about "Open System" and "Shared System" Authentication Type?
Dan Williams
dcbw
Wed Oct 15 08:04:26 PDT 2008
On Wed, 2008-10-15 at 09:19 +0800, c4linux c4linux wrote:
> Hi all
>
> What is the differents between "Open System Authentication Type" and "
> Shared System Authentication Type"?
Open System actually doesn't do authentication. For Shared Key
authentication, the AP sends some challenge text to the station, which
the station encrypts with the WEP key, and sends back to the AP. The AP
also encrypts the challenge text, and if that matches what the station
sends back, then the authentication is allowed.
> Why "Open System" is considered more secure? Thank you!
Because of weaknesses in the Shared Key auth protocol, sniffing the
Shared Key exchanges will let you infiltrate the network _faster_ than
using no authentication (ie, Open System).
http://www.isaac.cs.berkeley.edu/isaac/mobicom.pdf
Dan
More information about the Hostap
mailing list