|
windows
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Triple DES vs WPA, WPA2 and WPA PSK?I am currently evaluating providers of secure network connectivity, in light of problems I have had over a number of years. Over time I have read about encryption algorithms as related to other software products, so I have a basic understanding and have a lot to read, but was wondering if anyone with knowledge and experience in the topic could help. Specifically, what is more secure? Tripple DES? WPA? WPA-2? WPA-PSK? Thank you. Jean-Pierre I Regards, Jean-Pierre dareys wrote:
Show quoteHide quote > Greetings, "Triple DES" is not used for wireless network encryption. In any event, > > I am currently evaluating providers of secure network connectivity, in light > of problems I have had over a number of years. > > Over time I have read about encryption algorithms as related to other > software products, so I have a basic understanding and have a lot to read, > but was wondering if anyone with knowledge and experience in the topic could > help. > > Specifically, what is more secure? Tripple DES? WPA? WPA-2? WPA-PSK? > > Thank you. > > Jean-Pierre > > I > > Regards, > > Jean-Pierre > the Data Encryption Standard (which is what DES stands for) is an older and less secure encryption technique than AES (Advanced Encryption Standard) used in WPA2. You should also be aware that "WPA2" and "WPA" are certification programs sponsored by the WiFi Alliance, an industry organization. If you want technical details, see the IEEE 802.11i standard. As usually used, WPA2 is more secure than WPA. WPA2 uses an AES-based cipher cipher algorithm, while WPA uses the less-secure RC4 cipher. The "PSK" suffix, which can be used with either WPA2 or WPA, refers to the use of a pre-shared key. The full 802.11i standard requires the use of an 802.1X authentication server. Recognizing that the provision of such a server is often beyond the means (technical and/or financial) of home users and small business users, the WiFi Alliance included a "personal" mode for WPA and WPA2 which does not use an authentication server. Instead, the key is "pre-shared" among all of the clients. Personal mode WPA or WPA2 is less secure than "enterprise" mode, which does use an authentication server. -- Lem -- MS-MVP To the moon and back with 2K words of RAM and 36K words of ROM. http://en.wikipedia.org/wiki/Apollo_Guidance_Computer http://history.nasa.gov/afj/compessay.htm Lem,
Thank you for the response. Yes, I read about Triple DES. Frankly, with the actual computing speed, I figured an algorithm that is breakable in 3 hours (e.g. DES) and its variation, Triple DES, which also dates 1974 - 1977, cannot be that secure. I am floored that an internet provider would sell me this as a secure and unbreakable connection. I am glad I checked, but based on what I read and what I know about the topic and computing, there has to be better. I will read some more and hope for other answers to confirm yours, but I was skeptical from the start. Regards, Jean-Pierre Show quoteHide quote "Lem" wrote: > dareys wrote: > > Greetings, > > > > I am currently evaluating providers of secure network connectivity, in light > > of problems I have had over a number of years. > > > > Over time I have read about encryption algorithms as related to other > > software products, so I have a basic understanding and have a lot to read, > > but was wondering if anyone with knowledge and experience in the topic could > > help. > > > > Specifically, what is more secure? Tripple DES? WPA? WPA-2? WPA-PSK? > > > > Thank you. > > > > Jean-Pierre > > > > I > > > > Regards, > > > > Jean-Pierre > > > "Triple DES" is not used for wireless network encryption. In any event, > the Data Encryption Standard (which is what DES stands for) is an older > and less secure encryption technique than AES (Advanced Encryption > Standard) used in WPA2. > > You should also be aware that "WPA2" and "WPA" are certification > programs sponsored by the WiFi Alliance, an industry organization. If > you want technical details, see the IEEE 802.11i standard. > > As usually used, WPA2 is more secure than WPA. WPA2 uses an AES-based > cipher cipher algorithm, while WPA uses the less-secure RC4 cipher. > > The "PSK" suffix, which can be used with either