O'Reilly Emerging Technology Conference.
Books Safari Bookshelf Conferences O'Reilly Network

Arrow Home
Arrow Registration
Arrow Speakers
Arrow Keynotes
Arrow Tutorials
Arrow Sessions
Arrow At-a-Glance
Arrow BOFs
Arrow Community
Arrow Events
Arrow Exhibitors
Arrow Sponsors
Arrow Hotel/Travel
Arrow Venue Map
Arrow See & Do
Arrow Press
Arrow Join Mailing List 

April 22-25, 2003, Santa Clara -Explore. Invent. Connect.


802.11 Wireless Security Protocols
Matthew Gast, Trapeze

Track: Untethered
Date: Wednesday, April 23
Time: 3:45pm - 4:30pm
Location: Stevens Creek

Industry analysts and surveys have repeatedly identified the lack of security as a major inhibitor to large deployments of 802.11. The reality of the situation is that new protocols have made substantial progress in securing wireless LANs at the link layer, but the lack of detailed technical information has left much of the user community with the impression that wireless LANs are irreparably broken. This session addresses the cocktail of protocols that network engineers need to know to deploy secure wireless networks:

  • Wired Equivalent Privacy (WEP). Although WEP is broken horribly, it still serves as the basis for frame handling and encryption.
  • 802.1x and its ancestor, EAP. One of the major enhancements to wireless LAN security is user-based authentication, which replaces older station-based authentication mechanisms. 802.1x provides a framework for authenticating users directly on IEEE 802 link layers, but does not perform the authentication itself.
  • 802.1x allows for a great deal of flexibility in the details of how authentication takes place because it can use any authentication method defined for use with EAP. As a practical matter, only EAP methods based on TLS (EAP-TLS, EAP-TTLS, and EAP-PEAP) should be used on 802.11 networks.
  • The many fixes to WEP, such as dynamic keying, TKIP, WRAP, and the forthcoming 802.11i.
  • WPA (wireless protected access), the Wi-Fi Alliance's name for a "snapshot" of 802.11i in October 2002. Wi-Fi certification for WPA compliance is expected to begin in February 2003.

Download presentation file

O'Reilly Home | Privacy Policy

© 2002, O'Reilly Media, Inc.