Re: Wireless Networks Encryption

From: khayes@eastbay.com
Date: 10/18/02 

To: "alex hajii" <xenix1989@hotmail.com>
From: khayes@eastbay.com
Date: Fri, 18 Oct 2002 10:11:33 -0700

My understanding of this is that the WEP key's length (up to 64-bits)
controls how secure the connection is. Then again, this is always true...
the length of the encryption key is directly related to the strength of the
encryption itself.

The IP handshake is done the same as any other IP based handshake but
before that point the NIC and the WAP do a little pre-handshake work. In a
base install the NIC just connects to the first wireless network it sees.
Normally we take this a step further and point it to a specific wireless
stream. It's during this initial connection phase that some security
checks are made. The WEP key configured on the NIC must match that as on
the WAP. If they don't match, they don't connect.

Being that each WAP on that specific wireless broadcast network needs to
support roaming clients, they all have the same WEP key configured. It
would be a major support nightmare to try and maintain a matrix of WEP keys
to be used depending on where the building you are. Not to mention the
countless hours of trying to support the configuration on the end node.

Think of it this way... you're walking down the hallway using your PDA with
it's brand-new 802.11 NIC. You have to change your WEP key every 40 feet
or so because you jump cells. Mighty UNFUN in my book. LOL

Ken Hayes
Network Administrator
Eastbay / Footlocker.com
Wausau, WI Offices
(715) 261-9573
khayes@eastbay.com

                                                                                                                            
                                                                                                                            
                                                                                                                            
                                                                                                                            
                                       To: security-basics@securityfocus.com
                                       cc:
              "alex hajii" Subject: Wireless Networks Encryption
              <xenix1989@hotmail.com>
                                                                                                                            
              10/16/2002 03:14 PM
                                                                                                                            
                                                                                                                            

new wireless networks support encryption, so that messages cannot be
sniffed.
does anybody know more info on this ?
I mean:

- what encryption protocol do they use (I thing PGP) ?
- exactly how is the hand shake implemented ?
- do all clients receive the same public key ?
- is it true that keys change each time a network device gets connected to
the network ?

thank U

_________________________________________________________________
Get a speedy connection with MSN Broadband.  Join now!
http://resourcecenter.msn.com/access/plans/freeactivation.asp

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - -
The information in this e-mail, and any attachment therein, is confidential
and for use by the addressee only. If you are not the intended recipient,
please return the e-mail to the sender and delete it from your computer.
Although the Company attempts to sweep e-mail and attachments for viruses,
it does not guarantee that either are virus-free and accepts no liability
for any damage sustained as a result of viruses.

Relevant Pages

  • Re: Weird iwl3945 wireless problem
    ... NM found the network right off, and asked me for the passphrase. ... it asked for the "WEP 128 passphrase". ... The attempt timed out after 45 seconds, prompting for me to re-enter the passphrase, but this time, its a "WEP 40/128 Hexadecimal" and passphrase its trying to use is different from what I originally typed in, though I might believe it is the passphrase encrypted for the network its trying to connect to. ... The reason for this is that when the router is set up that way, you have to make an encrypted connection BEFORE you try to get a dhcp lease. ...
    (Fedora)
  • Re: Wireless network security
    ... only the cable modem connection. ... >> How do I check security and hackability? ... > As long as you have WEP enabled, ... Also try operating as a "closed network", ...
    (comp.security.firewalls)
  • Re: WZC disconnect issues
    ... I always connected by adding the network to the "preferred network" list, using the exact SSID, entering the WEP key, and then clicking OK. ... I right click on the network connection icon in the system tray, select my network from the list of available wireless networks, enter the WEP key again, and click connect. ... process for connecting to SSID broadcast disabled, ...
    (alt.internet.wireless)
  • Re: Sych using WIFI?
    ... For the record I was to successfully establish a connection to ... > If your not getting a valid IP address then is your network SSID and WEP ... Use a HEX key for WEP. ... I did do this and Activesync doesn't work still. ...
    (microsoft.public.pocketpc.activesync)
  • Re: IPAQ 4150 PPC2003 and SMC wi fi base
    ... In most cases this happens when there is a wrong WEP key assigned to the ... Try to remove WEP from the network and connect. ... reinsert the WEP keys on both the base and the Ipaq. ... > the WORK connection sbut it only lists Bluetooth and Haynes modem. ...
    (microsoft.public.pocketpc.wireless)