From: "Christian Langanke" Received: from mxout4.mailhop.org ([63.208.196.168] verified) by 2rosenthals.com (CommuniGate Pro SMTP 5.0.9) with ESMTP id 399213 for os2-wireless_users@2rosenthals.com; Sun, 01 Oct 2006 10:45:41 -0400 Received: from mxin1.mailhop.org ([63.208.196.175]) by mxout4.mailhop.org with esmtp (Exim 4.51) id 1GU2ZX-000Jqy-Oj for os2-wireless_users@2rosenthals.com; Sun, 01 Oct 2006 10:45:40 -0400 Received: from waldorf.webpack.hosteurope.de ([217.115.142.71]) by mxin1.mailhop.org with esmtp (Exim 4.51) id 1GU2ZX-000Nn7-Hi for os2-wireless_users@2rosenthals.com; Sun, 01 Oct 2006 10:45:39 -0400 Received: by waldorf.webpack.hosteurope.de running Exim 4.51 using esmtpsa (TLSv1:RC4-MD5:128) from p5084bf2b.dip0.t-ipconnect.de ([80.132.191.43] helo=[172.32.16.110]) id 1GU2ZW-0000sf-24; Sun, 01 Oct 2006 16:45:38 +0200 Message-ID: <451FD497.2060201@clanganke.de> Date: Sun, 01 Oct 2006 16:45:43 +0200 User-Agent: Thunderbird 1.5 (OS/2/20060113) MIME-Version: 1.0 To: OS/2 Wireless Users Mailing List Subject: Re: [OS2Wireless]Re: 104-bit WEP Key References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mail-Handler: MailHop by DynDNS X-Spam-Score: -2.6 (--) Rick R. wrote: > That means 128bit is indeed only 104 bit "strong"?! No, of course not. The IV of 24 bits is used as well for the encryption. Unfortunately, as long as this is not truly a random number, like it was defined in the specs (some older hardware used to increase a 24 bit number for the next package, starting from zero). This made a dictionary hacking approach more simple, which was the state-of-the-art hacking approach until mid of last year. BTW, the weakness of WEP is more related to the way of how the key is used to cipher a TCP/IP package. Using 24 bits less would not make much difference. The new hacking methods discovered last year (using some network techniques like error checks on corrupted frames) are far quicker than any dictionary approach, so even 1024 bit WEP keys wouldn't do much better. Cracking it would then take perhaps 20 mins and not five minutes. The bad thing on WEP is not the small number of bits in key length, but that the keys are static. that is changed by WPA, where the keys can be changed after a given period of time (in fact the 24 bit IV was kind of a workaround to make the WEP keys less static, but as we know now, this was not sufficient at all...). My access point offers to change the WPA key in minutes, so I set it to change it every minute. BTW, XWLAN will come with WPA support soon. Unfortunately only for genmac driven devices, but the older drivers cannot be modified as they are closed source. For _secured_ wifi we need to dump the old PCMCIA cards I am afraid (but they are only 11mbit devices anyway). Or perhaps one day Willibald Meyer changes opinion and will support them as well in GenMac. > So you can't simply compare 128/256 bit file encrytpion to 128/256 bit > WiFi encryption strength then?! You cannot do that anyway, as there is always the question of how the key is used anyway (block or stream cipher, direct or indirect use of the key, environment of where the encryption is used, etc...). Only if the complete method of encyption and the environments are comparable, it makes sense to compare the key length, and then say that longer key length is safer than a shorter one. Just as stated above, even a 1024 bit key for WEP with the new hacking methods could likely be cracked easier than a good 256 bit file encryption. bye, Christian ------------------------------------------------- Christian Langanke COS2E & CWSE Team OS/2 Ruhr e.V. cla@clanganke.de