Wlan data security – H3C Technologies H3C WA2600 Series WLAN Access Points User Manual

5-2

Figure 5-1 Open system authentication process

AP

Client

Authentication request

Authentication response

z

Shared key authentication

The following figure shows a shared key authentication process. The two parties have the same shared

key configured.

1) The client sends an authentication request to the AP.

2) The AP randomly generates a challenge and sends it to the client.

3) The client uses the shared key to encrypt the challenge and sends it to the AP.

4) The AP uses the shared key to encrypt the challenge and compares the result with that received

from the client. If they are identical, the client passes the link authentication. If not, the link

authentication fails.

Figure 5-2 Shared key authentication process

WLAN Data Security

Compared with wired networks, WLAN networks are more susceptible to attacks because all WLAN

devices share the same medium and thus every device can receive data from any other sending device.

If no security service is provided, plain-text data is transmitted over the WLAN.

To secure data transmission, 802.11 protocols provide some encryption methods to ensure that devices

without the right key cannot read encrypted data.

1) Simple text data

No data packets are encrypted. It is in fact a WLAN service without any security protection.

2) WEP

encryption