TeamF1 : Products : SecureAire Supplicant :

SecureAire Supplicant

SecureAire Supplicant is a comprehensive embedded 802.11 client (supplicant) software package which implements IEEE 802.11's supplicant functionality and supports the latest wireless security standards including Wi-Fi� Protected Access (WPA�) and WPA2/IEEE 802.11i. The software is designed as a set of modular, application-agnostic components that deliver Wi-Fi security and standards-compliance. Besides providing the functionality of a full-fledged secure 802.11 client, its unique capability lies in its ability to make these services available to an embedded application in any domain through flexible APIs and configuration mechanisms, to make secure Wi-Fi connectivity a convenient add-on to any embedded device. SecureAire Supplicant is standards-based and can interoperate with other IEEE 802.11 compliant systems running on any platform or OS.

PDF datasheet

ds-1.1

802.1X Access Control

SecureAire Supplicant includes a full implementation of the port-based network access control supplicant-side state machine defined by IEEE 802.1X. While 802.1X provides a framework for EAP-based authentication, it does not define the actual authentication mechanisms. SecureAire Supplicant includes all popular EAP authenication mechanisms (MD5, TLS, TTLS and PEAP) and also provides an EAP framework to add new EAP types. New EAP types can be added using the existing APIs without requiring any change in the application.

Connection Profiles

SecureAire Supplicant also includes the ability to store and prioritize the order of wireless networks the supplicant can connect to, and API driven connection management with the ability to store the settings of a connection and then apply it on the interface which will eventually connect to the given AP in the profile.

The Security Advantage

SecureAire Supplicant is a complete solution for network devices that require secure WLAN client functionality. It also includes Krypto-Lite, TeamF1�s FIPS-certified common crypto framework, along with a suite of encryption and integrity components to secure and manage access point traffic. Krypto-Lite also allows the seamless integration of other optional security protocols developed by TeamF1 such as SSL/https, SSH and IPsec/IKE to meet additional security requirements.

Basic Supplicant Usage

Cryptography

SecureAire Supplicant includes TeamF1's FIPS certified Krypto-Lite software crypto library including support for a variety of encryption and hash algorithms: DES, 3DES, AES, MD5, SHA. Other ciphers such as Arcfour, Blowfish, CAST128, RIPE-MD are available. The built-in cryptographic library can be used by the embedded application to implement additional security in the device. It can also be used by custom EAP authentication methods to provide X.509 certificate-based and other types of secure access control. The Krypto-Lite library includes support for FIPS certified algorithms - AES, DES/3DES, SHA, DSA, overridable PRNG and seeding capabilities, support for advanced cipher modes including AES-CCM-128, support for advanced SHA2 Message Digest Algorithms - SHA2-256 , SHA2-384, SHA2-512, Diffie-Hellman groups: 1, 2, 5, 14. Optionally a FIPS 186-2 Appendix 3.1 PRNG is also available from TeamF1 for Krypto-Lite. The cryptographic library can be shared with other TeamF1 security protocols for maximum reuse and code footprint efficiency, as well as ease of certification and export classification.

Built for Embedded Use

SecureAire Supplicant is a drop-in supplicant designed for embedded use. It has been extensively validated on a variety of CPU architectures, which minimizes development and integration efforts. SecureAire Supplicant is optimized with enhanced memory management & abstractions that are lean, yet fast. A common code base is provided for all supported target environments such as embedded variants of Linux�, VxWorks�, and others.