dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
189180

trparky
Premium Member
join:2000-05-24
Cleveland, OH

trparky

Premium Member

Open Key vs. Shared Key

Can someone please explain the difference between WEP Open Key and WEP Shared Key?

Digital
As-Salamu Alaykum
Premium Member
join:2000-07-24
Wickliffe, OH

Digital

Premium Member

Enable WEP (the highest level your wireless hardware supports) but be sure to manually change the key regularly. The frequency of change can be daily or weekly. Think about your Internet usage and plan accordingly. Most soho/residential hardware access points and routers are shipped with WEP turned off (Orinoco's RG1000\1100 are exceptions with WEP turned on out of the box). Follow the vendor’s instructions to enable WEP on your wireless access point or router, paying careful attention to whether the key is ASCII, hexadecimal, etc. If your hardware allows a choice between open or shared key, use the shared key option, which both encrypts your data and performs client authentication.

»www.microsoft.com/window ··· er03.asp

»lists.bawug.org/pipermai ··· 729.html

Need any more info?

adsldude

join:2000-11-10
Colorado

adsldude to trparky

to trparky
I'm still learning about this topic as well. I found this after a little Googling:
said by »csweb.iue.it/CITS/Docume ··· ?ID=162:
The 802.11b standard supports two means of client authentication between the wireless NIC and the AP: open and shared key authentication. Open key authentication involves supplying the correct SSID. With shared key authentication, the AP sends the client device a challenge text packet that the client must then encrypt with the correct WEP key and return to the AP. If the client has the wrong key or no key, authentication will fail and the client will not be allowed to associate with the AP. Shared key authentication is not considered secure, because a hacker who detects both the clear-text challenge and the same challenge encrypted with a WEP key can decipher the WEP key.

With open key authentication, even if a client can complete authentication and associate with an AP, the use of WEP prevents the client from sending data to and receiving data from the AP, unless the client has the correct WEP key.

I've been switching back between open & shared but am leaning more to running open from now on.

No_Strings

join:2001-11-22
The OC

1 edit

No_Strings to trparky

to trparky
Wedge, try this link. »www.intel.com/support/wi ··· 5325.htm
It will explain, in mind-numbing (for me) detail about the differences. The summary, though, is the open is better.
DSLrgm
Premium Member
join:2002-08-22
Oak Park, MI

1 recommendation

DSLrgm to trparky

Premium Member

to trparky
said by trparky:
Can someone please explain the difference between WEP Open Key and WEP Shared Key?
In the 802.11 standard, a device first Authenticates to the AP, and then Associates. The original designers intended that there would be a number of different Authentication methods to control who could use an AP.

In the 1999 version of the standard, 2 Authentication methods are defined: Open and Shared. In Open, any device can Authenticate to the AP. In Shared, only devices with the WEP key can successfully Authenticate. Sounds good so far.....

The problem with Authenticate, is that were it is in the process of establishing connectivity, none of the higher-level protocols, like 802.1X can be run inside of the Authenticate 802.11 frames. So 802.11i does not use it, just uses Open Authenticate.

Shared Authenticate has a serious flaw, in that it is a simple challenge/response protocol. This design is very open to offline dictionary attacks. A WEP key would easily be exposed. Additionally, even in Open Authentication, a device that did not have the WEP key would not be able to communicate via the AP, as the AP would discard all data packets from the device.

Bottom line: Shared Authentication does not add any security, and may weaken your security. Don't bother with it.