Installation guide
BlackBerry Enterprise Solution 84
Protocol Description Wi-Fi enabled BlackBerry
device implementation
TKIP TKIP is
• part of the IEEE 802.11i enterprise Wi-Fi network
security standard
• designed to address the shortcomings in WEP
without requiring replacement of the existing
enterprise Wi-Fi network hardware
• designed to use the RC4 encryption method (based
on improved WEP standards)
TKIP is designed to be more robust than WEP in the
following ways:
• using a key size of 128 bits (compared to 40 bits or
104 bits for WEP)
• using a modified initialization vector, that is
designed to significantly increase the difficulty of
deriving the WEP key
• generating keys dynamically for each session by
changing keys automatically for each packet of
transmitted data (where WEP uses a single fixed
key for an entire session)
• using a MIC that fails and discards transmitted
packets that are captured, altered, and resent
• requiring a secure method of distribution to a
wireless client
The Wi-Fi enabled BlackBerry
device supports the use of TKIP
with
• EAP-TLS
• EAP-TTLS
• EAP-FAST
• PEAP
• PSK
AES-CCMP AES-CCMP is
• part of the IEEE 802.11i enterprise Wi-Fi network
security standard
• designed to use AES encryption
AES-CCMP is designed to provide a robust security
protocol similar to TKIP in the following ways:
• using a key size of 128 bits
• using a MIC that fails and discards transmitted
packets that are captured, altered, and resent
• requiring a secure method of distribution to a
wireless client
The Wi-Fi enabled BlackBerry
device supports the use of AES-
CCMP with
• EAP-TLS
• EAP-TTLS
• EAP-FAST
• PEAP
• PSK
EAP authentication methods and encryption algorithms with which the BlackBerry device
supports the use of CCKM
The Wi-Fi enabled BlackBerry device supports the use of CCKM with
• all EAP authentication methods that the Wi-Fi enabled BlackBerry device supports
• WEP and TKIP
The Wi-Fi enabled BlackBerry device does not support the use of CCKM with
• the Cisco CKIP encryption algorithm
• the AES-CCMP encryption algorithm
©
2008 Research In Motion Limited. All rights
reserved.
www.blackberry.com