Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the
RC4 protocol. Which of the following is a wireless encryption solution that the technician should
implement while ensuring the STRONGEST level of security?
A.
WPA2-AES
B.
802.11ac
C.
WPA-TKIP
D.
WEP
Explanation:
WPA-TKIP uses the RC4 cipher.
TKIP and the related WPA standard implement three new security features to address security problems
encountered in WEP protected networks. First, TKIP implements a key mixing function that combines the
secret root key with the initialization vector before passing it to the RC4 initialization. WEP, in
comparison, merely concatenated the initialization vector to the root key, and passed this value to the
RC4 routine. This permitted the vast majority of the RC4 based WEP related key attacks. Second, WPA
implements a sequence counter to protect against replay attacks. Packets received out of order will be
rejected by the access point. Finally, TKIP implements a 64-bit Message Integrity Check (MIC)
To be able to run on legacy WEP hardware with minor upgrades, TKIP uses RC4 as its cipher. TKIP also
provides a rekeying mechanism. TKIP ensures that every data packet is sent with a unique encryption key.
Incorrect Answers:
A: WPA2-AES does not use the RC4 protocol.
B: 802.11ac does not use the RC4 protocol.
D: WEP uses the RC4 protocol but is weaker in terms of security than WPA. WPA was created to replace
WEP.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 171, 172-173, 258
http://en.wikipedia.org/wiki/Temporal_Key_Integrity_Protocol
http://www.diffen.com/difference/WPA_vs_WPA2