RSNA Key Hierarchy All right, our goal then of AKM is the creation of encryption keys. And so one of the first things we talked about is that at the top, we have a master key. And from that master key and through the exchange of information, we’re going to have a GroupWise and a pairwise master key. I’ve already gone through this process and talking about what happens and how from those master keys, like that hotel example, that we’re going to create a pairwise transient key for you,…

Authentication and Key Management (AKM) Part2 All right. So again, we said that in ACAM we are demanding authentication that’s 821 X and AES encryption for the type of exchange of information. And what we didn’t add in there was some of the traffic from the authentication server. So we’re assuming again by the standard 802. And I know this looks like a refresher of what I just drew, not as pretty as my picture. But anyway, as we go through here, like I said, those information elements are going…

Management Frames & RSNIE (eNotes) Alright? Management frames are very important for the robust security network and we call the information exchange information elements Ies. So I’m just going to refer to them as Ies. And we’re just going to take a look at, again, a basic security set where I have my single station, I have my access point, and one of the first things we said is that we needed to make sure that both sides can agree on what type of security they can support and whether…

Dynamic Encryption Key Generation So in this module, we’re going to talk a look at how we can create dynamic encryption keys that we want to use for security. So, believe it or not, we’re going to go back to Web, but talk about dynamic Web being able to create dynamic keys. And then we’re going to move forward with this idea of the RSN, the robust security network. We’ll talk about the different ways in which they exchange information through what they call an information element. I think we’ve…

PACs Alright, now let’s take a look at the packs, the protected access credential. Like I said, it’s very much like a digital certificate. Some people would say that those and certificates are cousins. It actually is a shared secret. But Repast is the only EEP type that is going to use these packs. And so we kind of want to talk a little bit about what they contain. So like I said, it’s like that digital certificate, it does use pre shared keys. All right? Pre shared keys does…

EAP Process Well what I wanted to do is kind of show you a generic display and in reality this is actually probably a little bit more extensive than what I wanted you to see. But we got a couple of steps. One of the first things is even before the EEP Paul start, the step one is that this Supplicant is trying to do an association with the access point, which means let’s say this is the only access point. So it’s what we would call a basic service…

Authentication Server Credentials Now one of the things we haven’t talked a lot about was the authentication server and whether it’s Radius Takiax, Active Directory, whatever the case may be. Remember that what it does is it validates, basically trying to validate. So it validates the authentication server, but technically we’re saying it validates the user, I would say on the authentication server. Now what’s important though is if you think about it and this is the authentication server, so we already said that the access point is the authenticator,…

802.1X One of the pieces that we’re going to see with WPA Two enterprise is this port based authentication. Now, I know it sounds weird to say port based when we’re talking about wireless. I think I mentioned before that the IEEE specification of 802 one whatever is all about Bridging. And so this really was for Bridging and switching solutions to be able to authenticate a user or a machine when it connects to a switch port. The idea being that if I walk into your office and I…

Authentication A recap on authentication and I’m not going to repeat or belabor the same points. We talked about something, you know, usernames and passwords. I talked about smart cards that have the ability to again authenticate who you are. But there are a couple of other options. One of the first ones I’ll skip down a little bit is a onetime password. A onetime password is supposed to be pretty secure. As an example, if I wanted to to sign up a new computer in active directory, I might…

802.11 Authentication Methods This module is going to talk about the different types of authentication methods that we can use with 8211. So we’ll start with, again, an overview of what authentication is all about and then we’ll get into the concept of these AAA servers. Then we’ll also look at portbased authentication, the eight one X. We’ll talk about the ways in which the Supplicant well, we’ll talk about what a Supplicant is too, but Supplicant credentials, the authentication server credentials, uses of things like shared secrets. We’ll look…