Think of authentication as identifying who is access the network. Authentication protocols identify users, EAP, LEAP, PEAP, EAP-FAST and EAP-TLS are all Authentication protocols. Actually EAP stands for Extensible Authentication Prococol. As you can see there are various flavors of EAP.
Encyption protocols are protocols that encypt a wireless transmission over the air so it can't be hijacked or read by anyone else. Encryption protocols would include RC4, which is used by WEP; TKIP, which is used by WAP and AES which is used by WPA2.
WEP, WPA and WPA2 are all security methods that incorporate both encryption and authentication.
Also, mac address could be used as a form of authentication.
I think that the last post before mines it's a very good summary !!!
When you think about authentification you have to think about EAP with all the variants:
- EAP-TLS --> the most used, but you need certificates for the user and the server.
- EAP-FAST --> owner of Cisco, you need to have a client Cisco for the user because you need to generate a pac files. But when you have the client Cisco, easy to configure. I have made this configuration with a Wism card and that works fine.
Also when you thing about encryption you have different algorithm:
- RC4 --> used by WEP with key of 40, 104 and 128 bits. This algorithm is easy to crack, so be carreful if you configure this one. Some distribution of Unix are created to crack this type of key in +- 30 min. It's why WEP is not very secure because it used RC4.
- You have also RC4 and TKIP useb by WPA, in fact, but WPA is cracked now also because it use RC4 also.
- So, the last protocol for the encryption is AES, used by WPA2 and this one is not yet cracked.
Wep also has an authentication protocol but it is so weak that nobody uses it so you normally use open protocol.
Once traffic is on the AP then you use EAP. EAP only allows through EAP type packets. These EAP packets can be as described above LEAP PEAP etc
Once authentication has completed the AP will allow normal traffic to flow to and from the WiFi user.