Wlan validating identity
The broadcast key is used to encrypt and decrypt all broadcast and multicast data frames.
Each client station has a unique and separate unicast key, but every station must share the same broadcast key.
Authentication is the verification of user identity and credentials.
Users must identify themselves and present credentials such as passwords or digital certificates.
An access point or wireless switch would be the authenticator, blocking access via virtual ports. Although the supplicant, authenticator, and authentication server work together to provide the framework for 802.1X port-based access control, an authentication protocol is needed to actually perform the authentication process.
Extensible Authentication Protocol (EAP) is used to provide user authentication.
After the key is created, the AS delivers its copy of the unicast key to the access point.Some may provide for only one-way authentication, while others provide two-way authentication.Mutual authentication not only requires that the authentication server validate the client credentials, but the supplicant must also authenticate the validity of the authentication server.Most types of EAP that require mutual authentication use a server-side digital certificate to validate the authentication server.Although the 802.1X/EAP framework does not require encryption, it highly suggests the use of encryption.