Just dreaming: different WEP keys per client

Chris Evans cwevans
Fri Apr 23 10:33:39 PDT 2004


On Apr 22, 2004, at 11:42 PM, Konstantin Klubnichkin wrote:

> Hello people!
>
> I was dreaming last evening about per client WEP encryption.
> As far as I understand (please correct me) there are 2 ways to
> encrypt/decrypt data - in firmware and in hostapd.
>
> In case we use second way it's may be interesting to implement such
> feature.
>
> I thought about it in a scope of public WiFi cafe. When client gets
> (buys) account information (login/password) and wants to encrypt
> his/her traffic we also give him WEP key. The problem is - once you
> know WEP key of one client - you know WEP key for whole network.
> It's allmost impossible to force client to use WPA-PSK because of
> complexity of the process. Moreover once "bad guy" gets passphrase he
> can decrypt all WiFi traffic in our network.
>
> Any ideas?

I think 802.1x can do this.  I think the system I have set up for my 
work uses x509 certificates to authenticate, and each station gets a 
different WEP key, and furthermore every 5 minutes the WEP changes.
--
       -+--++---+++----++++-----+++++-----++++----+++---++--+-
      ___
  _.-|   |          |\__/,|   (`\      | Chris Evans
{   |   |          |o o  |__ _) )     |
  "-.|___|        _.( T   )  `  /      | cwevans at acm.org
   .--'-`-.     _((_ `^--' /_<  \      |
.+|______|__.-||__)`-'(((/  (((/      |  "Any technology distinguishable
                                       |  from magic, is not advanced
   Nika plays with a computer mouse    |  enough" -- Gregory Benford
       BY: Mike Rosulek                |
          http://showcase.netins.net/web/mikewrld/ascii/





More information about the Hostap mailing list