Security Basics mailing list archives
Re: wpa2-psk aes
From: Antonio Prado <thinkofit () gmail com>
Date: Mon, 21 Feb 2011 10:27:06 +0100
On 02/17/2011 06:51 PM, vito.nozza () gmail com wrote:
Definitely. With AES and the inherent block Cipher IV (Initilization
Vector), it ensures re-key is kept random and secure.
Good to go.
On 02/18/2011 03:34 AM, walterj89 () yahoo ca wrote:
The thing about AES is once the pass-phrase is known the "key to the castle" is given out. For the most part it is "secure enough" though.
On 02/19/2011 03:58 AM, Eric Jaw wrote:
Since the key is shared, anyone on the network can decrypt anyone else's connection. If you need absolute security down to the individual you need 801.1x. Hope that helps! Good luck
hi, thanks for your reply. one more question just to clarify. although the PSK is known, the re-key mechanism should grant a private and secure connection between client and AP as Vito confirms. moreover, by setting that interval to a reasonable low value, the chances to decrypt a whole client's session should become scarce even if the PSK is known. would be possible to elaborate a little bit more on that? any web resource on this particular aspect of the topic is appreciated. thanks in advance kind regards -- antonio ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- wpa2-psk aes thinkofit (Feb 17)
- Re: wpa2-psk aes vito . nozza (Feb 18)
- Message not available
- Re: wpa2-psk aes Antonio Prado (Feb 22)
- Re: wpa2-psk aes marco gregorio (Feb 22)
- Re: wpa2-psk aes Antonio Prado (Feb 22)
- <Possible follow-ups>
- Re: wpa2-psk aes walterj89 (Feb 18)
- Re: wpa2-psk aes Antonio Prado (Feb 22)
- Re: wpa2-psk aes thinkofit (Feb 23)