Security Basics mailing list archives
Re: What can WPA/WPA2 use for Encryption
From: Jared Curtis <jared () w00ttech com>
Date: Tue, 25 Aug 2009 09:21:24 -0700
WPA2 can only use AES/CCMP for the encryption but you can use various EAP methods for a more secure authentication setup. EAP-TLS for example uses client certificates along with a username/password for authentication. WPA is similar using RSA/TKIP for the encryption and key handling. If given the option use WPA2. http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access#EAP_extensions_under_WPA-_and_WPA2-_Enterprise The type of equipment that the provider offers and the level of access is really going to determine if you can add any additional security over a PSK. If this is a point-to-point connection that is not intended to accept connections from wireless (laptop, phone, etc) clients then a long random PSK would be sufficient to offer a secure connection. If the provider can not provide you with the level of authentication and/or encryption you need then I would suggest using a vpn connection between the sites. Treat the point-to-point connection as a standard Internet link and firewall access, then establish a VPN between the sites. Using a VPN over the connection will allow you to enable any security measures you need and provide authentication using your preferred method. In reference to the second question, microwave connectivity could be standard 802.11 wifi or it may be another standard within a licensed frequency. On Tue, Aug 25, 2009 at 7:41 AM, martin<martiniscool () gmail com> wrote:
Hi all We're in the process of installing a leased line between 2 offices which are isolated in the country side. The leased line uses "microwave" connectivity ... apparently. And uses WPA/WPA2 for encryption I have 2 questions: 1. Can WPA/WPA2 encrypt traffic using any method other than a pre-shared-key ? If so then what ??!! My boss seems to think it can but I don't see how. Can it use PKI for example ? 2. Technically a network question rather than a security question, but what exactly is microwave connectivity ? Is it just Wi-Fi by another name ? Is it part of the 802.11 standard ? The 2nd question isn't so important, but I'm curious about the first one !! Thanks M ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- What can WPA/WPA2 use for Encryption martin (Aug 25)
- Re: What can WPA/WPA2 use for Encryption John Morrison (Aug 26)
- Re: What can WPA/WPA2 use for Encryption Jared Curtis (Aug 26)
- Re: What can WPA/WPA2 use for Encryption Israel Junior (Aug 26)
- Re: What can WPA/WPA2 use for Encryption Michael Painter (Aug 26)
- Message not available
- Re: What can WPA/WPA2 use for Encryption martin (Aug 26)
- Re: What can WPA/WPA2 use for Encryption Jon Janego (Aug 26)
- Re: What can WPA/WPA2 use for Encryption martin (Aug 26)
- <Possible follow-ups>
- Re: What can WPA/WPA2 use for Encryption martin (Aug 26)