Chapter 6 WiMAX
HES-309M Series User’s Guide
61
This screen contains the following fields:
Table 12 Authentication Settings
LABEL DESCRIPTION
Authentication
Mode
Select the authentication mode from the list.
The WiMAX Device supports the following authentication modes:
• No authentication
• User authentication
• Device authentication
• User and device authentication
Data Encryption
AES-CCM Select this to enable AES-CCM encryption. CCM combines counter-mode
encryption with CBC-MAC authentication.
AES-CBC Select this to enable AES-CBC encryption. CBC creates message
authentication code from a block cipher.
Key Encryption
AES-key
wrap
Select this encapsulate cryptographic keys in a symmetric encryption
algorithm.
AES-ECB Select this to divide cryptographic keys into blocks and encrypt them
separately.
EAP Supplicant
EAP Mode Select an Extensible Authentication Protocol (EAP) mode.
The WiMAX Device supports the following:
• EAP-TLS - In this protocol, digital certifications are needed by both
the server and the wireless clients for mutual authentication. The
server presents a certificate to the client. After validating the
identity of the server, the client sends a different certificate to the
server. The exchange of certificates is done in the open before a
secured tunnel is created. This makes user identity vulnerable to
passive attacks. A digital certificate is an electronic ID card that
authenticates the sender’s identity. However, to implement EAP-TLS,
you need a Certificate Authority (CA) to handle certificates, which
imposes a management overhead.
• EAP-TTLS - This protocol is an extension of the EAP-TLS
authentication that uses certificates for only the server-side
authentications to establish a secure connection. Client
authentication is then done by sending username and password
through the secure connection, thus client identity is protected. For
client authentication, EAP-TTLS supports EAP methods and legacy
authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP
v2.
Anonymous
ID
Enter the anonymous ID used for EAP supplicant authentication.
Server Root
CA Cert File
Browse for and choose a server root certificate file, if required.
Server Root
CA Info
This field displays information about the assigned server root
certificate.
Device Cert
File
Browse for and choose a device certificate file, if required.
Device Cert
Info
This field displays information about the assigned device certificate.
To Next Page
Loading...
