User's Manual

ManualsBrandsIntermec Technologies ManualsElectronics802UIAG

Chapter 3 — Configuring the CK60 Computer

CK60 Series Handheld Computer User’s Manual 65

Intermec Technologies recommends using security measures with wireless

networks to prevent unauthorized access to your network and to ensure

your privacy of transmitted data. The following are required elements for

secure networks:

• Authentication by both the network and the user

• Authentication is cryptographically protected

• Transmitted data

There are many schemes available for implementing these features.

Terminology

Below are terms you may encounter as you configure your wireless net-

work:

AES

(Advanced

Encryption

Standard)

A block cipher, a type of symmetric key cipher that uses groups of bits of a fixed length - called

blocks. A symmetric key cipher is a cipher that uses the same key for both encryption and

decryption.

CKIP (Cisco

Key Integrity

Protocol)

This is Cisco's version of the TKIP protocol, compatible with Cisco Airnet products.

EAP

(Extensible

Authentication

Protocol)

802.11b/g uses this protocol to perform authentication. This is not necessarily an authentication

mechanism, but is a common framework for transporting actual authentication protocols. Intermec

provides a number of EAP protocols for you to choose the best for your network.

TKIP

(Temporal Key

Integrity

Protocol)

This protocol is part of the IEEE 802.11i encryption standard for wireless LANs., which provides

per-packet key mixing, a message integrity check and a re-keying mechanism, thus overcoming most

of the weak points of WEP. This encryption is more difficult to crack than the standard WEP.

Weak points of WEP include:

• No Installation Vector (IV) reuse protection

• Weak keys

• No protection against message replay

• No detection of message tampering

• No key updates

WEP (Wired

Equivalent

Privacy)

encryption

With preconfigured WEP, both the client CK60 Computer and access point are assigned the same

key, which can encrypt all data between the two devices. WEP keys also authenticate the CK60

Computer to the access point - unless the CK60 Computer can prove it knows the WEP key, it is

not allowed onto the network.

WEP keys are only needed if they are expected by your clients. There are two types available: 64-bit

(5-character strings, 12345) (default) and 128-bit (13-character strings, 1234567890123). Enter

these as either ASCII (12345) or Hex (0x3132333435).

WPA (Wi-Fi

Protected

Access)

This is an enhanced version of WEP that does not rely on a static, shared key. It encompasses a

number of security enhancements over WEP, including improved data encryption via TKIP and

802.11b/g authentication with EAP.

WiFi Alliance security standard is designed to work with existing 802.11 products and to offer

forward compatibility with 802.11i.

WPA2 (Wi-Fi

Protected

Access)

Second generation of WPA security. Like WPA, WPA2 provides enterprise and home Wi-Fi users

with a high level of assurance that their data remains protected and that only authorized users can

access their wireless networks. WPA2 is based on the final IEEE 802.11i amendment to the 802.11

standard ratified in June 2004. WPA2 uses the Advanced Encryption Standard (AES) for data

encryption and is eligible for FIPS (Federal Information Processing Standards) 140-2 compliance.