Thomas P. Hallaran <[EMAIL PROTECTED]> asked:
>The product was actually developed by lucent tech.
>I wonder what kind of encryption is employed...?
>anyone know?
Apple's FAQ says that it follows the IEEE 802.11 DSS standard and is interoperable with
other wireles LAN products on other platforms that conform to the same standard. So
Apple and Lucent can't have any choice in the encryption they use, it has to conform to
the standard and to the common implementations of optional portions of the standard.
The only reference I have found online (IEEE sells access to the full spec) that says
anything about the encryption in IEEE 802.11 is at
http://grouper.ieee.org/groups/802/11/Tutorial/MAC.pdf
This is a tutorial level slide presentation of the MAC level of the spec, pretty
sketchy. If you search for "encryption" you find:
[begin quote]
Privacy and Access Control
* Goal of 802.11 is to provide “Wired Equivalent Privacy” (WEP)
– Usable worldwide
* 802.11 provides for an Authentication mechanism
– To aid in access control.
– Has provisions for “OPEN”, “Shared Key” or proprietary
authentication extensions.
* Optional (WEP) Privacy mechanism defined by 802.11.
– Limited for Station-to-Station traffic, so not “end to end”.
>> Embedded in the MAC entity.
– Only implements “Confidentiality” function.
– Uses RC4 PRNG algorithm based on:
>> a 40 bit secret key (No Key distribution standardized)
>> and a 24 bit IV that is send with the data.
>> includes an ICV to allow integrity check.
– Only payload of Data frames are encrypted.
>> Encryption on per MPDU basis.
[end quote]
"WEP" appears to be marketspeak for "as private as a wired link would be". Maybe it
means there's enough radio leakage from ethernet cables so the NSA can read them as
easily as 40 bit key encrypted wireless LAN traffic?
The mention of "proprietary authentication extensions" seems to allow for incompatible
secure implementations, but of course they would be incompatible with other vendors'
products unless the industry came up with a de facto standard secure extension.
-- sidney markowitz <[EMAIL PROTECTED]>
