TKIP or AES?

Discussion in 'Wireless Networking' started by Smirnoff, Dec 17, 2008.

  1. Smirnoff

    Smirnoff Guest

    Sorry, this is double posted in bt.broadband support, now realise that
    this is the best NG for this post.

    XP Pro, SP3, BT Hub, Belkin Wireless G card.

    I have a single user desktop and have installed the Windows WPA2
    security
    update:

    http://support.microsoft.com/kb/893357

    Have also allowed Windows to handle my wireless connection, rather than
    my Belkin G wireless card utility. My BT Hub security is set to WPA2
    only and I have a 63 character alpha-numeric security key.

    Everything is working OK, touch wood.

    Just a couple of points I'd like to get clear in my mind.

    1. Bearing in mind that no laptop or other device is going to connect
    wirelessly, which data encryption is best to use, AES or TKIP, and
    what's the difference?

    2. Although everything is working OK, I thought it depended on the
    lowest common denominator. To my knowledge, my Belkin Wireless G card is
    incapable of handling WPA2. Or, is it that the wireless card UTILITY is
    incapable of handling WPA2?
    Do I assume that the Hub handles all the security and that the Belkin
    card just picks up the resulting signal?
    Smirnoff, Dec 17, 2008
    #1
    1. Advertising

  2. I think AES is better. Or check this post.
    Which is more secure wireless settings
    Wireless Security Options. When setup wireless security, you may have
    many options. ... Here are the options I see >> WEP , WPA and WPA2 ...
    www.chicagotech.net/netforums/viewtopic.php?p=6030&sid=7fc46f53f494db7936cacd787e302378


    --
    Bob Lin, MS-MVP, MCSE & CNE
    Networking, Internet, Routing, VPN Troubleshooting on
    http://www.ChicagoTech.net
    How to Setup Windows, Network, VPN & Remote Access on
    http://www.HowToNetworking.com
    "Smirnoff" <> wrote in message
    news:...
    > Sorry, this is double posted in bt.broadband support, now realise that
    > this is the best NG for this post.
    >
    > XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >
    > I have a single user desktop and have installed the Windows WPA2 security
    > update:
    >
    > http://support.microsoft.com/kb/893357
    >
    > Have also allowed Windows to handle my wireless connection, rather than
    > my Belkin G wireless card utility. My BT Hub security is set to WPA2
    > only and I have a 63 character alpha-numeric security key.
    >
    > Everything is working OK, touch wood.
    >
    > Just a couple of points I'd like to get clear in my mind.
    >
    > 1. Bearing in mind that no laptop or other device is going to connect
    > wirelessly, which data encryption is best to use, AES or TKIP, and
    > what's the difference?
    >
    > 2. Although everything is working OK, I thought it depended on the
    > lowest common denominator. To my knowledge, my Belkin Wireless G card is
    > incapable of handling WPA2. Or, is it that the wireless card UTILITY is
    > incapable of handling WPA2?
    > Do I assume that the Hub handles all the security and that the Belkin card
    > just picks up the resulting signal?
    >
    >
    >
    Robert L. \(MS-MVP\), Dec 17, 2008
    #2
    1. Advertising

  3. Smirnoff

    Jim Guest

    "Smirnoff" <> wrote in message
    news:...
    > Sorry, this is double posted in bt.broadband support, now realise that
    > this is the best NG for this post.
    >
    > XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >
    > I have a single user desktop and have installed the Windows WPA2 security
    > update:
    >
    > http://support.microsoft.com/kb/893357
    >
    > Have also allowed Windows to handle my wireless connection, rather than
    > my Belkin G wireless card utility. My BT Hub security is set to WPA2
    > only and I have a 63 character alpha-numeric security key.
    >
    > Everything is working OK, touch wood.
    >
    > Just a couple of points I'd like to get clear in my mind.
    >
    > 1. Bearing in mind that no laptop or other device is going to connect
    > wirelessly, which data encryption is best to use, AES or TKIP, and
    > what's the difference?
    >
    > 2. Although everything is working OK, I thought it depended on the
    > lowest common denominator. To my knowledge, my Belkin Wireless G card is
    > incapable of handling WPA2. Or, is it that the wireless card UTILITY is
    > incapable of handling WPA2?
    > Do I assume that the Hub handles all the security and that the Belkin card
    > just picks up the resulting signal?
    >
    >
    >

    Q1: No device needs to connect to listen to the message stream. A
    reasonaby savvy lurker just downloads messages and tries to decrypt them.
    If I recall correctly, it is AES.
    Q2. It would be the card that is the limiting factor because encrypting
    should be done in hardware for the best performance. And, you are wrong to
    assume that the router handles all of the security.
    As the entire message is encrypted, the router decrypts messages from the
    card before sending them to the destination. The card decrypts messages
    from the router before sending them up the layers of software.