WPA2 or WPA, refers to > the use of a pre-shared key. The full 802.11i standard requires the use > of an 802.1X authentication server. Recognizing that the provision of > such a server is often beyond the means (technical and/or financial) of > home users and small business users, the WiFi Alliance included a > "personal" mode for WPA and WPA2 which does not use an authentication > server. Instead, the key is "pre-shared" among all of the clients. > Personal mode WPA or WPA2 is less secure than "enterprise" mode, which > does use an authentication server. > -- > Lem -- MS-MVP > > To the moon and back with 2K words of RAM and 36K words of ROM. > http://en.wikipedia.org/wiki/Apollo_Guidance_Computer > http://history.nasa.gov/afj/compessay.htm > Hi
Maybe this can further Help. From the weakest to the strongest, Wireless security capacity is. No Security Switching Off SSID (same has No Security. SSID can be easily sniffed even if it is Off) MAC Filtering______(Band Aid if nothing else is available, MAC number can be easily Spoofed). WEP64____(Easy, to "Break" by knowledgeable people). WEP128___(A little Harder, but "Hackable" too). ------------------- The three above are Not considered safe. Safe Starts here at WPA. ------------------- WPA-PSK__(Very Hard to Break). WPA-AES__(Not functionally Breakable) WPA2____ (Not functionally Breakable). Note 1: WPA-AES the the current entry level rendition of WPA2. Note 2: If you use WinXP bellow SP3 and did not updated it, you would have to download the WPA2 patch from Microsoft. <http://support.microsoft.com/kb/893357> The documentation of your Wireless devices (Wireless Router, and Wireless Computer's Card) should state the type of security that is available with your Wireless hardware. All devices MUST be set to the same security level using the same pass phrase. Therefore the security must be set according what ever is the best possible of one of the Wireless devices. I.a. even if most of your system might be capable to be configured to the max. with WPA2, but one device is only capable to be configured to max . of WEP, to whole system must be configured to WEP. If you need more good security and one device (like a Wireless card that can do WEP only) is holding better security for the whole Network, replace the device with a better one. The Core differences between WEP, WPA, and WPA2 - <http://www.ezlan.net/wpa_wep.html> Jack (MVP-Networking). Show quoteHide quote "dareys" <dar***@discussions.microsoft.com> wrote in message news:B7F3262E-2B08-4272-BDCD-737D0FC7BAC3@microsoft.com... > Greetings, > > I am currently evaluating providers of secure network connectivity, in > light > of problems I have had over a number of years. > > Over time I have read about encryption algorithms as related to other > software products, so I have a basic understanding and have a lot to read, > but was wondering if anyone with knowledge and experience in the topic > could > help. > > Specifically, what is more secure? Tripple DES? WPA? WPA-2? WPA-PSK? > > Thank you. > > Jean-Pierre > > I > > Regards, > > Jean-Pierre > Jack,
Nice to hear from you again and for your continued support. This is a very succinct and nice summary and I appreciate it. Unfortunately, I believe this applies only to wireless connections and I am also investigating Wide Area Network connectivity from a purchased PMCIA or USB dedicated roaming connection from people like IUSACELL. They are selling Tripple DES which as far as I know, is pretty old, slow and breakable technology from the 70s. There has to be something better, AES? Now... If you can add any information regarding this issue, I would appreciate it although it might be something that is out of your scope. However, as always, thank you for your help. Jean-Pierre Show quoteHide quote "Jack-MVP" wrote: > Hi > Maybe this can further Help. > From the weakest to the strongest, Wireless security capacity is. > No Security > Switching Off SSID (same has No Security. SSID can be easily sniffed even if > it is Off) > MAC Filtering______(Band Aid if nothing else is available, MAC number can be > easily Spoofed). > WEP64____(Easy, to "Break" by knowledgeable people). > WEP128___(A little Harder, but "Hackable" too). > ------------------- > The three above are Not considered safe. > Safe