Key Management

One of the big problems in 802.11 is the distribution of keys; it is difficult for an administrator to generate and manage them. If a laptop or card is lost, the security of the site can be compromised. Keys can be compromised during mass distribution, if they are posted on web pages or distributed on CDs or floppy disks. Finally, the security problems make a strong case for developing dynamic keys.

802.11i introduces key management schemes that allow for a separate authentication process to enable the distribution of keys. There are two main phases to this process:

  • Master key establishment

  • Key exchange

Master key establishment can occur either manually via configuration or dynamically via the 802.1x protocol using EAP. After master ...

Get Cisco Wireless LAN Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.