    Jim
    Jim, Dec 17, 2008
    #3
  4. You might look at this from the WiFi Alliance. AES is done in hardware
    because of the computational requirements. As far as I know AES is
    required for WPA2 while TKIP is required for WPA.

    http://www.wi-fi.org/files/kc_11_WPA2_QandA_3-23-05.pdf

    ....and this...

    http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

    With a sufficiently long random ASCII key both should be equally safe
    for home users. Personally I use WPA2-Personal (WPA2-PSK [AES]) and like
    you a 63-character random ASCII key.

    --

    Al Jarvi (MS-MVP Windows - Desktop User Experience)

    Please post *ALL* questions and replies to the news group for the
    mutual benefit of all of us...
    The MS-MVP Program - http://mvp.support.microsoft.com
    This posting is provided "AS IS" with no warranties, and confers no
    rights...
    How to ask a question
    http://support.microsoft.com/KB/555375
    Sooner Al [MVP], Dec 17, 2008
    #4
  5. Hi
    From the weakest to the strongest, Wireless security capacity is.
    No Security
    MAC______(Band Aid if nothing else is available).
    WEP64____(Easy, to "Break" by knowledgeable people).
    WEP128___(A little Harder, but "Hackable" too).
    WPA-PSK__(Very Hard to Break).
    WPA-AES__(Not functionally Breakable)
    WPA2____ (Not functionally Breakable).
    Note 1: WPA-AES the the current entry level rendition of WPA2.
    Note 2: If you use WinXP and did not updated it you would have to download
    the WPA2 patch from Microsoft. http://support.microsoft.com/kb/893357
    The documentation of your Wireless devices (Wireless Router, and Wireless
    Computer's Card) should state the type of security that is available with
    your Wireless hardware.
    All devices MUST be set to the same security level using the same pass
    phrase.
    Therefore the security must be set according what ever is the best possible
    of one of the Wireless devices.
    I.e. even if most of your system might be capable to be configured to the
    max. with WPA2, but one device is only capable to be configured to max . of
    WEP, to whole system must be configured to WEP.
    If you need more good security and one device (like a Wireless card that can
    do WEP only) is holding better security for the whole Network, replace the
    device with a better one.
    The Core differences between WEP, WPA, and WPA2 -
    http://www.ezlan.net/wpa_wep.html
    Jack (MVP-Networking).

    "Smirnoff" <> wrote in message
    news:...
    > Sorry, this is double posted in bt.broadband support, now realise that
    > this is the best NG for this post.
    >
    > XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >
    > I have a single user desktop and have installed the Windows WPA2 security
    > update:
    >
    > http://support.microsoft.com/kb/893357
    >
    > Have also allowed Windows to handle my wireless connection, rather than
    > my Belkin G wireless card utility. My BT Hub security is set to WPA2
    > only and I have a 63 character alpha-numeric security key.
    >
    > Everything is working OK, touch wood.
    >
    > Just a couple of points I'd like to get clear in my mind.
    >
    > 1. Bearing in mind that no laptop or other device is going to connect
    > wirelessly, which data encryption is best to use, AES or TKIP, and
    > what's the difference?
    >
    > 2. Although everything is working OK, I thought it depended on the
    > lowest common denominator. To my knowledge, my Belkin Wireless G card is
    > incapable of handling WPA2. Or, is it that the wireless card UTILITY is
    > incapable of handling WPA2?
    > Do I assume that the Hub handles all the security and that the Belkin card
    > just picks up the resulting signal?
    >
    >
    >
    Jack \(MVP-Networking\)., Dec 17, 2008
    #5
  6. Smirnoff

    James Egan Guest

    On Wed, 17 Dec 2008 08:49:15 -0000, "Smirnoff"
    <> wrote:

    >1. Bearing in mind that no laptop or other device is going to connect
    >wirelessly, which data encryption is best to use, AES or TKIP, and
    >what's the difference?


