*Note* Spelling errors may follow. Ok, well I had some suspicions as to why PKI is not used/considered for things like WEP, but I wanted to check with an authorative voice on the subject of crypto.
My original thoughts were key size and types of operations have a lot to do with this. If you look at sym. vs. asym key size. Asym is much larger (for what is considered standard) for example (2048bit RSA vs 256bit AES). And as it turns out a man by the name of Gus Simmons stated that an asym key should be about the square of a sym for approx equiv. security levels. Which means that 4096bit RSA is about on part with 64bit Rijndael. There are also some interesting things pointed out to me about unicity distace etc...but I won't go into that here. But if anybody would like more info email me. So, to sum that up: smaller key sizes in sym schemes can provide about the approx amnt of security as a large asym key scheme. Next. This is where the light should shine brightly. Think of the number of operations to decrypt a 4096bit RSA 'word' (on the order of the billions of 32bit operations). While on the order of low millions to decrypt 4096bits of DES Traffic. Which means that using symmetric key encryption is generally 1000 times faster then asym key. Naturally there are things that can be done to speed both of these up...but we are going on rule of thumb. I also recieved some interesting stats as to hardware implementations...but those are/would be a bit expensive for 'home use'. Hope this adds some insight as to why PKI is not commonly used for WEP and some other applications. You could probably get away with what I would call a PGP-style implementation. Encrypt the message with sym key, and encrypt the sym key with a PKI scheme. Thoughts? Thanks, -Mike I would like to thank Bob Blakley for helping me confirm my suspicions as to why PKI is much slower. Thanks! ----- Original Message ----- From: "Kristian Kristensen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, July 20, 2003 1:28 PM Subject: IEEE 802.11 security (public key encryption?) > Hi > > I am currently doing some research on the security aspects of IEEE > 802.11 networks. In that I wondered why Public Key encryption schemes > are never seemed to be considered (not for WEP or IEEE 802.11i/WPA). Can > anyone give me reason for that. Is it due to the fact of lower > performance of pub key schemes. If so can anyone provide me with some > references on why performance is that much lower for pub key ciphers > than symmetric ciphers? Or are they too difficult to implement in > hardware? Or are there some other reasons I just do not see? > > Thanx in advance.... > -- > Med venlig Hilsen / Best Regards Kristian > > IT-Coordinator Kristian Kristensen > Denmarks Technical University > Center for Tele-Information > Building 371 > 2800 Lyngby, DENMARK > > Phone: +45 45255209 > > > -------------------------------------------------------------------------- - > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! > The Gartner Group just put Neoteris in the top of its Magic Quadrant, > while InStat has confirmed Neoteris as the leader in marketshare. > > Find out why, and see how you can get plug-n-play secure remote access in > about an hour, with no client, server changes, or ongoing maintenance. > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > -------------------------------------------------------------------------- -- > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
