How many bits do I want for WPA?

Hi. This product
http://kbserver.netgear.com/products/WGT624.asp
was rated highly by Laptop magazine because it had great mbs throughput
numbers at 50 feet, was easy to set up, and supported 152 bit WEP and also
WPA. Sounded good.

Then I also noticed that the Microsoft MN-700 supports "256 bit WPA
security". So I started wondering how many bits the netgear product used
for encryption. After an hour dealing with their support number, they
finally said, with weak confidence, 128 bits.

My question is: do I care how many bits are used for WPA encryption? And
am I better off with 152 bit WEP instead of 128 bit WPA? I'm confused, but
I want the best encryption because it is for a small business. Maybe I
should go with a 256 bit WPA product?




AFN

AFN wrote:

> My question is: do I care how many bits are used for WPA encryption? And
> am I better off with 152 bit WEP instead of 128 bit WPA?

The actual encryption algorythm for both WEP and WPA is RC4. The
weaknesses in WEP have very little to do with the actual encryption algo
itself and a lot with the way it is implemented. Therefore a longer
key does NOT make WEP a lot more secure. You're better of with WPA than
with WEP regardless of the size of the keys.

Sander

On Tue, 02 Mar 2004 21:11:55 +0100, Sander spoketh

>AFN wrote:
>
>> My question is: do I care how many bits are used for WPA encryption? And
>> am I better off with 152 bit WEP instead of 128 bit WPA?
>
>The actual encryption algorythm for both WEP and WPA is RC4. The
>weaknesses in WEP have very little to do with the actual encryption algo
> itself and a lot with the way it is implemented. Therefore a longer
>key does NOT make WEP a lot more secure. You're better of with WPA than
>with WEP regardless of the size of the keys.
>
>Sander

Actually, WPA uses either AES or TKIP. TKIP uses RC4, but AES does not.

Here's a good resource:
http://www.cawnet.org/pipermail/rfmo...er/001901.html

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"

Lars M. Hansen wrote:

> Actually, WPA uses either AES or TKIP. TKIP uses RC4, but AES does not.

I assumed TKIP. AES is a possibility but not available on every device
that supports WPA.
using AES (WPA2) only makes the encryption stronger so it doesn't in any
way invalidate my recommendation to go with WPA over WEP even if WEP has
the longer key.

Sander

but do I need 256 bit WPA versus 128?


"Sander" <(E-Mail Removed)> wrote in message
news:5U51c.2900$EV2.8975@amstwist00...
> AFN wrote:
>
> > My question is: do I care how many bits are used for WPA encryption?
And
> > am I better off with 152 bit WEP instead of 128 bit WPA?
>
> The actual encryption algorythm for both WEP and WPA is RC4. The
> weaknesses in WEP have very little to do with the actual encryption algo
> itself and a lot with the way it is implemented. Therefore a longer
> key does NOT make WEP a lot more secure. You're better of with WPA than
> with WEP regardless of the size of the keys.
>
> Sander
>

On Tue, 02 Mar 2004 22:15:34 +0100, Sander spoketh

>Lars M. Hansen wrote:
>
>> Actually, WPA uses either AES or TKIP. TKIP uses RC4, but AES does not.
>
>I assumed TKIP. AES is a possibility but not available on every device
>that supports WPA.
>using AES (WPA2) only makes the encryption stronger so it doesn't in any
>way invalidate my recommendation to go with WPA over WEP even if WEP has
>the longer key.
>
>Sander

No, that's absolutely a good recommendation. WPA is more secure than
WEP, and if you can get it working, that's definitely the way to go. If
you have the option to pick AES over TKIP, then all the better.

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"

Are you confusing WPA with WEP? You should always choose WPA over WEP when
possible. As for number of bits, I have not seen that option with WPA.
With WPA, there are other options that you set, but I have not seen where
you actually choose the encryption key size.

Jeff


"AFN" <(E-Mail Removed)> wrote in message
news:ZV61c.10654$(E-Mail Removed)...
> but do I need 256 bit WPA versus 128?
>
>
> "Sander" <(E-Mail Removed)> wrote in message
> news:5U51c.2900$EV2.8975@amstwist00...
> > AFN wrote:
> >
> > > My question is: do I care how many bits are used for WPA encryption?
> And
> > > am I better off with 152 bit WEP instead of 128 bit WPA?
> >
> > The actual encryption algorythm for both WEP and WPA is RC4. The
> > weaknesses in WEP have very little to do with the actual encryption algo
> > itself and a lot with the way it is implemented. Therefore a longer
> > key does NOT make WEP a lot more secure. You're better of with WPA than
> > with WEP regardless of the size of the keys.
> >
> > Sander
> >
>
>

when I searched the internet, I saw bit references for WPA (not wep) all
over the place.

"Jeff Durham" <(E-Mail Removed)> wrote in message
news:6a71c.50$(E-Mail Removed)...
> Are you confusing WPA with WEP? You should always choose WPA over WEP
when
> possible. As for number of bits, I have not seen that option with WPA.
> With WPA, there are other options that you set, but I have not seen where
> you actually choose the encryption key size.
>
> Jeff
>
>
> "AFN" <(E-Mail Removed)> wrote in message
> news:ZV61c.10654$(E-Mail Removed)...
> > but do I need 256 bit WPA versus 128?
> >
> >
> > "Sander" <(E-Mail Removed)> wrote in message
> > news:5U51c.2900$EV2.8975@amstwist00...
> > > AFN wrote:
> > >
> > > > My question is: do I care how many bits are used for WPA
encryption?
> > And
> > > > am I better off with 152 bit WEP instead of 128 bit WPA?
> > >
> > > The actual encryption algorythm for both WEP and WPA is RC4. The
> > > weaknesses in WEP have very little to do with the actual encryption
algo
> > > itself and a lot with the way it is implemented. Therefore a longer
> > > key does NOT make WEP a lot more secure. You're better of with WPA
than
> > > with WEP regardless of the size of the keys.
> > >
> > > Sander
> > >
> >
> >
>
>

On Tue, 02 Mar 2004 21:55:08 GMT, AFN spoketh

>when I searched the internet, I saw bit references for WPA (not wep) all
>over the place.
>

Well, I've just searched all over the place (well, wi-fiplanet.com
mostly), and I'm not seeing much in reference to key length.

read: http://www.wi-fiplanet.com/spring03/article.php/2210441

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"

AFN wrote:

>
> Hi. This product
> http://kbserver.netgear.com/products/WGT624.asp
> was rated highly by Laptop magazine because it had great mbs throughput
> numbers at 50 feet, was easy to set up, and supported 152 bit WEP and also
> WPA. Sounded good.
>
> Then I also noticed that the Microsoft MN-700 supports "256 bit WPA
> security". So I started wondering how many bits the netgear product used
> for encryption. After an hour dealing with their support number, they
> finally said, with weak confidence, 128 bits.
>
> My question is: do I care how many bits are used for WPA encryption?
> And
> am I better off with 152 bit WEP instead of 128 bit WPA? I'm confused,
> but
> I want the best encryption because it is for a small business. Maybe I
> should go with a 256 bit WPA product?
>
>

Generally speaking, the more encryption bits the better. However, make sure
you use a strong method for choosing keys i.e. no kid's or pet's names etc.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.