802.11n, a status check
- Thread starter Geo
- Start date
Well, that's strange, because computationally WEP should be much faster.
But thanks for the heads up.
Surprised me too when I first realized this was often the case.
I figured it probably had to do with equipment supporting it needed new/better hardware with there already being published hardware AES implementations that could (with relative ease?) be implemented by the Wi-Fi chipset manufacturers.
The first WPA/TKIP specs on the other hand were really an interim patch for the utterly broken WEP, and I imagine that TKIP might have been done partially with software on top of older WEP-capable hardware with varying degrees of efficiency (that there was no sense in improving further).
I don't know, though, so that's just me speculating.
I figured it probably had to do with equipment supporting it needed new/better hardware with there already being published hardware AES implementations that could (with relative ease?) be implemented by the Wi-Fi chipset manufacturers.
The first WPA/TKIP specs on the other hand were really an interim patch for the utterly broken WEP, and I imagine that TKIP might have been done partially with software on top of older WEP-capable hardware with varying degrees of efficiency (that there was no sense in improving further).
I don't know, though, so that's just me speculating.
So where are the 802.11n-only products?I would switch all my computers over to wireless-n immediately with no thought for backward compatibility. :|
http://support.dlink.com/products/view.asp?productid=DGL-4500
Click on the product manual there for the DGL-4500 router in the left sidebar and take a look at pg 25/26. . .
Edit: The funky thing is that apparently none of d-link's own .11n NICs are 5GHz yet. Doh! And at this early date in the lifecycle of 802.11n, mixing and matching equipment by vendor would not be something I'd be eager to try if I could avoid it. The Wi-Fi Association has an interoperability certification program in place, but still. . .
itsmydamnation
Veteran
what you expect to see in terms of transfer rates on a cell with only 2 clients given the conditions is very predictable ( - crappy hardware)
so the constraints we have are:
total theoretical speed = 250 odd mbit
half duplex tech
CSMA/CA
type of traffic flow, ie in a ftp file transfer its 97 odd % one way little bit back the other way depending on windowing etc.
so CSMA/CA wipes off 30% of your theoretical max speed right off the bat. So you are down to 175mb. half duplex starts getting collisions around the 70-80% mark (70% is for CSMA/CD not sure about CA) so you lose 20 odd% so your now at 140mbit.
Take off a little bit for TCP ACK's and in best case i would expect to see 133mbit max in a ftp transfer if you are using something a bit more chatty like windows files sharing i would expect it to drop alot, 30%, 40%(but this is more the fact that SMB/CLIFS is evil then the link itself). You have to remember that that this is with nothing else taking on the link and in perfect conditions. As soon as other traffic is generated weather by your own host or a completely different client on the segment you are going to see performance drop very quickly.
On to security .
there are two parts to this, the authentication method and the encapsulation method.
there are two authentication methods for preshared keys, open and shared? ( cant remember its name)
shared is flawed and no mater what encapsulation/encryption you use the oringal key can easily be obtained. WPA V2 doesn't allow for shared authentication. Open allows you to connect to the AP with out Authenticating but you cant send data until you do. Open authentication can be broken if the key or phrase is too short.
now we have the encapsulation or encryption, there are 3 main options
WEP
TKIP
AES
WEP, is based off a flawed encryption method known as RC4, its the predictability of RC4 which allows for the key to be obtained very fast.
TKIP, is WEP with temporal keying meaning it changes. it is WEP but with a changing key which means by the time the key is broken it has changed, this does not protect your data anymore then WEP!! Some one can still sniff it and break it easily later. TKIP uses the open authentication method so if you have a short key <8 characters then it can be broken.
AES, AES is a very strong encryption cipher, it is also very fast 258bit AES is much faster then 168 bit 3DES to encrypt and being mathematically much strong (it depends who you ask as to which one is stronger). while i dont know for sure i would expect RC4 to be much faster then the both but it is much much weaker then the both (this is before hardware acceleration). As to what is hardware accelerated in consumer level hardware i have no idea ( i spend my time on cisco gear)
So as to what is faster AES or TKIP it would come down to the computational power needed to generate the keying based of the passphrase. But if all done is software i would expect TKIP to be much faster.
what does all this mean? buggered if i know
so the constraints we have are:
total theoretical speed = 250 odd mbit
half duplex tech
CSMA/CA
type of traffic flow, ie in a ftp file transfer its 97 odd % one way little bit back the other way depending on windowing etc.
so CSMA/CA wipes off 30% of your theoretical max speed right off the bat. So you are down to 175mb. half duplex starts getting collisions around the 70-80% mark (70% is for CSMA/CD not sure about CA) so you lose 20 odd% so your now at 140mbit.
