Encryption & Authentication

Hi,

Please could someone clarify a few things:

With standard 802.11b/g, is it possible to use Shared key
authentication, but no WEP encryption)?

Also, is it possible to use Open authentication with WEP encryption?

If so, when the only option in the configuration is to turn WEP on or
off, which type of authentication does it use?

I presume the preferred option is to use shared authentication when
using WEP encryption (assuming WPA is not available)?

Thanks,
Joe

Joe schrieb:
> Hi,
>
> Please could someone clarify a few things:
>
> With standard 802.11b/g, is it possible to use Shared key
> authentication, but no WEP encryption)?

Shared Key authentication uses WEP encryption. IEEE 802.11 specifies WEP
encryption and Shared Key authentication (however, see below...).
802.11b/g are supersets of 802.11.


> Also, is it possible to use Open authentication with WEP encryption?

Yes, this is the default with many adapters, because WEP Shared Key
authentication is a security problem (i.e. it exposes key stream that
can be reused to attack WEP).


> If so, when the only option in the configuration is to turn WEP on or
> off, which type of authentication does it use?

I guess this depends on the adapter (i.e. I don't know how each
individual adapter handles this).


> I presume the preferred option is to use shared authentication when
> using WEP encryption (assuming WPA is not available)?

No, it is a security problem (see above).


Michael

--
Michael Schmidt
University of Siegen, Germany
http: www.dcs.uni-siegen.de
e-mail: schmidt _at_ nue.et-inf.uni-siegen.de

Joe wrote:

> Hi,
>
> Please could someone clarify a few things:
>
> With standard 802.11b/g, is it possible to use Shared key
> authentication, but no WEP encryption)?

Sure, there are several ways.
WLAN standards:
- WPA (authentication & WEP encryption with dynamic key management)
- WPA2 (authentication & AES encryption
- IEEE 802.11i/x (unfinshed standards will implement several algorithms,
since it is still draft I can't give no details)

> Also, is it possible to use Open authentication with WEP encryption?
> If so, when the only option in the configuration is to turn WEP on or
> off, which type of authentication does it use?

The WEP authentication in boneheaded. It provides no security.
(cyphertext2 = cleartext1 XOR cyphertext1 XOR cleartext2).
If you set the AP to open mode it mostly means that clients can connect
unencrypted.
If only encrypted conenctions are allowed the AP will filter out all packets
coming from client that don't know the WEP key.

> I presume the preferred option is to use shared authentication when
> using WEP encryption (assuming WPA is not available)?

In the end WEP will not secure your WLAN. If you have enough traffic it can
be cracked in about 1 hour.

Thomas

Thomas Krüger wrote:
> Joe wrote:
>
>
>>Hi,
>>
>>Please could someone clarify a few things:
>>
>>With standard 802.11b/g, is it possible to use Shared key
>>authentication, but no WEP encryption)?
>
>
> Sure, there are several ways.
> WLAN standards:
> - WPA (authentication & WEP encryption with dynamic key management)
> - WPA2 (authentication & AES encryption
> - IEEE 802.11i/x (unfinshed standards will implement several algorithms,
> since it is still draft I can't give no details)
>
>
>>Also, is it possible to use Open authentication with WEP encryption?
>>If so, when the only option in the configuration is to turn WEP on or
>>off, which type of authentication does it use?
>
>
> The WEP authentication in boneheaded. It provides no security.
> (cyphertext2 = cleartext1 XOR cyphertext1 XOR cleartext2).
> If you set the AP to open mode it mostly means that clients can connect
> unencrypted.
> If only encrypted conenctions are allowed the AP will filter out all packets
> coming from client that don't know the WEP key.
>
>
>>I presume the preferred option is to use shared authentication when
>>using WEP encryption (assuming WPA is not available)?
>
>
> In the end WEP will not secure your WLAN. If you have enough traffic it can
> be cracked in about 1 hour.
>
> Thomas

Thanks for the reply.

I was only really asking the questions out of curiosity. Unfortunately I
have no choice about using WEP (that or nothing).

Joe.

Michael Schmidt wrote:
> Joe schrieb:
>
>>Hi,
>>
>>Please could someone clarify a few things:
>>
>>With standard 802.11b/g, is it possible to use Shared key
>>authentication, but no WEP encryption)?
>
>
> Shared Key authentication uses WEP encryption. IEEE 802.11 specifies WEP
> encryption and Shared Key authentication (however, see below...).
> 802.11b/g are supersets of 802.11.
>
>
>
>>Also, is it possible to use Open authentication with WEP encryption?
>
>
> Yes, this is the default with many adapters, because WEP Shared Key
> authentication is a security problem (i.e. it exposes key stream that
> can be reused to attack WEP).
>
>
>
>>If so, when the only option in the configuration is to turn WEP on or
>>off, which type of authentication does it use?
>
>
> I guess this depends on the adapter (i.e. I don't know how each
> individual adapter handles this).
>
>
>
>>I presume the preferred option is to use shared authentication when
>>using WEP encryption (assuming WPA is not available)?
>
>
> No, it is a security problem (see above).
>
>
> Michael
>

Thanks a lot - useful answers.
Joe