A clear increase in WLAN security can be achieved by using keys that are dynamically negotiated instead of keys with fixed values. The established process for this purpose is the Extensible Authentication Protocol (EAP). As the name suggests, the original purpose of EAP is authentication, that is, the regulated access to a WLAN—the possibility of installing a valid key for the next session is more or less a byproduct. The figure below illustrates the basic procedure of a session secured by EAP.
In the first phase, the client registers with the AP as usual, and enters the state in which it can now send and receive over the AP in the formerly used WEP—but not with EAP, because in this state the client still doesn't have a key to secure its data traffic from eavesdropping. Instead, the client is in an 'intermediate state' from the point of view of the AP, in which only particular packets from the client are forwarded, and these are only directed to an authentication server. These packets are the EAP/802.1X mentioned previously. The AP packs these packets in RADIUS queries and sends them on to the authentication server. The AP converts the replies from the RADIUS server back into EAP packets, and returns them to the client.
The AP is thus a sort of middle man between client and server: It doesn't have to check the contents of these packets, it just has to check that no other data traffic to or from the client can occur. Over this "tunnel" through the AP, the client and server authenticate one another, that is, the server checks the client's access privilege to the network, and the client checks that it is talking to the right network. This helps to detect "rogue" access points set up by hackers.
A whole series of authentication processes exist which can be used in this tunnel. A common method is for instance TLS, in which server and client exchange certificates; another is TTLS, in which only the server supplies a certificate—the client is authenticated using only a user name and password.
After the authentication phase, a secure tunnel even without encryption has been set up, in which the AP is connected in the next step. For this, the RADIUS server sends the so-called 'Master Secret', a session key calculated during the negotiation, to the AP. The LAN behind the AP is considered secure in this scenario, so that this transmission can be performed in cleartext.
With this session key, the AP now takes over the tunnel and can use it to provide the actual key to the client. Depending on the capabilities of the access point hardware, this can be a true session key, i.e. a key which will only be used for data packets between the AP and precisely this client. Older WEP uses a hardware group key, which the AP will use for communication with multiple clients.
The particular advantage of this procedure is that the AP can regularly change the key over the EAP tunnel, that is, it can perform a so-called rekeying. In this way, keys can be replaced by new ones long before they run the risk of being cracked due to IV collisions. A common 'use time' for such keys might be 5 minutes.