Take off a little bit for TCP ACK's and in best case i would expect to see 133mbit max in a ftp transfer if you are using something a bit more chatty like windows files sharing i would expect it to drop alot, 30%, 40%(but this is more the fact that SMB/CLIFS is evil then the link itself). You have to remember that that this is with nothing else taking on the link and in perfect conditions. As soon as other traffic is generated weather by your own host or a completely different client on the segment you are going to see performance drop very quickly.
On to security
. there are two parts to this, the authentication method and the encapsulation method.
there are two authentication methods for preshared keys, open and shared? ( cant remember its name)
shared is flawed and no mater what encapsulation/encryption you use the oringal key can easily be obtained. WPA V2 doesn't allow for shared authentication. Open allows you to connect to the AP with out Authenticating but you cant send data until you do. Open authentication can be broken if the key or phrase is too short.
now we have the encapsulation or encryption, there are 3 main options
WEP
TKIP
AES
WEP, is based off a flawed encryption method known as RC4, its the predictability of RC4 which allows for the key to be obtained very fast.
TKIP, is WEP with temporal keying meaning it changes. it is WEP but with a changing key which means by the time the key is broken it has changed, this does not protect your data anymore then WEP!! Some one can still sniff it and break it easily later. TKIP uses the open authentication method so if you have a short key <8 characters then it can be broken.
AES, AES is a very strong encryption cipher, it is also very fast 258bit AES is much faster then 168 bit 3DES to encrypt and being mathematically much strong (it depends who you ask as to which one is stronger). while i dont know for sure i would expect RC4 to be much faster then the both but it is much much weaker then the both (this is before hardware acceleration). As to what is hardware accelerated in consumer level hardware i have no idea ( i spend my time on cisco gear)
So as to what is faster AES or TKIP it would come down to the computational power needed to generate the keying based of the passphrase. But if all done is software i would expect TKIP to be much faster.
what does all this mean? buggered if i know
That's a bit like saying that if you lock your front door with a paper clip it can easily be broken. You wouldn't.
TKIP gives you a 104bit key length, and I haven't read about any known RC4 attacks that can significantly reduce the keyspace withing the 10.000 frame window given by TKIP. Thus, using a reasonable WPA passphrase (i.e. not 'dog' or something quickly else guessable by a dictionary attack) you'd need a serious amount of brute force to "sniff [WPA] and break it easily later" and the same can be said for AES (although that would need a magnitude of more brute force).
itsmydamnation
Veteran
The key stream generated by RC4 is biased in favour of certain sequences, depending on the amount of data you get per key iteration will have a great impact on your ability to break it after the fact, AES has no known flaws like this as well as being much stronger.Also some one can sniff the data as well as spoof millions of fake request to the AP ( like you would to break WEP) and then put two and two together later on.
The real point i was making with TKIP is that it is fine for link security but not data security. AES on the other hand is better for link security and good for data security but i still wouldn't use it alone if i was worried about data security. I would use EAP-TLS or IPSEC over the top etc.
just so you know, i run TKIP
edit: just doing some light reading on TKIP (been a while since i did wireless) and it appears that i am wrong in regards to breaking WPA using an aircrack styled attack as the 24bit suffix isn't common over packets, but it is still weak to the other RC4 flaws.
Last edited by a moderator:
Well, yeah. While I'm not a cryptoanalyst by any means, it seems to me that the err... key... to keeping WPA secure is that the window before TKIP changes the encryption is short enough. IIRC, this is every 10.000 frames and the most recent RC4 vulnerabilities needed twice as much data before the chance of success turned even negligible (although rising rapidly after that).
Still, some clever maths wiz might find further weaknesses, but who's to say that won't happen with AES as well?
Still, some clever maths wiz might find further weaknesses, but who's to say that won't happen with AES as well?
itsmydamnation
Veteran
thats why i said
AES is much stronger and faster, but 3DES has survived 30 odd years without being broken. im sure the NSA and break both of them so does it really matter anyway
Similar threads