Starts here at WPA. > ------------------- > WPA-PSK__(Very Hard to Break). > WPA-AES__(Not functionally Breakable) > WPA2____ (Not functionally Breakable). > Note 1: WPA-AES the the current entry level rendition of WPA2. > Note 2: If you use WinXP bellow SP3 and did not updated it, you would have > to download the WPA2 patch from Microsoft. > <http://support.microsoft.com/kb/893357> > The documentation of your Wireless devices (Wireless Router, and Wireless > Computer's Card) should state the type of security that is available with > your Wireless hardware. > All devices MUST be set to the same security level using the same pass > phrase. > Therefore the security must be set according what ever is the best possible > of one of the Wireless devices. > I.a. even if most of your system might be capable to be configured to the > max. with WPA2, but one device is only capable to be configured to max . of > WEP, to whole system must be configured to WEP. > If you need more good security and one device (like a Wireless card that can > do WEP only) is holding better security for the whole Network, replace the > device with a better one. > The Core differences between WEP, WPA, and WPA2 - > <http://www.ezlan.net/wpa_wep.html> > Jack (MVP-Networking). > > "dareys" <dar***@discussions.microsoft.com> wrote in message > news:B7F3262E-2B08-4272-BDCD-737D0FC7BAC3@microsoft.com... > > Greetings, > > > > I am currently evaluating providers of secure network connectivity, in > > light > > of problems I have had over a number of years. > > > > Over time I have read about encryption algorithms as related to other > > software products, so I have a basic understanding and have a lot to read, > > but was wondering if anyone with knowledge and experience in the topic > > could > > help. > > > > Specifically, what is more secure? Tripple DES? WPA? WPA-2? WPA-PSK? > > > > Thank you. > > > > Jean-Pierre > > > > I > > > > Regards, > > > > Jean-Pierre > > > > =?Utf-8?B?ZGFyZXlz?= <dar***@discussions.microsoft.com> wrote in
news:375537C4-5DEC-4EAA-80C1-84BE77324C29@microsoft.com: While basic DES is considered "broken", Tripple-DES in all the 30-odd > They are selling Tripple DES which as far as I know, is pretty > old, slow and breakable technology from the 70s. There has to be > something better, AES? Now... > years it has been around still hasn't. Some consider the newer algorithms "better" but, then again, they haven't survived the years of attacks that 3DES has. Many still use/prefer 3DES. -- John John,
Thank you for the feedback. From what I have read, and the feedback I have received, Tripple DES is a bit like the AES wireless standard, and I believe things have improved since that. As far as I am concerned, with the increasing computing power available, anything can be broken. It is just a matter of time and ressources. Obviously, some things make take ridiculous amonts of both and real malicious intent but are nonetheless possible. It is just a matter of time. I would lean towards newer algorithms, as much has been learned since DES or Tripple DES in terms of how to break them. But I am not discounting your opinions and I thank you for your time. Jean-Pierre Show quoteHide quote "John Wunderlich" wrote: > =?Utf-8?B?ZGFyZXlz?= <dar***@discussions.microsoft.com> wrote in > news:375537C4-5DEC-4EAA-80C1-84BE77324C29@microsoft.com: > > > They are selling Tripple DES which as far as I know, is pretty > > old, slow and breakable technology from the 70s. There has to be > > something better, AES? Now... > > > > While basic DES is considered "broken", Tripple-DES in all the 30-odd > years it has been around still hasn't. Some consider the newer > algorithms "better" but, then again, they haven't survived the years of > attacks that 3DES has. Many still use/prefer 3DES. > > -- John > 
Other interesting topics
renew IP fails after system restore
Networking XP & Home PC with Cross wire Win XP's Universal Plug and Play Device Host service starts and then stops immediately Accessing shares on an XP system with Windows Firewall enabled? need non-admins to run repair XP notebook acnnot see network Access shared folders on 2003 server Very Odd Sharing Issue Re: renew IP fails after system restore Configure remote desktop on a notebook |
|||||||||||||||||||||||