    AES is better. It is based on the rijndael block cipher whereas TKIP,
    like WEP before it, is based on the RC4 stream cipher although the
    implementation in WPA/TKIP is much more secure than in WEP

    WPA/TKIP is for users running legacy hardware which can't handle AES.
    Anything running WEP is supposedly software upgradable to WPA/TKIP
    whereas WPA/AES won't work on some old gear.


    Jim.
    James Egan, Dec 17, 2008
    #6
  7. Smirnoff

    John Guest

    doesn't answer your question directly but worth reading:
    http://www.itworld.com/security/57285/once-thought-safe-wpa-wi-fi-encryption-cracked

    "Smirnoff" <> wrote in message
    news:...
    > Sorry, this is double posted in bt.broadband support, now realise that
    > this is the best NG for this post.
    >
    > XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >
    > I have a single user desktop and have installed the Windows WPA2 security
    > update:
    >
    > http://support.microsoft.com/kb/893357
    >
    > Have also allowed Windows to handle my wireless connection, rather than
    > my Belkin G wireless card utility. My BT Hub security is set to WPA2
    > only and I have a 63 character alpha-numeric security key.
    >
    > Everything is working OK, touch wood.
    >
    > Just a couple of points I'd like to get clear in my mind.
    >
    > 1. Bearing in mind that no laptop or other device is going to connect
    > wirelessly, which data encryption is best to use, AES or TKIP, and
    > what's the difference?
    >
    > 2. Although everything is working OK, I thought it depended on the
    > lowest common denominator. To my knowledge, my Belkin Wireless G card is
    > incapable of handling WPA2. Or, is it that the wireless card UTILITY is
    > incapable of handling WPA2?
    > Do I assume that the Hub handles all the security and that the Belkin card
    > just picks up the resulting signal?
    >
    >
    >
    John, Dec 17, 2008
    #7
  8. Smirnoff

    Smirnoff Guest

    "Jim" <> wrote in message
    news:...
    >
    > "Smirnoff" <> wrote in message
    > news:...
    >> Sorry, this is double posted in bt.broadband support, now realise
    >> that this is the best NG for this post.
    >>
    >> XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >>
    >> I have a single user desktop and have installed the Windows WPA2
    >> security
    >> update:
    >>
    >> http://support.microsoft.com/kb/893357
    >>
    >> Have also allowed Windows to handle my wireless connection, rather
    >> than
    >> my Belkin G wireless card utility. My BT Hub security is set to WPA2
    >> only and I have a 63 character alpha-numeric security key.
    >>
    >> Everything is working OK, touch wood.
    >>
    >> Just a couple of points I'd like to get clear in my mind.
    >>
    >> 1. Bearing in mind that no laptop or other device is going to connect
    >> wirelessly, which data encryption is best to use, AES or TKIP, and
    >> what's the difference?
    >>
    >> 2. Although everything is working OK, I thought it depended on the
    >> lowest common denominator. To my knowledge, my Belkin Wireless G card
    >> is
    >> incapable of handling WPA2. Or, is it that the wireless card UTILITY
    >> is
    >> incapable of handling WPA2?
    >> Do I assume that the Hub handles all the security and that the Belkin
    >> card just picks up the resulting signal?
    >>
    >>
    >>

    > Q1: No device needs to connect to listen to the message stream. A
    > reasonaby savvy lurker just downloads messages and tries to decrypt
    > them. If I recall correctly, it is AES.
    > Q2. It would be the card that is the limiting factor because
    > encrypting should be done in hardware for the best performance. And,
    > you are wrong to assume that the router handles all of the security.
    > As the entire message is encrypted, the router decrypts messages from
    > the card before sending them to the destination. The card decrypts
    > messages from the router before sending them up the layers of
    > software.
    >
    > Jim
    >

    Q1: Will stick to AES, thanks.

