The 802.11 standard was originally developed with two authentication mechanisms:
- Open authentication - Fundamentally a NULL authentication where the wireless client says “authenticate me” and the AP responds with “yes”. Open authentication provides wireless connectivity to any wireless device and should only be used in situations where security is of no concern.
- Shared key authentication - Technique is based on a key that is pre-shared between the client and the AP.
Figure 1 provides a simple overview of the authentication process. However, in most shared key authentication installations, the exchange is as follows:
1. The wireless client sends an authentication frame to the AP.
2. The AP responds with a challenge text to the client.
3. The client encrypts the message using its shared key and returns the encrypted text back to the AP.
4. The AP then decrypts the encrypted text using its shared key.
5. If the decrypted text matches the challenge text, the AP authenticates the client. If the messages do not match, the wireless client is not authenticated and wireless access is denied.
After a wireless client has been authenticated, the AP proceeds to the association stage. As shown in Figure 2, the association stage finalizes settings and establishes the data link between the wireless client and the AP.
As part of this stage:
- The wireless client forwards an Association Request frame that includes its MAC address.
- The AP responds with an Associate Response that includes the AP BSSID, which is the AP MAC address.
- The AP maps a logical port known as the association identifier (AID) to the wireless client. The AID is equivalent to a port on a switch and allows the infrastructure switch to keep track of frames destined for the wireless client to be forwarded.
After a wireless client has associated with an AP, traffic is now able to flow between the client and the AP.