Just dreaming: different WEP keys per client
Chris Evans
cwevans at acm.org
Fri Apr 23 13:33:39 EDT 2004
On Apr 22, 2004, at 11:42 PM, Konstantin Klubnichkin wrote:
> Hello people!
>
> I was dreaming last evening about per client WEP encryption.
> As far as I understand (please correct me) there are 2 ways to
> encrypt/decrypt data - in firmware and in hostapd.
>
> In case we use second way it's may be interesting to implement such
> feature.
>
> I thought about it in a scope of public WiFi cafe. When client gets
> (buys) account information (login/password) and wants to encrypt
> his/her traffic we also give him WEP key. The problem is - once you
> know WEP key of one client - you know WEP key for whole network.
> It's allmost impossible to force client to use WPA-PSK because of
> complexity of the process. Moreover once "bad guy" gets passphrase he
> can decrypt all WiFi traffic in our network.
>
> Any ideas?
I think 802.1x can do this. I think the system I have set up for my
work uses x509 certificates to authenticate, and each station gets a
different WEP key, and furthermore every 5 minutes the WEP changes.
--
-+--++---+++----++++-----+++++-----++++----+++---++--+-
___
_.-| | |\__/,| (`\ | Chris Evans
{ | | |o o |__ _) ) |
"-.|___| _.( T ) ` / | cwevans at acm.org
.--'-`-. _((_ `^--' /_< \ |
.+|______|__.-||__)`-'(((/ (((/ | "Any technology distinguishable
| from magic, is not advanced
Nika plays with a computer mouse | enough" -- Gregory Benford
BY: Mike Rosulek |
http://showcase.netins.net/web/mikewrld/ascii/
More information about the HostAP
mailing list