Home page logo
/

basics logo Security Basics mailing list archives

Re: What can WPA/WPA2 use for Encryption
From: John Morrison <john.morrison101 () googlemail com>
Date: Wed, 26 Aug 2009 13:14:16 +0100

Martin,

My understanding is that WPA and WPA2 are part of 802.11 and WPA2 uses
AES as its encryption algorithm. As your question hints they rely on
preshared keys. Although, like SSL, they generate session keys these
typically remain unchanged for an hour and can be cracked. If you are
concerned about the security of the link set up a VPN using your
microwave link.

This brings me to the second point. Microwave links are highly
directional. Unlike WiFi which is, typically, omnidirectional.

"Antennas used in microwave links are highly directional, which means
they tightly focus the transmitted energy, and receive energy mainly
from one specific direction. This contrasts with antennas used in many
other communications systems, such as broadcasting. By directing the
transmitter’s energy where it's needed—toward the receiver—and by
concentrating the received signal, this characteristic of microwave
antennas allows communication over long distances using small amounts
of power." (http://www.ieeeghn.org/wiki/index.php/Microwave_Link_Networks).

To successfully intercept your transmission an eavesdropper must get
within a few metres of the microwave beam.

"The transmitted microwave signal, or beam, is very narrow - typically
2 degrees or less - and a potential eavesdropper must be in line with
the signal in order to detect any energy. This can be very difficult
since most installations are on a transmission tower or on the rooftop
of a tall building. " (http://wireless.sys-con.com/node/41344).

    http://www.openxtra.co.uk/articles/wpa-vs-80211i




2009/8/25 martin <martiniscool () gmail com>:
Hi all

We're in the process of installing a leased line between 2 offices which are
isolated in the country side. The leased line uses "microwave" connectivity
... apparently. And uses WPA/WPA2 for encryption

I have 2 questions:
1. Can WPA/WPA2 encrypt traffic using any method other than a pre-shared-key
?  If so then what ??!!  My boss seems to think it can but I don't see how.
 Can it use PKI for example ?

2. Technically a network question rather than a security question, but what
exactly is microwave connectivity ?  Is it just Wi-Fi by another name ?  Is
it part of the 802.11 standard ?

The 2nd question isn't so important, but I'm curious about the first one !!

Thanks
M

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]