CompTIA A+ Certification Exam Refresher Guide: The Basics of PSK Authentication

PSK AuthenticationLearning how PSK authentication works is essential before you take an A+ certification practice test. Here are the basics that you need to know:

PSK Authentication

Wireless security settings provide different options for authentication. This includes the pre-shared key (PSK), a method for client authentication. It makes use of a passphrase of 8 to 63 printable ASCII characters or a sequence of 64 hexadecimal digits for generating unique encryption keys for a wireless client. It is a commonly used authentication method for WEP and WPA encryption on wireless networks.

WEP and WPA

Wired Equivalency Privacy (WEP) was the original encryption method developed for wireless networks. WEP utilizes a shared, secret encryption key by sending a test response between the access point and the client for verification. When using PSKs, everyone shares the same encryption key for securing traffic between everyone. With WEP, the access point will send the client a challenge. The client should then send the access point an encrypted challenge text. Authentication would only be successful when the access point could decrypt the same challenge text.

As time went on, WEP proved to be insecure and easily hacked. These days, it is used for legacy hardware incapable of using the more advanced Wi-Fi Protected Access (WPA) encryption protocol. WPA was developed to address the limitations of WEP. This improved wireless standard uses the Temporal Key Integrity Protocol (TKIP). The TKIP is capable of hashing the encryption key and using integrity checking to make certain that the key hasn’t been modified in any way. Put simply, WPA is more secure than WEP. There’s also the more advanced WPA2, which is based on the port-based authentication standard 802.11 1x and the standard IEEE 802.11i, which requires the Advanced Encryption Standard (AES).

Important Things to Consider

While WPA2 is the preferred encryption protocol today, not all hardware is capable of supporting AES. Additionally, to safely use PSK authentication, it should be restricted to “administrator-only” read and write access, restricted on every computer to “system-only” read access, and encrypted when transmitted and received between a domain controller and member computer systems.