Chapter 5. WLAN Basic Authentication and Privacy Methods

This chapter is the first of a trilogy of chapters that looks at the authentication aspects of WLAN security?the bootstrap, the initialization, the security measures they support, the trust models, and the processes.

Although the WLAN domain is young, its security has gone through three generations. This chapter looks at the basic authentication services?the open authentication and shared-key authentication methods?of the 802.11 specification. This chapter also dives into Wired Equivalent Privacy (WEP) mechanisms. Although these mechanisms are quickly becoming legacy, a thorough knowledge of them enables you to have a good understanding of and proper perspective on current and future WLAN security mechanics.


Currently, only point-to-point authentication is supported; no multicast authentication is allowed. Multicast authentication can be useful for mobility in which a client can authenticate to multiple access points (APs)?it is one way of enabling seamless mobility, quality of service (QoS), or even channel aggregation.

Also, the authentication is session, user, or device authentication; it is not message authentication.