802.11i PHYs

What is PHY in IEEE 802.11i?

IEEE 802.11i is a security amendment to the IEEE 802.11 wireless LAN standard that replaces the insecure WEP with stronger authentication and encryption mechanisms.

What security weaknesses does 802.11i address?

It addresses vulnerabilities in WEP by introducing robust encryption, authentication, and key management protocols.

What encryption algorithms are used in 802.11i?

802.11i defines TKIP and CCMP (AES-based) encryption; CCMP is mandatory for strong security.

What is TKIP in 802.11i?

TKIP (Temporal Key Integrity Protocol) was designed to provide improved security over WEP without requiring new hardware, but is now considered obsolete.

What is CCMP in 802.11i?

CCMP (Counter Mode CBC-MAC Protocol) uses AES encryption and provides strong confidentiality and data integrity.

How does authentication work in 802.11i?

Authentication can be done via 802.1X with EAP methods for enterprise setups or using Pre-Shared Keys (PSK) for simpler environments.

What is the four-way handshake?

It is a key exchange process that establishes fresh encryption keys between the client and access point after authentication.

What is the Group Temporal Key (GTK)?

The GTK is a shared key used to encrypt multicast and broadcast traffic within a WLAN.

What is RSN (Robust Security Network)?

RSN is the security architecture in 802.11i defining how stations negotiate security capabilities and keys.

Does 802.11i modify the physical or MAC layers?

No, it enhances security at the MAC layer but does not change physical layer protocols.

How does 802.11i protect against replay attacks?

It uses sequence counters and message integrity codes to detect and reject replayed frames.

Is WEP still allowed under 802.11i?

No, WEP is deprecated and not compliant with 802.11i security requirements.

What role does 802.1X play in 802.11i?

802.1X provides port-based network access control and is used for authentication in enterprise Wi-Fi networks.

Can 802.11i work without an authentication server?

Yes, using Pre-Shared Key (PSK) mode, suitable for small or home networks without centralized authentication.

What is the role of the Pairwise Transient Key (PTK)?

PTK is a unique encryption key derived between a client and AP for securing unicast communications.

How does 802.11i improve data confidentiality?

By using strong AES encryption (CCMP), it ensures that transmitted data cannot be easily intercepted or decrypted.

What is the difference between TKIP and CCMP?

TKIP is a legacy encryption protocol providing moderate security, while CCMP is a modern AES-based protocol with strong security guarantees.

Is 802.11i backward compatible with older devices?

Only partially; devices that do not support AES/CCMP may fall back to weaker protocols or fail to connect.

Does 802.11i support fast roaming?

802.11i itself doesn’t define fast roaming, but it supports protocols like PMK caching that enable quicker handoffs.

What is the impact of 802.11i on wireless performance?

Strong encryption and key management introduce some overhead, but modern hardware minimizes performance impact.

Is 802.11i still relevant today?

Yes, 802.11i forms the basis of WPA2 security, which is widely used in current Wi-Fi networks.

What replaced 802.11i in newer standards?

WPA3 builds on 802.11i by adding enhanced encryption and authentication mechanisms for improved security.

Topics in this section,

  • Reference links