ZyXEL Communications NBG6515 User Manual page 213

an improvement over WEP as it employs a consistent, single, alphanumeric password to derive a PMK
which is used to generate unique temporal encryption keys. This prevent all WiFi devices sharing the
same encryption keys. (a weakness of WEP)
WPA(2)- PSK Applic a tio n Exa m ple
A WPA(2)-PSK application looks as follows.
First enter identical passwords into the AP and all WiFi clients. The Pre-Shared Key (PSK) must consist of
1
between 8 and 63 ASCII characters or 64 hexadecimal characters (including spaces and symbols).
The AP checks each WiFi client's password and allows it to join the network only if the password
2
matches.
The AP and WiFi clients generate a common PMK (Pairwise Master Key). The key itself is not sent over the
3
network, but is derived from the PSK and the SSID.
The AP and WiFi clients use the TKIP or AES encryption process, the PMK and information exchanged in a
4
handshake to create temporal encryption keys. They use these keys to encrypt data exchanged
between them.
WPA(2)-PSK Authentication
Fig ure 141
Se c urity Pa ra m e te rs Sum m a ry
Refer to this table to see what other security parameters you should configure for each authentication
method or key management protocol type. MAC address filters are not dependent on how you
configure these security features.
Table 92 WiFi Security Relational Matrix
AUT HENT IC AT IO N MET HO D/
KEY MANAG EMENT
PRO T O C O L
Open
Open
Appendix C Wireless LANs
ENC RYPT IO N ENT ER MANUAL
MET HO D KEY
None No
WEP No
Yes
Yes
NBG6515 User's Guide
213
IEEE 802.1X
Disable
Enable without Dynamic WEP Key
Enable with Dynamic WEP Key
Enable without Dynamic WEP Key
Disable