks. On June 24th, 2004, this standard been uses to replaces the previous security specifications, Wired Equivalent Privacy (WEP), which was shown to have severe security weaknesses. Wi-Fi Protected Access (WPA) had previously been introduced as a solution to WEP insecurities. WPA implemented only a subset of IEEE 802.11i. WPA2 makes use of a specific mode of the Advanced Encryption Standard (AES) known as the Counter Mode Cipher Block Chaining-Message Authentication Code (CBC-MAC) protocol (CCMP). CCMP provides both data confidentiality (encryption) and data integrity. The use of the Advanced Encryption Standard (AES) is a more secure alternative to the RC4 stream cipher used by WEP and WPA. 802.11 Security solution WEP WPA WPA2 Cipher RC4 RC4 AES Key Size 40 bits 128 bits encryption 64 bits authentication 128 bits IV Size 24 bits 48 bits 48 bits Data Integrity CRC-32 Michael CCM Header Integrity None Michael CCM Replay Attack None IV Sequence IV Sequence Key Management None EAP-Based EAP-Based WPA2 Authentication One of the major changes introduced with the WPA2 standard is the separation of user authentication from the enforcement of message integrity and privacy, thereby providing a more scalable and robust security architecture suitable to home networks or corporate networks with equal prowess. Authentication in the WPA2 Personal mode, which does not require an authentication server, is performed between the client and the AP generating a 256-bit PSK from a plain-text pass phrase (from 8 to 63 characters). The PSK in conjunction with th... ...sed VPN offers high network throughput, better performance and more reliability, since there is no processor overhead. However, it is also more expensive. 3. A software-based VPN provides the most flexibility in how traffic is managed. This type is suitable when VPN endpoints are not controlled by the same party, and where different firewalls and routers are used. It can be used with hardware encryption accelerators to enhance performance. 4. An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. In contrast to the traditional Internet Protocol Security (IPsec) VPN, an SSL VPN does not require the installation of specialized client software on the end user's computer. It's used to give remote users with access to Web applications, client/server applications and internal network connections.