By generating unique data encryption keys for every data packet and by creating an integrity
checking mechanism (MIC), TKIP makes it much more difficult to decode data on a Wi-Fi
network than WEP, making it difficult for an intruder to break into the network.
The encryption mechanisms used for WPA and WPA-PSK are the same. The only difference
between the two is that WPA-PSK uses a simple common password, instead of user-specific
credentials. The common-password approach makes WPA-PSK susceptible to brute-force
password-guessing attacks but it's still an improvement over WEP as it employs an easier-to-
use, consistent, single, alphanumeric password.
8.8 WPA-PSK Application Example
A WPA-PSK application looks as follows.
1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key
(PSK) must consist of between 8 and 63 ASCII characters (including spaces and
symbols).
2 The AP checks each client's password and (only) allows it to join the network if it
matches its password.
3 The AP derives and distributes keys to the wireless clients.
4 The AP and wireless clients use the TKIP encryption process to encrypt data exchanged
between them.
Figure 29 WPA - PSK Authentication
8.9 WPA with RADIUS Application Example
You need the IP address of the RADIUS server, its port number (default is 1812), and the
RADIUS shared secret. A WPA application example with an external RADIUS server looks as
follows. "A" is the RADIUS server. "DS" is the distribution system.
1 The AP passes the wireless client's authentication request to the RADIUS server.
Chapter 8 Wireless LAN Setup
Prestige 662H/HW Series User's Guide
100