[Cryptography] Dilbert on WiFi password security
Donald Eastlake
d3e3e3 at gmail.com
Tue Jun 30 12:10:05 EDT 2015
On Mon, Jun 29, 2015 at 8:46 PM, Ryan Carboni <ryacko at gmail.com> wrote:
> ...
>
> I find it odd that Ethernet and Wifi are both designed to be used in a 100%
> trusted environment. The use of DH-1024 (with random primes) and DES-X (wifi
> and ethernet both require substantial hardware circuits anyway) would be
> sufficient to deter most malicious actors.
For Ethernet security see IEEE Std 802.1AE and 802.1X (1X includes how
to agree on keys for use in 1AE). Available for free download from
https://standards.ieee.org/about/get/802/802.1.html
802.11 (Wi-Fi) security was initially crap but has been reasonable
ever since the 802.11i amendment and is rolled into the base standard.
See particularly Clause 11 of IEEE Std 802.11-2012, available for free
download from
https://standards.ieee.org/about/get/802/802.11.html
Older weak forms of 802.11 security are still in the specification but
most if not all of them are deprecated.
Both Ethernet and Wi-Fi security support EAP.
> I mean, all I need to do to eavesdrop on either one is to simply... connect.
Well, they operate in the physical word so it is a bit hard to make
the signals impossible to sense. But I assume what you mean is that
you can eavesdrop on the plain text, which is only true is there is no
standard or proprietary encryption in effect.
Donald
> I don't know what international standards committees are doing, but the fact
> that USB condoms are a thing should be some sort of indicator? Maybe?
More information about the cryptography
mailing list