about "Open System" and "Shared System" Authentication Type?

c4linux c4linux c4linux
Tue Nov 25 17:28:28 PST 2008


Hi,thank you! I'll check my AP's configuration.

But there is another question about AR2413 and madwifi driver.

madwifi can support VAP, so I setup 2 VAPs, one is ath0, another is
ath1.both of them are set SharedKey authentication and use WEP encrypthion.
I type the command below to set each of them a password:

iwconfig ath0 key [1] s:1111111111111
iwconfig ath1 key [1] s:2222222222222

the strange thing happens, It seems that ath1's password overwrite the
ath0's, so if I set my sta the ath1's password and select ath0 to connect, I
connect the ath0 successfully. Why? are the 4 slots for WEP Key is shared by
all VAPs?  or VAP is not stable?

Thank you!




2008/11/25 Dan Williams <dcbw at redhat.com>

> On Tue, 2008-11-25 at 17:21 +0800, c4linux c4linux wrote:
> > Thanks for your help
> > But i found that if I set AP with a password in an OpenSystem
> > Authentication, STA can always connect the AP and access its
> > resource , Why? OpenSystem Authentication need no password?
>
> You have to separate encryption (WEP/WPA/etc) from authentication
> (Shared Key/Open System).  For example, WPA uses Open System
> exclusively, but it's more secure because it protects the communication
> with a strong encryption algorithm.
>
> Open System is used even in unencrypted mode (ie, no WEP or WPA
> enabled).  But it can also be used with encryption enabled.
>
> It's the _encryption_, not the Open System/Shared Key authentication,
> that makes your access point secure more secure with WEP.  It sounds
> like you've turned off encryption completely.
>
> Dan
>
>
> >
> > 2008/10/16 Dan Williams <dcbw at redhat.com>
> >         On Thu, 2008-10-16 at 10:20 +0800, c4linux c4linux wrote:
> >         > >>Open System actually doesn't do authentication.
> >         >
> >         >
> >         > authentication = encryption?
> >
> >
> >         No, they are different.  But Shared Key authentication _uses_
> >         the WEP
> >         encryption algorithm as access control.
> >
> >         > So Why I can do WEP encryption in an Open System
> >         authentication? I'm
> >         > confused between authentication and encryption :(
> >
> >
> >         They are two different things.  Authentication determines
> >         whether or not
> >         a user is allowed to access the system in the first place,
> >         while
> >         encryption protects the content of their messages _after_ they
> >         have been
> >         granted access to the system.  But to preserve security and
> >         prevent
> >         spoofed authentications, some authentication methods also
> >         employ
> >         encryption as part of the process, but it's a separate step
> >         from the
> >         encryption that happens after the user has gained access to
> >         the system.
> >
> >         Dan
> >
> >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20081126/e2d3b830/attachment.htm 



More information about the Hostap mailing list