Motorola RFS7000 Series System Reference Manual page 139

WPA's encryption method is Temporal Key Integrity Protocol (TKIP). TKIP addresses WEP's weaknesses with a
re-keying mechanism, a per-packet mixing function, a message integrity check, and an extended initialization
vector. WPA also provides strong user authentication based on 802.1x EAP.
WPA2 is a newer 802.11i standard that provides even stronger wireless security than WPA and WEP. CCMP is
the security standard used by the Advanced Encryption Standard (AES). AES serves the same function TKIP
does for WPA-TKIP. CCMP computes a Message Integrity Check (MIC) using the proven Cipher Block Chaining
(CBC) technique. Changing just one bit in a message produces a totally different result.
WPA2-CCMP is based on the concept of a Robust Security Network (RSN), which defines a hierarchy of keys
with a limited lifetime (similar to TKIP). Like TKIP, the keys the administrator provides are used to derive other
keys. Messages are encrypted using a 128-bit secret key and a 128-bit block of data. The end result is an
encryption scheme as secure as any the switch provides.
To configure WPA/WPA2-TKIP/CCMP encryption:
1. Select Network
2. Select an existing WLAN from those displayed within the
button.
A WLAN screen displays with the WLAN's existing configuration. Refer to the
Encryption columns to assess the WLAN's existing security configuration.
3. Select either the
Encryption field.
4. Click the Config button to the right of the WPA/WPA2-TKIP and WPA2-CCMP checkboxes.
The WPA/WPA2-TKIP/CCMP
WPA/WPA2-TKIP or WPA-CCMP.
5. Select the Broadcast Key Rotation
MUs.
> Wireless LANs from the main menu tree.
WPA/WPA2-TKIP or WPA2-CCMP
screen displays. This single screen can be used to configure either
checkbox to enable the broadcast of encryption-key changes to
Network Setup
Configuration tab and click the
Authentication
button from within the
4-53
Edit
and