Security of WPA pre-shared key on client?

Michael Woff bluechill
Sun Nov 5 19:15:04 PST 2006


Non-coder here so please excuse me if this is obvious!

With wpa_supplicant on Windows XP, how secure is the pre-shared key on the
client itself?  Im trying to find a solution so that once the pre-shared
key is initially entered, i dont want the user of the client to be able to
discover this key.

If im correct, the encryption of the packets is carried out by
wpa_supplicant itself which then passes encrypted data to the NDIS
drivers. So is it possible to see the pre-shared key using a system trace
etc?

If yes, would there be a way to configure/modify wpa_supplicant to make it
difficult or alot of work for even a hacker to uncover the pre-shared key?
 (assuming the key would be stored locally in an encrypted form).

Thanks a lot for any assistance.

Michael





More information about the Hostap mailing list