Re: Dynamic WEP for each STA


From: ben_at_netservers.co.uk
Date: 2002-04-08 09:29:36 UTC



On 6 Apr 2002, Lars Viklund wrote:

> > > The difficultly may come with encrypting and decrypting broadcast and
> > > multicast frames unless all nodes on the network run your driver. At the
> > > very least, clients will be unable able to make sense of broadcasts from
> > > other clients unless they are using a common key.
>
> It isn't a problem since the standard specifies how this should work.

Quite right, it shouldn't be a problem. The standard specifically allows for per STA key mapping. Unfortunately all to many closed source drivers, cheap cards and lesser operating system don't seem to impliment the standard all that thoroughly, or at least don't provide any UI for configuring these features.

For example, we have some Belkin F5D6020 cards (which seem to work okay with the Host AP driver). These only allow you to set the 4 default keys, and specify which one to send with. If you want 104 bit keys, however, you find yourself limited to entering a single key!

I agree with Jouni that WEP isn't great, and offers only limited protection. However, it would be nice to have it for backward compatibility with old clients that can't do any better: chances are these clients may have the same limitations as our Belkin cards.

Ben.



This archive was generated by hypermail 2.1.4.