Home page logo

basics logo Security Basics mailing list archives

Re: 802.1x and PEAP
From: <balinsky () cisco com>
Date: 28 Mar 2004 15:45:32 -0000

In-Reply-To: <EF8CB44BF111D81191FF00065BFEF45C191D03 () netsoldns01>

Actually, Cisco supports TKIP as well. Cisco originally came out with their own version when they needed to get a 
Fluhrer-Mantin-Shamir countermeasure into customers' hands quickly, before the standards body was ready. That is the 
Cisco algorithm we now call "CKIP." But, Cisco also supports the standard version of TKIP, and recommends it, because 
it is stronger and it is interoperable. Thus, I believe your concerns about non-compatibility are now obsolete. 

I found this documented at:
Table 1 of this link shows when CKIP, TKIP, and WPA were released:

There is probably a more concise link somewhere (I'm not in the wirless networking group), but I think those covers it.

Andy Balinsky
Network Security Engineer
Cisco Systems

Shankar wrote:

The algorithms used on the "Cisco Access Points" for TKIP & MIC are
proprietary to Cisco - pre-standard implementations 

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]