IEEE 802.11i An IEEE standard security protocol for 802.

11 wireless networks that was developed to replace the original WEP protocol. Also known as "Robust Security Network" (RSN), 802.11i provides sophisticated authentication using a variety of protocols (802.1X, EAP and RADIUS) and strong security with the AES-CCMP encryption protocol. However, in order to allow in-place upgrading of older WEP hardware, 802.11i also supports the TKIP protocol, which is less robust than AES-CCMP, but far superior to WEP (see WPA for more details).

Wi-Fi Certification
The Wi-Fi Alliance provides certification for 802.11i-compliant products with its Wi-Fi Protected Alliance (WPA) logo program. The WPA and WPA2 logos certify compliance with a subset of 802.11i or the full 802.11i protocol. See WPA.

AES (Advanced Encryption Standard) A NIST-standard cryptographic cipher that uses a block length of 128 bits and key lengths of 128, 192 or 256 bits. Officially replacing the Triple DES method in 2001, AES uses the Rijndael algorithm developed by Joan Daemen and Vincent Rijmen of Belgium. AES can be encrypted in one pass instead of three, and its key size is greater than Triple DES's 168 bits. In early 1997, the NIST invited cryptographers to submit an advanced algorithm. In late 2000, the Rijndael (pronounced "rine-doll") symmetric block cipher algorithm was selected out of submissions by 21 teams from 11 countries. See cipher, cryptography, NIST, DES and AES/CCMP. (2) (Audio Engineering Society, Inc., New York, www.aes.org) A membership association devoted to audio technology research and development, marketing and education. Founded in 1948, technical standards have been continually developed under its auspices. AES is dedicated to ensuring that audio quality is maintained in the digital world. See AES/EBU. (3) (Automated Export System) A U.S. Customs Service application that tracks goods exported to foreign countries.

Counter Mode In cryptography, a sophisticated mode of operation. Counter mode uses an arbitrary number (the counter) that changes with each block of text encrypted. The counter is encrypted with the cipher, and the result is XOR'd into ciphertext. Since the counter changes for each block, the problem of repeating ciphertext that results from the electronic code book (ECB) method is avoided. See mode of operation,block cipher, XOR and AES-CCMP.

AES CCMP

(AES-Counter Mode CBC-MAC Protocol) The encryption algorithm used in the 802.11i security protocol. It uses the AES block cipher, but restricts the key length to 128 bits. AES-CCMP incorporates two sophisticated cryptographic techniques (counter mode and CBC-MAC) and adapts them to Ethernet frames to provide a robust security protocol between the mobile client and the access point. AES itself is a very strong cipher, but counter mode makes it difficult for an

eavesdropper to spot patterns, and the CBC-MAC message integrity method ensures that messages have not been tampered with.