802.11i (or IEEE 802.11i-2004) is a variation of the Institute of Electrical and Electronic Engineers’ wireless network standard. It identifies security measures and protocol used in wireless network data transmission documented in the IEEE 802.11-2007 publication.
802.11 is a group of IEEE standards governing wireless networking transmission procedures. Widespread use of the 802.11a, 802.11b, and 802.11 g protocols enable efficient wireless connectivity for home, office, and commercial computing.
802.11i is a recent amendment for WLANs (Wireless Local Area Networks). This evolution of the 802.11 presents enhanced encryption for 802.11a, 802.11g, and 802.11b connections (such as Wi-Fi). The 802.11i standard employs improved encryption key protocols like the Temporal Key Integrity Protocol (TKIP) and the Advanced Encryption Standard (AES) .
802.11i architecture includes these integral components:
- 802.1x to authenticate (requiring the use of EAP plus an authentication server)
- RSN (Robust Security Network) to keep track of connections
- AES-based CCMP to provide security (in terms of data confidentiality, integrity, and origin authentication)
Another important part of the process of authentication is the ‘four-way handshake.’ This heightens data security, as the AP needs to verify itself with the client station first and derive traffic encryption keys before gaining access to the network. After this, the signal must also surrender the Global Temporal Key (GTK) before finally decoding the broadcast and multicast traffic.
The 802.11i amendment specifications meet the security standards of many government agencies and other entities. AES, however, needs a dedicated microchip, which could mean hardware upgrades to present Wi-Fi networks. 802.11i also enables key caching (which assists in quick server reconnection for users who have gone offline) as well as pre-authentication (which provides fast roaming – ideal for more sophisticated applications like VoIP or Voice over Internet Protocol) .