From owner-freebsd-hardware  Mon May 15 23:31:49 2000
Delivered-To: freebsd-hardware@freebsd.org
Received: from roam.psg.com (roam.psg.com [147.28.4.2])
	by hub.freebsd.org (Postfix) with ESMTP id 8228337BA68
	for <freebsd-hardware@freebsd.org>; Mon, 15 May 2000 23:31:42 -0700 (PDT)
	(envelope-from randy@psg.com)
Received: from randy by roam.psg.com with local (Exim 3.12 #1)
	id 12rOvZ-00009V-00; Mon, 15 May 2000 10:45:13 -0700
From: Randy Bush <randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: Jos Visser <josv@osp.nl>
Cc: freebsd-hardware@freebsd.org
Subject: Re: Wavelan 802.11 with encryption
References: <391EF3DE.FA17A058@osp.nl>
	<E12r5Xj-0001Ux-00@roam.psg.com>
	<391F1A28.41BC7F50@osp.nl>
Message-Id: <E12rOvZ-00009V-00@roam.psg.com>
Date: Mon, 15 May 2000 10:45:13 -0700
Sender: owner-freebsd-hardware@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> WEP encryption (default with the Silver Wavelan card) supports a 64-bit
> key.


actually wep encryption in 802.11 is pretty flawed to begin with.  most
cards only implement a 40 bit key and given the nature of key management, it
will not be changed often.  but the real killer is that a 24 bit iv is used
to create the per-packet key (in combination with the "permanent" 40 bit
key).  after 2^24 packets are sent on the network, the rc4 keys will start
to be reused.  given that rc4 is a pad + xor cipher, this is quite scary.

so, while it may be good enough for you, and i am really impressed that you
were able to calculate 2^64, it is not good enough for me.  and, again, i
suggest that it is not good for more than casual use.

randy


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hardware" in the body of the message