Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
633
Views
0
Helpful
3
Replies

Question regarding WPA2/personal & enterprise

gpan667788
Level 1
Level 1

‎01-16-2007 08:43 PM - edited ‎07-03-2021 01:29 PM

Greeting,

I was wondering if anyone can tell me which one is more secure, WPA2 personal or enterprise. It seems like WPA2 personal is a little bit easier to config. What is the volubility for WPA2/personal besides the laptop got stolen? What type volubility WPA2/enterprise may have?

Thanks for the help,

Glen

Labels:
0 Helpful
3 Replies 3

ethiel
Level 3
Level 3

‎01-17-2007 12:56 PM

WPA-PSK (Personal) has some public methods to crack. If it is a dictionary word it is relatively easy to break. If it is a 63 character random string, it is not as practical to attempt (see remote-exploit.org for cracking info and video). WPA Enterprise (with PEAP, EAP-Fast, or EAP-TLS) is far more secure, and I am not aware of any practical attacks as long as you pick a reasonable re-key interval (12 hours or less should be enough).

-Eric

Please remember to rate all helpful posts.

0 Helpful

gpan667788
Level 1
Level 1
In response to ethiel

‎01-17-2007 04:41 PM

Thanks for the reply. I am aware of both WPA/TKIP personal & enterprise. My question is regarding WPA2/CCMP personal & enterprise. Try to find out which one is more secure. And pros and cons of both versions of WPA2.

thanks, Glen

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to gpan667788

‎01-17-2007 05:44 PM

WPA2 is a newer 802.11i standard that provides even stronger wireless security than WiFi Protected Access (WPA) and WEP. CCMP is the security protocol used by AES. It is the equivalent of TKIP in WPA. CCMP computes a Message Integrity Check (MIC) using the well known, and proven, Cipher Block Chaining Message Authentication Code (CBC-MAC) method. Changing even one bit in a message produces a totally different result.

WPA2-CCMP is based upon the concept of a robust security network (RSN), which defines a hierarchy of keys that have a limited lifetime, similar to TKIP. Also like TKIP, the keys that the administrator provides are used to derive other keys. Messages are encrypted using a 128-bit secret key and a 128-bit block of data. The end result is encryption that is extremely secure.

One thing to remember is "personal" is pre-share key and "enterprise" requires a radius server and certificate.

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card