Wireless Products
Intel® Wi-Fi Products
Understanding IEEE* 802.11 Authentication and Association

Note The following information is intended for the home or small-office user. Concepts discussed do not take into account large network environments with advanced network security.

Authentication
802.11 authentication is the first step in network attachment. 802.11 authentication requires a mobile device (station) to establish its identity with an Access Point (AP) or broadband wireless router. There is no data encryption or security at this stage.

The Institute of Electrical and Electronics Engineers, Inc.(IEEE) 802.11 standard defines two link-level types of authentication: Open System and Shared Key.

Open System Authentication
Open system authentication consists of two communications. The first is an authentication request from the mobile device that contains the station ID (typically the MAC address). This is followed by an authentication response from the AP/router containing a success or failure message.

Shared Key Authentication
With shared key authentication, a shared key or passphrase is manually set on both the mobile device and the AP/router. There are several types of shared key authentication available today for home or small office WLAN environments:

  • Wired Equivalent Privacy (WEP)
    WEP is not recommended for a secure WLAN due to its inherent weaknesses. One of the main security risks is a hacker can capture the encrypted form of an authentication response frame, using widely available software applications, and use the information to crack WEP encryption.

  • Wi-Fi Protected Access (WPA)
    WPA complies with the wireless security standard, and strongly increases the level of data protection and access control (authentication) for a wireless network. WPA enforces IEEE 802.1X authentication and key-exchange and only works with dynamic encryption keys. Users might see different naming conventions for WPA in a home or small-office environment. Examples are WPA-Personal, WPA-PSK, WPA-Home. A common pre-shared key (PSK) must be manually configured on both the client and AP/router.

  • Wi-Fi Protected Access 2 (WPA2)
    WPA2 is a security enhancement to WPA. The two are not interoperable so a user must ensure the mobile device and AP/router are configured using the same WPA version and pre-shared key (PSK).

Association
Once authentication is complete, mobile devices can associate (register) with an AP/router to gain full access to the network. Association allows the AP/router to record each mobile device so that frames may be properly delivered. Association only occurs on wireless infrastructure networks, not in ad hoc (peer-peer) mode. A station can only associate with one AP/router at a time.

Association Process:

  1. After the mobile device authenticates to an AP/router, it sends an Association Request.
  2. The AP/router processes the Association Request. AP/router vendors may have different implementations for deciding whether or not a client request should be allowed.
    • When an AP/router grants association, it responds with a status code of 0 (successful) and the Association ID (AID). The latter is used to identify the station for delivery of buffered frames when power-saving is enabled.
    • Failed Association Requests include only a status code and the procedure ends.
  3. AP/router forwards frames to/from the mobile device.

This applies to:

Intel® Centrino® Advanced-N + WiMAX 6250
Intel® Centrino® Advanced-N 6200
Intel® Centrino® Advanced-N 6205
Intel® Centrino® Advanced-N 6205 For Desktop
Intel® Centrino® Advanced-N 6230
Intel® Centrino® Advanced-N 6235
Intel® Centrino® Ultimate-N 6300
Intel® Centrino® Wireless-N + WiMAX 6150
Intel® Centrino® Wireless-N 100
Intel® Centrino® Wireless-N 1000
Intel® Centrino® Wireless-N 1030
Intel® Centrino® Wireless-N 105
Intel® Centrino® Wireless-N 130
Intel® Centrino® Wireless-N 135
Intel® Centrino® Wireless-N 2200
Intel® Centrino® Wireless-N 2200 For Desktop
Intel® Centrino® Wireless-N 2230
Intel® Dual Band Wireless-AC 3160
Intel® Dual Band Wireless-AC 7260
Intel® Dual Band Wireless-AC 7260 for Desktop
Intel® Dual Band Wireless-N 7260
Intel® PRO/Wireless 2200BG Network Connection
Intel® PRO/Wireless 2915ABG Network Connection
Intel® PRO/Wireless 3945ABG Network Connection
Intel® WiFi Link 1000
Intel® WiFi Link 5300 and Intel® WiFi Link 5100 products
Intel® WiMAX/WiFi Link 5350 and Intel® WiMAX/WiFi Link 5150 products
Intel® Wireless WiFi Link 4965AGN
Intel® Wireless-N 7260

Solution ID: CS-025325
Last Modified: 21-Jul-2014
Date Created: 27-Dec-2006
Back to Top