Authentication and User Management
14.5 Understanding Encryption Types
SCALANCE W1750D UI
220
Configuration Manual, 02/2018, C79000-G8976-C451-02
14.5
Understanding Encryption Types
Encryption is the process of converting data into a cryptic format or code when it is
transmitted on a network. Encryption prevents unauthorized use of the data.
SCALANCE W supports the following types of encryption:
●
WEP—Wired Equivalent Privacy (WEP) is an authentication method where all users
share the same key. WEP is not as secure as other encryption types such as TKIP.
●
TKIP —Temporal Key Integrity Protocol (TKIP) uses the same encryption algorithm as
WEP. However, TKIP is more secure and has an additional message integrity check
(MIC).
●
AES—The Advanced Encryption Standard (AES) encryption algorithm is a widely
supported encryption type for all wireless networks that contain any confidential data.
AES in Wi-Fi leverages 802.1X or PSKs to generate per-station keys for all devices. AES
provides a high level of security like IP Security (IPsec) clients.
Note
WEP and TKIP are limited to WLAN connection speed of 54 Mbps. The 802.11n connection
supports only AES encryption. Siemens recommends AES encryption. Ensure that all
devices that do not support AES are upgraded or replaced with the devices that support AES
encryption.
WPA and WPA-2
WPA is created based on the draft of 802.11i, which allowed users to create more secure
WLANs. WPA-2 encompasses the full implementation of the 802.11i standard. WPA-2 is a
superset that encompasses the full WPA feature set.
The following table summarizes the differences between the two certifications:
Table 14- 2 WPA and WPA-2 Features
Certification
Authentication
Encryption
WPA
•
PSK
•
IEEE 802.1X with Extensible Authentication
Protocol (EAP)
TKIP with message integrity
check (MIC)
WPA-2
PSK
•
IEEE 802.1X with EAP
AES—Counter Mode with Ci-
pher Block Chaining Message
Authentication Code
(AESCCMP)