shows a timeline of WLAN security.
Figure 6-1 WLAN Security over Time
CCNP ONT
[ 310 ] CCNP ONT Quick Reference
WLAN Security Development
WEP
Weak authentication
Static keys
Weak broken encryption
WPA
Mutual authentication
Dynamic keys
Better encryption
WPA2
Mutual authentication
Dynamic keys
Good encryption (AES)
Includes intrusion detection
802.11 WEP supports open and shared key authentication. Open authentication
means that no authentication is used and any user is allowed to associate
with an AP. Shared key authentication expects a cryptographic key to be
known before accessing the AP; this key is subsequently used to encrypt the
payload. To authenticate using a shared key, an AP sends a plain-text challenge,
which the PC encrypts and sends back. If it is encrypted correctly, the
PC is authenticated. More detail is provided in Figure 6-2, which shows the
entire authentication process.