    Q2: Have set my comp to use WPA2 for ages now and this is what confuses
    me. Not long ago I DID have my niece's laptop (with Windows WPA2 update
    installed) connecting to my computer (with correct security key). She
    had a relatively old Linksys USB wireless adapter, so it didn't surprise
    me to see that when using Windows to "View available networks", my BT
    Hub showed up as just WPA protected.

    Have just looked at the spec of my Belkin Wireless G card and it states
    "Features wireless 64- and 128-bit WEP encryption" (no mention of WPA
    let alone WPA2). When I "View available networks" my Hub shows
    "Security-enabled wireless network (WPA2)".

    I'm positive that my Belkin card is older than my niece's USB adapter
    and doesn't handle anything but WEP, so why is the network showing up as
    WPA2 enabled?
    Smirnoff, Dec 17, 2008
    #8
  9. Smirnoff

    Smirnoff Guest

    "Smirnoff" <> wrote in message
    news:...
    >
    >
    > "Jim" <> wrote in message
    > news:...
    >>
    >> "Smirnoff" <> wrote in message
    >> news:...
    >>> Sorry, this is double posted in bt.broadband support, now realise
    >>> that this is the best NG for this post.
    >>>
    >>> XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >>>
    >>> I have a single user desktop and have installed the Windows WPA2
    >>> security
    >>> update:
    >>>
    >>> http://support.microsoft.com/kb/893357
    >>>
    >>> Have also allowed Windows to handle my wireless connection, rather
    >>> than
    >>> my Belkin G wireless card utility. My BT Hub security is set to WPA2
    >>> only and I have a 63 character alpha-numeric security key.
    >>>
    >>> Everything is working OK, touch wood.
    >>>
    >>> Just a couple of points I'd like to get clear in my mind.
    >>>
    >>> 1. Bearing in mind that no laptop or other device is going to
    >>> connect
    >>> wirelessly, which data encryption is best to use, AES or TKIP, and
    >>> what's the difference?
    >>>
    >>> 2. Although everything is working OK, I thought it depended on the
    >>> lowest common denominator. To my knowledge, my Belkin Wireless G
    >>> card is
    >>> incapable of handling WPA2. Or, is it that the wireless card UTILITY
    >>> is
    >>> incapable of handling WPA2?
    >>> Do I assume that the Hub handles all the security and that the
    >>> Belkin card just picks up the resulting signal?
    >>>
    >>>
    >>>

    >> Q1: No device needs to connect to listen to the message stream. A
    >> reasonaby savvy lurker just downloads messages and tries to decrypt
    >> them. If I recall correctly, it is AES.
    >> Q2. It would be the card that is the limiting factor because
    >> encrypting should be done in hardware for the best performance. And,
    >> you are wrong to assume that the router handles all of the security.
    >> As the entire message is encrypted, the router decrypts messages from
    >> the card before sending them to the destination. The card decrypts
    >> messages from the router before sending them up the layers of
    >> software.
    >>
    >> Jim
    >>

    > Q1: Will stick to AES, thanks.
    >
    > Q2: Have set my comp to use WPA2 for ages now and this is what
    > confuses me. Not long ago I DID have my niece's laptop (with Windows
    > WPA2 update installed) connecting to my computer (with correct
    > security key). She had a relatively old Linksys USB wireless adapter,
    > so it didn't surprise me to see that when using Windows to "View
    > available networks", my BT Hub showed up as just WPA protected.
    >
    > Have just looked at the spec of my Belkin Wireless G card and it
    > states "Features wireless 64- and 128-bit WEP encryption" (no mention
    > of WPA let alone WPA2). When I "View available networks" my Hub shows
    > "Security-enabled wireless network (WPA2)".
    >
    > I'm positive that my Belkin card is older than my niece's USB adapter
    > and doesn't handle anything but WEP, so why is the network showing up
    > as WPA2 enabled?
    >


    Sorry, meant to add: Is it the Belkin card itself that is not WPA(2)
    capable or is it the UTILITY, as I queried earlier? When you allow
    Windows to handle the wireless connection surely it becomes the
    utility/driver, thus allowing for higher security. As security settings
    are set with the utility (in this case Windows), perhaps the card is
    merely transmitting the resultant data?
    Smirnoff, Dec 17, 2008
    #9
  10. Smirnoff

