site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > New method found to crack WPA - but not WPA2

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


Steve
I know your IP address
Consultant
join:2001-03-10
Yorba Linda, CA
kudos:5

reply to fAcEtIOUs

Re: New method found to crack WPA - but not WPA2

I always thought TKIP was a hack, but it was the best they could do with the limited CPU power available on older WEP devices.

I thought that all WPA devices supported AES, so therefor would not need TKIP, but I guess there's a broad range of compatibility issues out there. So AES it is.

Steve
--
Stephen J. Friedl | Unix Wizard | Microsoft Security MVP | Tustin, California USA | my web site
to forum · permalink · 2008-11-06 13:18:12 ·


F430

@cox.net

quote:
I thought that all WPA devices supported AES
AES is optional in WPA and required in WPA2. So there are a number of compliant WPA devices which do not support AES.
to forum · permalink · 2008-11-06 14:34:57 ·


KodiacZiller
Premium
join:2008-09-04
73368
kudos:2

said by F430 :

quote:
I thought that all WPA devices supported AES
AES is optional in WPA and required in WPA2. So there are a number of compliant WPA devices which do not support AES.
You sure WPA2 "requires" AES? From the DD-WRT Wiki:

However, some devices allow WPA (not WPA2) with AES (and WPA2 with TKIP).
to forum · permalink · 2008-11-06 15:35:50 ·


Kayrac
Premium
join:2001-09-29
Madison, WI

WPA2 is AES, or AES+TKIP

to forum · permalink · 2008-11-06 15:51:10 ·

jbibe
Premium,MVM
join:2001-02-22
1 edit

reply to KodiacZiller

said by KodiacZiller:

You sure WPA2 "requires" AES? From the DD-WRT Wiki:

However, some devices allow WPA (not WPA2) with AES (and WPA2 with TKIP).
CCMP (i.e., AES) is required. See Section 8.3.1 of 802.11i.

Edit: You can find the requirements in 802.11i-2004.pdf or 802.11-2007.pdf.
to forum · permalink · 2008-11-06 16:33:09 ·


caedmon

@cox.net

reply to KodiacZiller

quote:
You sure WPA2 "requires" AES?
Yes, as others above have already stated. Support for AES is required and support for TKIP is optional in WPA2. I am not aware of any vendor implementing TKIP in WPA2 but I haven't look for it either.
quote:
However, some devices allow WPA (not WPA2) with AES (and WPA2 with TKIP).
Exactly - they allow the optional encryption method in addition to the required method. In other words some devices support the optional AES-CCMP encryption method with WPA (I have one which does not and one which does).

Just so everyone knows, if a devices is using TKIP with WPA2 it is just as vulnerable as a device using TKIP with WPA.
to forum · permalink · 2008-11-12 19:59:47 ·
Forums > Broadband Tech > Security > Security

Thursday, 31-May 21:30:14 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics