Help Center User GuideGetting StartedFAQsRelease Notes
User Guide
Getting Started
Release Notes

Understanding PSK Authentication

Pre-Shared Key (PSK) is a client authentication method that uses a string of 64 hexadecimal digits, or as a passphrase of 8 to 63 printable ASCII characters, to generate unique encryption keys for each wireless client. PSK is one of two available authentication methods used for WPA and WPA2 encryption on Juniper Networks wireless networks. PSK is not the default authentication method when creating a WLAN Service profile because the other choice, 802.1X authentication, is the both 802.11 standard and is stronger.

Note: 802.1X and PSK authentication types can be applied simultaneously—clients will use the most secure option that they are capable of using. For more information about 802.1X authentication, see Understanding the IEEE 802.11 Standard for Wireless Networks.

This topic describes:

What Is PSK?

There are two WPA forms of encryption available with Network Director: Wi-Fi Protected Access (WPA) and the newer WPA2. Pre-shared key (PSK), a shared secret method, can be added to either encryption method:

How Does PSK Work?

With PSK, you configure each WLAN node (access points, wireless routers, client adapters, bridges) not with an encryption key, but rather with a string of 64 hexadecimal digits, or as a passphrase of 8 to 63 printable ASCII characters. Using a technology called TKIP (Temporal Key Integrity Protocol), that passphrase, along with the network SSID, is used to generate unique encryption keys for each wireless client. Those encryption keys are constantly changed. When clients connect, the PSK authentication users provide the password to verify whether to allow them access to a network. As long as the passwords match, a client is granted access to the WLAN.

Note: You have the option to encrypt the PSK plain-English passphrase.

When Would I Use PSK Authentication?

PSK was designed for home and small office networks that do not require the complexity of an 802.1X authentication server. Some reasons to use PSK authentication are:

Why Would I not Use PSK Authentication?

Even if you have a small company, there are drawbacks to using PSK authentication. For example:

How Is WPA Encryption Different from WPA-PSK Encryption?

The primary difference between WPA and WPA2-Personal are the encryption ciphers used to secure the network. WPA can use only the encryption cipher Temporal Key Integrity Protocol (TKIP). WPA2-Personal can use TKIP, but because TKIP security keys are less secure, the WPA2 protocol usually uses the Advanced Encryption Standard. AES uses a much more advanced encryption algorithm that cannot be defeated by the tools that overcome TKIP security, making it a much more secure encryption method.

Related Documentation

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      

Additional Comments

800 characters remaining

May we contact you if necessary?


Need product assistance? Contact Juniper Support