    Lem Guest

    Smirnoff wrote:
    > "Smirnoff" <> wrote in message
    > news:...
    >>
    >> "Jim" <> wrote in message
    >> news:...
    >>> "Smirnoff" <> wrote in message
    >>> news:...
    >>>> Sorry, this is double posted in bt.broadband support, now realise
    >>>> that this is the best NG for this post.
    >>>>
    >>>> XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >>>>
    >>>> I have a single user desktop and have installed the Windows WPA2
    >>>> security
    >>>> update:
    >>>>
    >>>> http://support.microsoft.com/kb/893357
    >>>>
    >>>> Have also allowed Windows to handle my wireless connection, rather
    >>>> than
    >>>> my Belkin G wireless card utility. My BT Hub security is set to WPA2
    >>>> only and I have a 63 character alpha-numeric security key.
    >>>>
    >>>> Everything is working OK, touch wood.
    >>>>
    >>>> Just a couple of points I'd like to get clear in my mind.
    >>>>
    >>>> 1. Bearing in mind that no laptop or other device is going to
    >>>> connect
    >>>> wirelessly, which data encryption is best to use, AES or TKIP, and
    >>>> what's the difference?
    >>>>
    >>>> 2. Although everything is working OK, I thought it depended on the
    >>>> lowest common denominator. To my knowledge, my Belkin Wireless G
    >>>> card is
    >>>> incapable of handling WPA2. Or, is it that the wireless card UTILITY
    >>>> is
    >>>> incapable of handling WPA2?
    >>>> Do I assume that the Hub handles all the security and that the
    >>>> Belkin card just picks up the resulting signal?
    >>>>
    >>>>
    >>>>
    >>> Q1: No device needs to connect to listen to the message stream. A
    >>> reasonaby savvy lurker just downloads messages and tries to decrypt
    >>> them. If I recall correctly, it is AES.
    >>> Q2. It would be the card that is the limiting factor because
    >>> encrypting should be done in hardware for the best performance. And,
    >>> you are wrong to assume that the router handles all of the security.
    >>> As the entire message is encrypted, the router decrypts messages from
    >>> the card before sending them to the destination. The card decrypts
    >>> messages from the router before sending them up the layers of
    >>> software.
    >>>
    >>> Jim
    >>>

    >> Q1: Will stick to AES, thanks.
    >>
    >> Q2: Have set my comp to use WPA2 for ages now and this is what
    >> confuses me. Not long ago I DID have my niece's laptop (with Windows
    >> WPA2 update installed) connecting to my computer (with correct
    >> security key). She had a relatively old Linksys USB wireless adapter,
    >> so it didn't surprise me to see that when using Windows to "View
    >> available networks", my BT Hub showed up as just WPA protected.
    >>
    >> Have just looked at the spec of my Belkin Wireless G card and it
    >> states "Features wireless 64- and 128-bit WEP encryption" (no mention
    >> of WPA let alone WPA2). When I "View available networks" my Hub shows
    >> "Security-enabled wireless network (WPA2)".
    >>
    >> I'm positive that my Belkin card is older than my niece's USB adapter
    >> and doesn't handle anything but WEP, so why is the network showing up
    >> as WPA2 enabled?
    >>

    >
    > Sorry, meant to add: Is it the Belkin card itself that is not WPA(2)
    > capable or is it the UTILITY, as I queried earlier? When you allow
    > Windows to handle the wireless connection surely it becomes the
    > utility/driver, thus allowing for higher security. As security settings
    > are set with the utility (in this case Windows), perhaps the card is
    > merely transmitting the resultant data?
    >
    >


    First, your BT "Hub" is really a router. A hub is an altogether
    different piece of network equipment from a router.
    http://www.practicallynetworked.com/networking/bridge_types.htm

    With respect to wireless security, *both* the router *and* the adapter
    perform encryption and decryption. The router encrypts info that it
    sends to your computer and your adapter decrypts those messages when it
    receives them. And vice versa - your adapter encrypts info that you send
    to the router and the router decrypts those messages.

    There is some inconsistency with your description: how can you be
    positive that your Belkin card is capable of only WEP if you've been
    using WPA2 for ages? This does not compute.

