?
Solved

wpa2-psk unavailable

Posted on 2008-10-17
7
Medium Priority
?
1,800 Views
Last Modified: 2013-11-09
My laptop uses D-link Air DWL-650 wireless network adapter. Os win xp sp3.
I've configured my wireless router to use wpa2-psk, but unable to find that option on the laptop when configuring the network - only wpa-psk is available (besides wep, wpa, and other stuff).
I can use wpa-psk but prefer wpa2-psk.
I have two questions:
1) How can I get this option available on the laptop (I thought sp3 should include it already)?
2) Does it worth the effort?

Thanks.
0
Comment
Question by:drory
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 

Expert Comment

by:rootforce
ID: 22746438
Are you using windows to configure your wireless network card or the manufacturers tool?
0
 

Author Comment

by:drory
ID: 22747402
I'm using windows.
0
 
LVL 44

Expert Comment

by:Darr247
ID: 22749400
The hardware needs to support WPA2. Any device with the WiFi logo had to be upgradable from WEP to WPA with just a driver update, but WPA2's AES encryption typically needs heftier processing than WEP and WPA's RC-4 encryption required.
Some were able to add AES encryption to WPA, too... and even though AES is practically unbreakable (if using a truly random password to prevent dictionary cracks), it still adds overhead by including the password in every packet (WEP and WPA's RC-4 encryption, on the other hand, can be broken by collecting just 5-10 minutes worth of packets using aircrack, et al).

And I can't recall any 11b-only cards that supported WPA2, btw.
0
Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

 

Author Comment

by:drory
ID: 22751123
Darr247 thank you.
So just to complete the big picture, is it true that WPA-PSK with AES has the same security problem as WPA AES (without PSK)?
0
 
LVL 44

Expert Comment

by:Darr247
ID: 22751154
PSK = pre-shared key. That's as opposed to enterprise or 802.1x, which authenticates using certificates or username/password unique to each user (e.g. via IAS/RADIUS server).

To what security problem are you referring?
0
 

Author Comment

by:drory
ID: 22751293
Is it possible to crack WPA-PSK AES in 5-10 minutes as regular WPA AES?
0
 
LVL 44

Accepted Solution

by:
Darr247 earned 500 total points
ID: 22753015
Not yet, no.

If Moore's Law holds true and computer processor power continues doubling approximately every 18-months, in about 100 years you should be able to build a distributed computing project using a few trillion (that's 12 zeros here in the US) computers and be able to crack 128-bit AES in only a few days.

If you have something that says AES has been cracked, I'm not the only one that would like to see it. :-)

It's WPA-TKIP that can be cracked (to expose the encrypted data, not reverse engineer the original passphrase) by gathering only 5-10 minutes of packets... that's RC-4 encryption, not AES.... then you would need to repeat those steps (gather, break, decrypt) every time the password is incrememented along the vectors. Still, it means your data is not ''secure'' (if you desire your data to be ''secure'') when using WPA-TKIP... note that WPA-AES is NOT part of the WPA 'standard' and not all devices support it. ''WPA'' is WEP + TKIP, and was a quick fix to shore up security until WPA2 could be implemented. If you have devices that don't support WPA2 (or at least WPA-AES), I recommend replacing them, chopping the gold-plated conductor tabs off for reclaim, then recycling the rest of the pieces. But even version 1.0 of WRT54G (that's pre-Cisco) and WRT54GS wireless routers support WPA2 with a firmware update, so they would need be fairly ancient devices, in computer-hardware terms, to not support WPA2.

Now, if for a password you use your name, or your mother's name, or anything/anyone's name, or any word in any-language dictionary, that makes a brute-force crack much more likely (no matter what encryption method is used), and you're not serious about security.
Personally, I use the (128-bit) MD5 hash of a word and add a few numbers to it that are significant to me, to make a 36-character pseudo-random password that's easily recreatable (I have a free MD5 generator on all my computers and if you google MD5 Generator you'll see how ubiquitous they are). So if you'd like to break into my WLANs or decrypt packets captured from them, there - I've given you a head start... There are only 1.532 x 10^54 possible combinations if you limit your guesses to passphrases consisting of 32-place HEX-character + 4-place 0-9 character - have at it.  :-)

Here's a quote from the Technoracle (http://technoracle.blogspot.com), blogging about AES:
To give you an idea of the complexity of the resulting decryption process, to crack a 128 bit key would take approximately 3.4 x 10^38 guesses assuming the correct key was the last one you tried. To place this in perspective, is estimated that if a DES key generator were able to discover 1 DES key per second, it would take 149 thousand-billion (149 trillion) years to crack a single 128 bit AES key. As a side note, most physicists accept that the universe is approximately 20 billion years old.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last Mile Wireless The term last mile wireless is a bit deceptive as it can be much more than a mile. It is also called WiMax and 802.16. It generally refers to relatively short distance point-to-point / point-to-multipoint secure wireless connecti…
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month14 days, 18 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question