[Off topic] Difference between wpa: tkip & aes
Bryan Kadzban
bryan
Sun Nov 6 05:21:48 PST 2005
Jar wrote:
> When I capture some packets with wireless sniffer and then comparing
> these two methods (tkip/aes), I can't see no dirrerence. In both
> cases the APs beacon probes looks like the same
Well, with WPA-PSK, the beacons would only differ by a small number of
bytes, I think. The only thing that would change is the pairwise (and
possibly group, but I don't know for sure what Linksys's APs use for
broadcast when in WPA-PSK/AES mode) encryption method, and that's stored
in just one byte in the WPA IE.
With WPA2, that one byte would change from a 01 to a 02, but I'm not
sure which values it would take on with WPA.
> and also the data packets seems to be only TKIP/WEP protected in both
> cases.
How did you come to that conclusion? Were you looking at directed
packets, or broadcast/multicast packets?
> It is also possible to select WPA2-PSK and then again two
> alternatives: TKIP and AES. Can someone explain the magic behind
> these modes?
See:
http://mail.iocaine.com/pipermail/hostap/2005-November/011725.html
from 4 days ago, and also Jouni's followup (I had a few things wrong in
that post).
> I want to use WPA-PSK with AES. What should I look for in the sniffed
> packets to ensure that the encryption uses AES and not TKIP/WEP?
What makes you think they're using TKIP now? I guess I always assumed
that the encryption method matched what I had configured on both the
client and AP sides, so I never figured out how to tell the difference
just by looking at data packets.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20051106/8de7647e/attachment.pgp
More information about the Hostap
mailing list