Thread: puzzling wireless security problem
View Single Post
Old 21-12-2005, 10:46   #7
Aragorn
Inactive
 
Aragorn's Avatar
 
Join Date: Apr 2004
Location: Minas Tirith, Gondor
Age: 60
Posts: 3,458
Aragorn has a nice shiny star
Aragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny starAragorn has a nice shiny star
Re: puzzling wireless security problem
An overview of WPA can be found here, including



Quote:
Temporal Key Integrity Protocol (TKIP)

For 802.11, Wired Equivalent Privacy (WEP) encryption is optional. For WPA, encryption using TKIP is required. TKIP replaces WEP with a new encryption algorithm that is stronger than the WEP algorithm but that uses the calculation facilities present on existing wireless devices to perform encryption operations. TKIP also provides for the following: •The verification of the security configuration after the encryption keys are determined.• The synchronized changing of the unicast encryption key for each frame.• The determination of a unique starting unicast encryption key for each preshared key authentication.
As I understand it, the 'Pre-Shared Key' (PSK) is used as the basis for generating session keys for TKIP. So while the PSK should not change (and should be identical on router and all clients) the session keys will change dynamically.

All you should need to worry about is -
All devices are set identically, eg WPA-PSK with TKIP
All devices have the same PSK.
Aragorn is offline   Reply With Quote