From owner-freebsd-mobile Thu May 27 16: 5:28 1999 Delivered-To: freebsd-mobile@freebsd.org Received: from dominator.eecs.harvard.edu (dominator.eecs.harvard.edu [140.247.60.28]) by hub.freebsd.org (Postfix) with ESMTP id 6FE741500D for ; Thu, 27 May 1999 16:05:19 -0700 (PDT) (envelope-from karp@eecs.harvard.edu) Received: (from karp@localhost) by dominator.eecs.harvard.edu (8.9.3/8.6.12) id TAA10446; Thu, 27 May 1999 19:05:18 -0400 (EDT) Date: Thu, 27 May 1999 19:05:18 -0400 (EDT) From: Brad Karp Message-Id: <199905272305.TAA10446@dominator.eecs.harvard.edu> To: raj@cisco.com Subject: Re: wi driver and WaveLAN IEEE 802.11 Turbo cards Cc: freebsd-mobile@freebsd.org, wpaul@ctr.columbia.edu Sender: owner-freebsd-mobile@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Setting the network number with old WaveLAN cards wasn't really a form of "security," of course, since a user could listen on successive network IDs and easily determine which was in use. There was no encryption of any kind, nor authentication. There exist Lucent IEEE 802.11 WaveLAN "WEP" ("Wired-Equivalent Privacy") cards, which are said to use 40-bit encryption on packets over the air. I've neither seen nor used such a card, and haven't seen details of the scheme. I would *guess* that the encryption is shared-secret symmetric, and that each user must configure the card with the 40-bit key to use. That is, I would guess that the system makes no attempt to deal with key management. And the WavePoint-II, even with WEP, won't do anything to authenticate a node (though the node will need the right 40-bit key to communicate usefully, perhaps). I've no idea if the WEP cards will encrypt in ad-hoc mode. I see no fundamental technical reason why they couldn't, if my assumption about no key management, under which each host has to configure the card with the key individually, is correct. Whether 40-bit keys protect anything credibly is another matter. :-) -Brad, karp@eecs.harvard.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-mobile" in the body of the message