802.11i

  • CCMP (Cipher Block Chaining MAC protocol) - 128-bits encryption using AES

  • TKIP (Temporal Key Integrity Protocol) - each packet is encrypted with a unique WEP key generated using a one-way transformation from the primary key and incremental IV vector. After all IV vectors are tried (16.7 mil combinations), the primary WEP key is regenerated using 802.1x. Packet integrity is provided using MIC (Message Integrity Check) that represents a 32-bit value calculated from the frame header, payload, bit-flipping-proof sequential number - there is no possibility to forge datagrams or use the same IV

  • Key management and replacement of RC4 by AES, WRAP (Wireless Robust Authenticated Protocol), EAP and Radius standard