    Many WiFi products with the same product name have been substantially
    changed through the use of "version" nomenclature. The main "features"
    page of the product may not have been updated to reflect these changes.
    Thus, your Belkin adapter almost certainly *is* WPA2 capable (if you
    have been using it to connect to a WPA2 network). For example, if you
    have a Belkin F5D7000 PCI wireless-G adapter, the main product page says
    only "Features wireless 64- and 128-bit WEP encryption." The specs page,
    however, says "WPA, WPA2, 64-bit/128-bit encryption" (of course, the
    spec page also says that it's an IEEE 802.11b card when we know, by
    definition, that it's IEEE 802.11g).

    And, as others in the thread have noted, in order to use WPA2, you need
    *both* a utility that knows about WPA2 *and* hardware that's capable of
    WPA2. If you've installed the WPA2 update, then you have the correct
    utility.

    As far as your niece's Linksys USB adapter, the basic Linksys wireless-G
    USB adapter, the WUSB54G, is now up to version 4, but even version 1 can
    handle WPA (not WPA2) with the current driver. (The User Guide for
    version 4 mentions something called "PSK2." I believe that's what
    Linksys used to describe WPA2 (perhaps before the product was certified
    by the WiFi alliance, and so couldn't use "WPA2"). So if your niece has
    this version of this device, she probably can use WPA2. That term
    doesn't appear in the v.1 or v.2 manuals.)

    Finally, *all* devices on a wireless network must use the same level of
    encryption. Thus, if your niece's hardware really can only handle WPA,
    you'll have to reconfigure your router to use WPA. In this case, use
    WPA-PSK (AES).
    --
    Lem -- MS-MVP

    To the moon and back with 2K words of RAM and 36K words of ROM.
    http://en.wikipedia.org/wiki/Apollo_Guidance_Computer
    http://history.nasa.gov/afj/compessay.htm
    Lem, Dec 17, 2008
    #10
  11. Smirnoff

    Smirnoff Guest

    "Lem" <lemp40@unknownhost> wrote in message
    news:...
    > Smirnoff wrote:
    >> "Smirnoff" <> wrote in message
    >> news:...
    >>>
    >>> "Jim" <> wrote in message
    >>> news:...
    >>>> "Smirnoff" <> wrote in message
    >>>> news:...
    >>>>> Sorry, this is double posted in bt.broadband support, now realise
    >>>>> that this is the best NG for this post.
    >>>>>
    >>>>> XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >>>>>
    >>>>> I have a single user desktop and have installed the Windows WPA2
    >>>>> security
    >>>>> update:
    >>>>>
    >>>>> http://support.microsoft.com/kb/893357
    >>>>>
    >>>>> Have also allowed Windows to handle my wireless connection, rather
    >>>>> than
    >>>>> my Belkin G wireless card utility. My BT Hub security is set to
    >>>>> WPA2
    >>>>> only and I have a 63 character alpha-numeric security key.
    >>>>>
    >>>>> Everything is working OK, touch wood.
    >>>>>
    >>>>> Just a couple of points I'd like to get clear in my mind.
    >>>>>
    >>>>> 1. Bearing in mind that no laptop or other device is going to
    >>>>> connect
    >>>>> wirelessly, which data encryption is best to use, AES or TKIP, and
    >>>>> what's the difference?
    >>>>>
    >>>>> 2. Although everything is working OK, I thought it depended on the
    >>>>> lowest common denominator. To my knowledge, my Belkin Wireless G
    >>>>> card is
    >>>>> incapable of handling WPA2. Or, is it that the wireless card
    >>>>> UTILITY is
    >>>>> incapable of handling WPA2?
    >>>>> Do I assume that the Hub handles all the security and that the
    >>>>> Belkin card just picks up the resulting signal?
    >>>>>
    >>>>>
    >>>>>
    >>>> Q1: No device needs to connect to listen to the message stream. A
    >>>> reasonaby savvy lurker just downloads messages and tries to decrypt
    >>>> them. If I recall correctly, it is AES.
    >>>> Q2. It would be the card that is the limiting factor because
    >>>> encrypting should be done in hardware for the best performance.
    >>>> And, you are wrong to assume that the router handles all of the
    >>>> security.
    >>>> As the entire message is encrypted, the router decrypts messages
    >>>> from the card before sending them to the destination. The card
    >>>> decrypts messages from the router before sending them up the layers
    >>>> of software.
    >>>>
    >>>> Jim
    >>>>
    >>> Q1: Will stick to AES, thanks.
    >>>
    >>> Q2: Have set my comp to use WPA2 for ages now and this is what
    >>> confuses me. Not long ago I DID have my niece's laptop (with Windows
    >>> WPA2 update installed) connecting to my computer (with correct
    >>> security key). She had a relatively old Linksys USB wireless
    >>> adapter, so it didn't surprise me to see that when using Windows to
    >>> "View available networks", my BT Hub showed up as just WPA
    >>> protected.
    >>>
    >>> Have just looked at the spec of my Belkin Wireless G card and it
    >>> states "Features wireless 64- and 128-bit WEP encryption" (no
    >>> mention of WPA let alone WPA2). When I "View available networks" my
    >>> Hub shows "Security-enabled wireless network (WPA2)".
    >>>
    >>> I'm positive that my Belkin card is older than my niece's USB
    >>> adapter and doesn't handle anything but WEP, so why is the network
    >>> showing up as WPA2 enabled?
    >>>

