Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
979
Views
5
Helpful
2
Replies

What is the need of TKIP or AES encryption

newtamil2011
Level 1
Level 1

‎01-24-2017 04:52 AM - edited ‎07-05-2021 06:25 AM

Hi Team,

If I use the RSN technology such as 802.1x or PSK for wireless authentication , it is going to create the keys such as PMK and PTK etc for encryption and decryption of data frames. Then why do we need TKIP and AES algorithms to do  the encryption?

Kindly provide clarification in this.

Thanks

Tamil

Labels:
0 Helpful
2 Replies 2

Sandeep Choudhary
VIP Alumni
VIP Alumni

‎01-24-2017 05:57 AM

Here you go :


WPA (and WPA2) encrypts traffic below the level that Wireshark or similar tools capture. Those tools capture at the operating system's socket interface, not at the level of the actual network media. When you send a packet over WPA-protected WiFi, the WPA encryption isn't added until the last moment before the data is broadcast.

There might still be other encryption - for example, I could apply PGP encryption to an email and send it to SMTP server over TLS, which would be two levels of encryption... but those levels would be visible to (and, indeed, created by) the application (such as my email client). Somebody sniffing that traffic would still be able to see things like what protocol it's using (TCP, on top of IP), what port it comes from and is routing to, the destination IP address, and so on.

However, once the packet reaches the WiFi interface driver, it gets encrypted with the AES key that my machine is using for WPA. At that point, about the only things visible are the network SSID that I'm using (I think the source and destination MAC addresses may also be visible) and a vague idea of the size. Somebody without the WiFi key sniffing the network traffic using software-defined radio or a WiFi card in promiscuous mode wouldn't be able to tell the difference between my email and me sending a network ping or chatting on Skype; they wouldn't even be able to tell where the packets were going beyond the WiFi access point.

Regards

Dont forget to rate helpful posts

tonyarose951
Level 1
Level 1

‎05-20-2017 07:53 AM

I've been asking the same question, and here: http://www.winzip.com/win/en/learn/aes-encryption.html I found a good answer that clarified it :)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card