Wlan data security – H3C Technologies H3C WA2600 Series WLAN Access Points User Manual
Page 17
5-2
Figure 5-1 Open system authentication process
AP
Client
Authentication request
Authentication response
z
Shared key authentication
The following figure shows a shared key authentication process. The two parties have the same shared
key configured.
1) The client sends an authentication request to the AP.
2) The AP randomly generates a challenge and sends it to the client.
3) The client uses the shared key to encrypt the challenge and sends it to the AP.
4) The AP uses the shared key to encrypt the challenge and compares the result with that received
from the client. If they are identical, the client passes the link authentication. If not, the link
authentication fails.
Figure 5-2 Shared key authentication process
WLAN Data Security
Compared with wired networks, WLAN networks are more susceptible to attacks because all WLAN
devices share the same medium and thus every device can receive data from any other sending device.
If no security service is provided, plain-text data is transmitted over the WLAN.
To secure data transmission, 802.11 protocols provide some encryption methods to ensure that devices
without the right key cannot read encrypted data.
1) Simple text data
No data packets are encrypted. It is in fact a WLAN service without any security protection.
2) WEP
encryption