Wireless - Using GCMP with WPA2 and WPA3

WPA3 is the latest security standard for wireless network encryption, succeeding WPA2 for Wi-Fi networks. Among its benefits, as stated by Cisco documentation, it supports Encryption and Message Integrity Code (MIC) using AES and GCMP.

GCMP stands for Galois/Counter Mode Protection, and it is an encryption protocol used in wireless security. It is an advanced form of encryption that provides both data privacy (encryption) and authentication, which ensures the integrity and authenticity of the data.

There is a little bit of confusion about whether or not the use of GCMP is novel and exclusive to WPA3 or if it is also supported by WPA2. According to Cisco documentation, WPA2 does not support GCMP. However, within the GUI of Cisco's WLC you can see that it is possible to enable WPA2 Encryption using GCMP.

The truth is that the use of GCMP option is actually because some WPA2 implementations, particularly those used in 802.11ac and 802.11ax (Wi-Fi 5 and Wi-Fi 6) can actually use GCMP. It’s not common, but it is possible, hence its inclusion in the options. However, it’s more commonly used with WPA3.

Now officially, it is not explicitly stated that WPA2 does support GCMP according to the Wi-Fi Alliance, which has published the WPA2 and WPA3 standards. However, because many manufacturers use IEEE standards that do support it, they must indicate this in some way on their interfaces.

Remember, vendors don’t always conform exactly to the standards they deliver, and I believe that this is a case where Cisco has chosen to adhere more to the 802.11ac and ax standards rather than the WPA2 standard.

Links:

https://forum.networklessons.com/t/wi-fi-protected-access-wpa/9116/5?u=lagapidis

https://networklessons.com/cisco/ccna-200-301/wireless-encryption-and-integrity#GCMP