[wplug] For those of you that think the new WEP standards
are secure ...
Richard Farina
r.farina at adelphia.net
Wed May 4 23:23:40 EDT 2005
At 05:31 PM 5/4/2005, Bill Moran wrote:
>Richard Farina <r.farina at adelphia.net> wrote:
>
> > At 08:25 AM 5/4/2005, Bill Moran wrote:
> >
> > >Looks like removing weak keys wasn't enough ...
> > >
> > >http://securityfocus.com/infocus/1814
> >
> > Try to keep up Bill, that is four months old. The feds can crack wep in 3
> > minutes.
>
>Are you saying that WEP is even _more_ insecure than that says?
>
>And I've forgotten, are the new encryption standards for WiFi just
>WEP v2, and therfore easy to break? Or have people come up with a
>standard that is actually reasonably secure?
WPA is Temporal Key Integrety Protocol. Basically it rotates a standard
WEP key (or an AES key) on a set schedule. Thus, you can break it with a
dictionary attack but this is disgusting brute force and not really
suitable for real world application. WPA has it's limitations, which
intend to be solved with 802.11i. Look it up, it sound like fun, all of
your current hardware will have to be completely replaced, no firmware
flashes for this one. 802.11i requires an AES encryption co-processor on
the card to function. Knowledge it power.
-Rick Farina
>I posted that because I remember talking to some people recently who
>told me "if you use newer cards, they don't use the weak keys, and
>thus are safe." That article disproves that assumption.
>
>--
>Bill Moran
>Potential Technologies
>http://www.potentialtech.com
More information about the wplug
mailing list