Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

wpa2-psk unavailable

Posted on 2008-10-17
7
1,785 Views
Last Modified: 2013-11-09
My laptop uses D-link Air DWL-650 wireless network adapter. Os win xp sp3.
I've configured my wireless router to use wpa2-psk, but unable to find that option on the laptop when configuring the network - only wpa-psk is available (besides wep, wpa, and other stuff).
I can use wpa-psk but prefer wpa2-psk.
I have two questions:
1) How can I get this option available on the laptop (I thought sp3 should include it already)?
2) Does it worth the effort?

Thanks.
0
Comment
Question by:drory
  • 3
  • 3
7 Comments
 

Expert Comment

by:rootforce
ID: 22746438
Are you using windows to configure your wireless network card or the manufacturers tool?
0
 

Author Comment

by:drory
ID: 22747402
I'm using windows.
0
 
LVL 44

Expert Comment

by:Darr247
ID: 22749400
The hardware needs to support WPA2. Any device with the WiFi logo had to be upgradable from WEP to WPA with just a driver update, but WPA2's AES encryption typically needs heftier processing than WEP and WPA's RC-4 encryption required.
Some were able to add AES encryption to WPA, too... and even though AES is practically unbreakable (if using a truly random password to prevent dictionary cracks), it still adds overhead by including the password in every packet (WEP and WPA's RC-4 encryption, on the other hand, can be broken by collecting just 5-10 minutes worth of packets using aircrack, et al).

And I can't recall any 11b-only cards that supported WPA2, btw.
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 

Author Comment

by:drory
ID: 22751123
Darr247 thank you.
So just to complete the big picture, is it true that WPA-PSK with AES has the same security problem as WPA AES (without PSK)?
0
 
LVL 44

Expert Comment

by:Darr247
ID: 22751154
PSK = pre-shared key. That's as opposed to enterprise or 802.1x, which authenticates using certificates or username/password unique to each user (e.g. via IAS/RADIUS server).

To what security problem are you referring?
0
 

Author Comment

by:drory
ID: 22751293
Is it possible to crack WPA-PSK AES in 5-10 minutes as regular WPA AES?
0
 
LVL 44

Accepted Solution

by:
Darr247 earned 125 total points
ID: 22753015
Not yet, no.

If Moore's Law holds true and computer processor power continues doubling approximately every 18-months, in about 100 years you should be able to build a distributed computing project using a few trillion (that's 12 zeros here in the US) computers and be able to crack 128-bit AES in only a few days.

If you have something that says AES has been cracked, I'm not the only one that would like to see it. :-)

It's WPA-TKIP that can be cracked (to expose the encrypted data, not reverse engineer the original passphrase) by gathering only 5-10 minutes of packets... that's RC-4 encryption, not AES.... then you would need to repeat those steps (gather, break, decrypt) every time the password is incrememented along the vectors. Still, it means your data is not ''secure'' (if you desire your data to be ''secure'') when using WPA-TKIP... note that WPA-AES is NOT part of the WPA 'standard' and not all devices support it. ''WPA'' is WEP + TKIP, and was a quick fix to shore up security until WPA2 could be implemented. If you have devices that don't support WPA2 (or at least WPA-AES), I recommend replacing them, chopping the gold-plated conductor tabs off for reclaim, then recycling the rest of the pieces. But even version 1.0 of WRT54G (that's pre-Cisco) and WRT54GS wireless routers support WPA2 with a firmware update, so they would need be fairly ancient devices, in computer-hardware terms, to not support WPA2.

Now, if for a password you use your name, or your mother's name, or anything/anyone's name, or any word in any-language dictionary, that makes a brute-force crack much more likely (no matter what encryption method is used), and you're not serious about security.
Personally, I use the (128-bit) MD5 hash of a word and add a few numbers to it that are significant to me, to make a 36-character pseudo-random password that's easily recreatable (I have a free MD5 generator on all my computers and if you google MD5 Generator you'll see how ubiquitous they are). So if you'd like to break into my WLANs or decrypt packets captured from them, there - I've given you a head start... There are only 1.532 x 10^54 possible combinations if you limit your guesses to passphrases consisting of 32-place HEX-character + 4-place 0-9 character - have at it.  :-)

Here's a quote from the Technoracle (http://technoracle.blogspot.com), blogging about AES:
To give you an idea of the complexity of the resulting decryption process, to crack a 128 bit key would take approximately 3.4 x 10^38 guesses assuming the correct key was the last one you tried. To place this in perspective, is estimated that if a DES key generator were able to discover 1 DES key per second, it would take 149 thousand-billion (149 trillion) years to crack a single 128 bit AES key. As a side note, most physicists accept that the universe is approximately 20 billion years old.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article describes how to perform a hard reset on your router. Usually this is most-useful on wireless routers, but the same concept applies to nearly all home/SOHO routers. This process will return the router to factory defaults, so record your…
This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question