    >>
    >> Sorry, meant to add: Is it the Belkin card itself that is not WPA(2)
    >> capable or is it the UTILITY, as I queried earlier? When you allow
    >> Windows to handle the wireless connection surely it becomes the
    >> utility/driver, thus allowing for higher security. As security
    >> settings are set with the utility (in this case Windows), perhaps the
    >> card is merely transmitting the resultant data?

    >
    > First, your BT "Hub" is really a router. A hub is an altogether
    > different piece of network equipment from a router.
    > http://www.practicallynetworked.com/networking/bridge_types.htm
    >
    > With respect to wireless security, *both* the router *and* the adapter
    > perform encryption and decryption. The router encrypts info that it
    > sends to your computer and your adapter decrypts those messages when
    > it receives them. And vice versa - your adapter encrypts info that you
    > send to the router and the router decrypts those messages.
    >
    > There is some inconsistency with your description: how can you be
    > positive that your Belkin card is capable of only WEP if you've been
    > using WPA2 for ages? This does not compute.
    >
    > Many WiFi products with the same product name have been substantially
    > changed through the use of "version" nomenclature. The main "features"
    > page of the product may not have been updated to reflect these
    > changes. Thus, your Belkin adapter almost certainly *is* WPA2 capable
    > (if you have been using it to connect to a WPA2 network). For example,
    > if you have a Belkin F5D7000 PCI wireless-G adapter, the main product
    > page says only "Features wireless 64- and 128-bit WEP encryption." The
    > specs page, however, says "WPA, WPA2, 64-bit/128-bit encryption" (of
    > course, the spec page also says that it's an IEEE 802.11b card when we
    > know, by definition, that it's IEEE 802.11g).
    >
    > And, as others in the thread have noted, in order to use WPA2, you
    > need *both* a utility that knows about WPA2 *and* hardware that's
    > capable of WPA2. If you've installed the WPA2 update, then you have
    > the correct utility.
    >
    > As far as your niece's Linksys USB adapter, the basic Linksys
    > wireless-G USB adapter, the WUSB54G, is now up to version 4, but even
    > version 1 can handle WPA (not WPA2) with the current driver. (The
    > User Guide for version 4 mentions something called "PSK2." I believe
    > that's what Linksys used to describe WPA2 (perhaps before the product
    > was certified by the WiFi alliance, and so couldn't use "WPA2"). So if
    > your niece has this version of this device, she probably can use WPA2.
    > That term doesn't appear in the v.1 or v.2 manuals.)
    >
    > Finally, *all* devices on a wireless network must use the same level
    > of encryption. Thus, if your niece's hardware really can only handle
    > WPA, you'll have to reconfigure your router to use WPA. In this case,
    > use WPA-PSK (AES).
    > --
    > Lem -- MS-MVP
    >


    You are quite right about the Belkin, I was looking at the Features page
    rather than the Spec page.

    I can stop scratching my head now.

