From owner-freebsd-hardware  Mon May 15  9:53:28 2000
Delivered-To: freebsd-hardware@freebsd.org
Received: from palrel3.hp.com (palrel3.hp.com [156.153.255.226])
	by hub.freebsd.org (Postfix) with ESMTP id B6C2C37B5C5
	for <freebsd-hardware@freebsd.org>; Mon, 15 May 2000 09:53:20 -0700 (PDT)
	(envelope-from darrylo@sr.hp.com)
Received: from mina.sr.hp.com (mina.sr.hp.com [15.4.42.247])
	by palrel3.hp.com (Postfix) with ESMTP
	id F1C847BF; Mon, 15 May 2000 09:53:12 -0700 (PDT)
Received: from localhost (darrylo@localhost [127.0.0.1])
	by mina.sr.hp.com (8.9.3 (PHNE_18979)/8.9.3 SMKit7.0) with ESMTP id JAA25798;
	Mon, 15 May 2000 09:53:12 -0700 (PDT)
Message-Id: <200005151653.JAA25798@mina.sr.hp.com>
To: Jos Visser <josv@osp.nl>
Cc: freebsd-hardware@freebsd.org
Subject: Re: Wavelan 802.11 with encryption 
Reply-To: Darryl Okahata <darrylo@sr.hp.com>
In-reply-to: Your message of "Sun, 14 May 2000 23:27:04 PDT."
             <391F1A28.41BC7F50@osp.nl> 
Mime-Version: 1.0 (generated by tm-edit 1.5)
Content-Type: text/plain; charset=US-ASCII
Date: Mon, 15 May 2000 09:53:08 PDT
From: Darryl Okahata <darrylo@sr.hp.com>
Sender: owner-freebsd-hardware@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

     To answer the original question, 4.0-STABLE (and -RELEASE, I
imagine), does support encryption -- I know, I'm using it with the gold
card.  Just read the wicontrol(8) man page.  Note, however, that
wicontrol appears to have a bug that limits key strings to 14 bytes;
this is fine for a pure ASCII-text key (which is probably not
recommended, due to a limited keyspace), but causes problems when you
try to specify a key in hex.

> WEP encryption (default with the Silver Wavelan card) supports a 64-bit
> key. That's strong enough for me. Anyone who's interested enough in my
> stuff to come over to my house, tap into the 802.11 traffic and feed it
> to a sufficiently strong computer to do a brute force attack on the 64
> bit key has plenty of other (cheaper and easier) opportunities to
> retrieve whatever they want.

     Please note that the silver (64-bit) card has really only 40-bits
of encryption; 24 bits cannot be specified by the user and are used as:

	... a per-packet sequence number (which are logically equivalent
	to an initialization vector with chained block ciphers like
	DES-CBC mode).

For more info, see:

	http://mail-index.netbsd.org/tech-net/2000/02/04/0001.html

I imagine that the gold card has only 128-24 -> 104 key bits.

--
	Darryl Okahata
	darrylo@soco.agilent.com

DISCLAIMER: this message is the author's personal opinion and does not
constitute the support, opinion, or policy of Agilent Technologies, or
of the little green men that have been following him all day.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hardware" in the body of the message