Encryption Question

Steven Hanley sjh at wibble.net
Tue Sep 11 00:58:42 EST 2001 

On Mon, Sep 10, 2001 at 01:45:29PM +0100, Bernard Michael Tyers wrote:
> Hi all,
> 
> I have a question regarding the 2 main (it seems) encryption standards 
> on 802.
> 
> My question is regarding cards using different encryption schemes 
> talking to each other.
> 
> I am interested in buying a Orinnoco Silver card. Reading up on the 
> specs of the card, I see that it uses 64 bit WEP. I also came across the 
> spec for the Gold card and it uses 128 bit RC4 encryption.
> 
> Now to my question (it may be frivolous <sp?>). Can these two cards 
> communicate to each other?
> 
> Is it neseccasry for the access point to be able to handle both WEP 
> (which I would guess most of them can already) and 128 bit RC4?
> Are you resrticted to using only Orinnoco hardware for this reason?

umm, okay, first off, the hardware encryption with wirelss cards is broken and
can not be relied on for any security at all. Anyone who wants to can rock up
with a standard laptop running linux and work out the key for the encryption
in about 15 minutes and thus have full access to all your data going across
wireless.

If you need security implement some point to point encryption mechanism such
as cipe, IPSec, etc.

However if you still wish to use the on card encryption (ie you do not believe
anyone will bother coming along and listening to your traffic, or you dont
care if they do)

The cards with different encryption levels can not speak to each other in
encrypted mode. You have to have the same size key for cards to speak to each
other, however they dont have to be the same brand, if one vendor has a new
firmware version that implements 128 bit it will then be able to talk to other
cards implementing 128 bit in encryption mode.

However as this is 802.11 hardware the cards should be fine talking to each
other in unencrypted mode, which is fine really as the encryption id not at
all secure and you should be implemnting some form of point to point VPN
technology over the unsecure wireless link anyway.

(yes I have such a setup in my house and at work)

So yes they can communicate, with encryption disabled, or with the same level
of encryption.

        See You
            Steve

-- 
sjh at wibble.net http://wibble.net/~sjh
Look Up In The Sky
    Is it a bird?   No
        Is it a plane    No
            Is it a small blue banana?
Yes

More information about the wireless mailing list