    Thanks for a very detailed and comprehensive answer.
    Smirnoff, Dec 18, 2008
    #11
  12. Smirnoff

    Smirnoff Guest

    "Smirnoff" <> wrote in message
    news:...
    > Sorry, this is double posted in bt.broadband support, now realise that
    > this is the best NG for this post.
    >
    > XP Pro, SP3, BT Hub, Belkin Wireless G card.
    >
    > I have a single user desktop and have installed the Windows WPA2
    > security
    > update:
    >
    > http://support.microsoft.com/kb/893357
    >
    > Have also allowed Windows to handle my wireless connection, rather
    > than
    > my Belkin G wireless card utility. My BT Hub security is set to WPA2
    > only and I have a 63 character alpha-numeric security key.
    >
    > Everything is working OK, touch wood.
    >
    > Just a couple of points I'd like to get clear in my mind.
    >
    > 1. Bearing in mind that no laptop or other device is going to connect
    > wirelessly, which data encryption is best to use, AES or TKIP, and
    > what's the difference?
    >
    > 2. Although everything is working OK, I thought it depended on the
    > lowest common denominator. To my knowledge, my Belkin Wireless G card
    > is
    > incapable of handling WPA2. Or, is it that the wireless card UTILITY
    > is
    > incapable of handling WPA2?
    > Do I assume that the Hub handles all the security and that the Belkin
    > card just picks up the resulting signal?
    >
    >
    >

    Thanks to all who responded to this post and especially, Lem.
    Smirnoff, Dec 18, 2008
    #12
  13. Smirnoff

    James Egan Guest

    On Thu, 18 Dec 2008 07:56:41 -0000, "Smirnoff"
    <> wrote:

    >> Finally, *all* devices on a wireless network must use the same level
    >> of encryption. Thus, if your niece's hardware really can only handle
    >> WPA, you'll have to reconfigure your router to use WPA. In this case,
    >> use WPA-PSK (AES).


    Surely if the hardware is capable of handling AES encryption then it
    is also capable of handling (AES based) CCMP authentication and key
    management?

    In other words, isn't WPA2-PSK (or WPA-PSK2) and WPA-PSK(AES) the
    same thing?


    Jim.
    James Egan, Dec 18, 2008
    #13
  14. Smirnoff

    James Egan Guest

    On Thu, 18 Dec 2008 10:01:45 +0000, James Egan <>
    wrote:

    >
    >On Thu, 18 Dec 2008 07:56:41 -0000, "Smirnoff"
    ><> wrote:
    >
    >>> Finally, *all* devices on a wireless network must use the same level
    >>> of encryption. Thus, if your niece's hardware really can only handle
    >>> WPA, you'll have to reconfigure your router to use WPA. In this case,
    >>> use WPA-PSK (AES).

    >
    >Surely if the hardware is capable of handling AES encryption then it
    >is also capable of handling (AES based) CCMP authentication and key
    >management?
    >
    >In other words, isn't WPA2-PSK (or WPA-PSK2) and WPA-PSK(AES) the
    >same thing?
    >


    My apologies to Mr Lem and Mr Smirnoff for the error in quoting. I was
    quoting Mr Lem.


    Jim.
    James Egan, Dec 18, 2008
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Al Blake

    Set TKIP through a GPO?

    Al Blake, Oct 11, 2004, in forum: Wireless Networking
    Replies:
    4
    Views:
    3,529
    Joshua Teague [MSFT]
    Oct 21, 2004
  2. Rich D

    Can't share files with TKIP

    Rich D, Jun 28, 2005, in forum: Wireless Networking
    Replies:
    0
    Views:
    441
    Rich D
    Jun 28, 2005
  3. =?Utf-8?B?U2NvdCBCYWxmb3Vy?=

    WPA2 backward compatibility with WPA: TKIP and/or AES?

    =?Utf-8?B?U2NvdCBCYWxmb3Vy?=, Oct 5, 2005, in forum: Wireless Networking
    Replies:
    0
    Views:
    1,123
    =?Utf-8?B?U2NvdCBCYWxmb3Vy?=
    Oct 5, 2005
  4. J.H. Holliday

    Wireless security: AES vs. TKIP

    J.H. Holliday, May 31, 2005, in forum: Computer Support
    Replies:
    2
    Views:
    4,800
  5. max

    WPA AES & WPA2 AES

    max, Feb 13, 2007, in forum: Wireless Networking
    Replies:
    3
    Views:
    9,874
    Jack \(MVP-Networking\).
    Feb 14, 2007
Loading...

Share This Page