  Steve I'm a PC, so shut up Consultant join:2001-03-10 Yorba Linda, CA
| reply to TKJunkMail Re: New method found to crack WPA - but not WPA2
I always thought TKIP was a hack, but it was the best they could do with the limited CPU power available on older WEP devices.
I thought that all WPA devices supported AES, so therefor would not need TKIP, but I guess there's a broad range of compatibility issues out there. So AES it is.
Steve -- Stephen J. Friedl | Unix Wizard | Microsoft Security MVP | Tustin, California USA | my web site |
|
  F430
@cox.net | quote: I thought that all WPA devices supported AES
AES is optional in WPA and required in WPA2. So there are a number of compliant WPA devices which do not support AES. |
|
 KodiacZiller
join:2008-09-04 73368
| said by F430 : quote: I thought that all WPA devices supported AES
AES is optional in WPA and required in WPA2. So there are a number of compliant WPA devices which do not support AES. You sure WPA2 "requires" AES? From the DD-WRT Wiki:
However, some devices allow WPA (not WPA2) with AES (and WPA2 with TKIP). |
|
  Kayrac Premium join:2001-09-29 Rochester, NH | WPA2 is AES, or AES+TKIP |
|
 jbibe Premium,MVM join:2001-02-22
1 edit | reply to KodiacZiller said by KodiacZiller :You sure WPA2 "requires" AES? From the DD-WRT Wiki: However, some devices allow WPA (not WPA2) with AES (and WPA2 with TKIP). CCMP (i.e., AES) is required. See Section 8.3.1 of 802.11i.
Edit: You can find the requirements in 802.11i-2004.pdf or 802.11-2007.pdf. |
|
  caedmon
@cox.net
| reply to KodiacZiller quote: You sure WPA2 "requires" AES?
Yes, as others above have already stated. Support for AES is required and support for TKIP is optional in WPA2. I am not aware of any vendor implementing TKIP in WPA2 but I haven't look for it either. quote: However, some devices allow WPA (not WPA2) with AES (and WPA2 with TKIP).
Exactly - they allow the optional encryption method in addition to the required method. In other words some devices support the optional AES-CCMP encryption method with WPA (I have one which does not and one which does).
Just so everyone knows, if a devices is using TKIP with WPA2 it is just as vulnerable as a device using TKIP with WPA. |
|