At 23:07 20/09/2002, Nigel Ballard wrote:
>I've just spent the morning with Cisco at a WLAN security event.
>
>Cisco likes to show WLAN security moving from dire to awesome:
>
>1. 40+128bit WEP keys
Where we know that 128 bit is hardly better than 40 bit...
>2. Dynamic WEP keys
Better...
>3. TKIP/SSN, Cisco supported and according to the 802.11i sub-committee, the
>new moniker will be simply 'SSN'
>4. AES which is aimed for 2003. The upside being 256bit, the downside is
>that the processing required is intense, so it will need to be baked into
>the hardware which will no doubt further delay things.
That's the reason why "improvements" to WEP such as TKIP, dynamic keys and
such are needed: AES will not be supported by current hardware, only new
more powerful chips...
>Apparently Cisco called a group called 'At Stake" in to try and break their
>TKIP/SSN and failed.
Well, that doesn't mean the thing is secure... The whole thing about
cryptography is usually to let things "bake" for a while and see if someone
finds a brilliant idea to break the thing. Of course if it breaks the first
time anybody looks at it, it's a pretty bad sign, but only experience will
show whether the thing is really secure :-(
Jacques.
-- Jacques Caron, IP Sector Technologies
Join the discussion on public WLAN open global roaming:
http://lists.ipsector.com/listinfo/openroaming
--
general wireless list, a bawug thing <http://www.bawug.org/>
[un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless
