Re: Security. WPA?/-TKIP /-CCMP
- From: Chrisjoy <ultralibertarianer@xxxxxxxxx>
- Date: Fri, 5 Dec 2008 13:35:24 -0800 (PST)
On 5 Des, 20:33, Jeff Liebermann <je...@xxxxxxxxxx> wrote:
On Fri, 5 Dec 2008 10:09:36 -0800 (PST), Chrisjoy
<ultralibertaria...@xxxxxxxxx> wrote:
On 5 Des, 18:25, Jeff Liebermann <je...@xxxxxxxxxx> wrote:
Much good info, Jeff. Let me ask one question one more time.
I don't need authentification. I welcome everyone inside my field
strength to use my net. My primarly (/only) concern is that the guests
at my wireless lan are protected against each other. Protected from
sniffing. Will a Radius Server make sure every connection to the
access point will use a unique AES key?
Yes. The RADIUS server delivers a one time unique WPA/WPA2 key for
each user and for each session.
I cannot help myself from thinking 802.11, and even Wi-FI, is a pretty
immature technology while not making it mandatory to support unique
key for each connection. Specially consider the fact that access
points already support RADIUS server, which means they already got CPU
power and enogh RAM to encrypt and decrypt connections using different
keys, and where they fail is at as ridiculous place as the simple
task to make a DB handling keys and communicate them over a asymetric
encryption methode. Only crazy ppl would do anything remotely
sensetive on such a connection, which makes straght 802.11 a toy for
kids. Not that I would dare to as much as remotely control a Markin
train using 802.11. I have to say, digging into 802.11 has been a
great disappointment. They who develope this line of products, are
they all kids finding communication without wire so fascinating they
forget to be serious, at all!?
Anyways, thanks for all your information and leads. I can now hurry
away to my conclucion. I will not use another dime supporting our
hotspot network, before there is an easy way to protect against
snffing. I do not consider setting up a RADIUS connection on the
client side to be easy. I will wait until the only information that
needs to be put into a client is a pass phrase after chosing an SSID
(with a signature fingerprint so that nobody can fake a trusty
network), and that's it. When this is done, everyone should be
protected from WLAN sniffing. If the 802.11 guys are not able to do
this, they are not worth my time. Ten years of developement, and not
even solving this straight forward problem/solution, I would be
ashamed!
.
- Follow-Ups:
- Re: Security. WPA?/-TKIP /-CCMP
- From: Jeff Liebermann
- Re: Security. WPA?/-TKIP /-CCMP
- From: Mark McIntyre
- Re: Security. WPA?/-TKIP /-CCMP
- References:
- Security. WPA?/-TKIP /-CCMP
- From: Chrisjoy
- Re: Security. WPA?/-TKIP /-CCMP
- From: Jeff Liebermann
- Re: Security. WPA?/-TKIP /-CCMP
- From: Chrisjoy
- Re: Security. WPA?/-TKIP /-CCMP
- From: Jeff Liebermann
- Re: Security. WPA?/-TKIP /-CCMP
- From: Chrisjoy
- Re: Security. WPA?/-TKIP /-CCMP
- From: Jeff Liebermann
- Security. WPA?/-TKIP /-CCMP
- Prev by Date: Re: Security. WPA?/-TKIP /-CCMP
- Next by Date: Re: Security. WPA?/-TKIP /-CCMP
- Previous by thread: Re: Security. WPA?/-TKIP /-CCMP
- Next by thread: Re: Security. WPA?/-TKIP /-CCMP
- Index(es):
Relevant Pages
|
