From: ben_at_netservers.co.uk
Date: 2002-04-08 11:05:09 UTC
On Mon, 8 Apr 2002, Lars Viklund wrote:
> > ... The standard
> > specifically allows
> > for per STA key mapping. Unfortunately all to many closed
> > source drivers,
> > cheap cards and lesser operating system don't seem to impliment the
> > standard all that thoroughly, or at least don't provide any UI for
> > configuring these features.
>
> Sure, you obviously can't use per station keys for such stations.
> My point there are no problems with broadcast and multicast even
> if you use per station keys for just some of the stations.
But it would be nice to be able to do this for all stations!
Do clients always relay their traffic via the AP in managed mode? The standard seems to imply that pairs of STA in the same BSS can use the DS at their discretion, but some people seem to be of the opinion that the DS is always used.
If the client always sends stuff to the DS, then it only needs to every encrypt with one specific key (lets call it key 1) and the host AP driver can re-encypt PDUs between STA. This works for the STA sending broadcast PDUs as well. The only difficulty is for when the STA receives broadcasts. If it supports two keys or more, then the AP can encrypt broadcasts with key 2: the STA will be able to decrypt this as although key 2 is not its default key (and it thus never uses it for encryption), key 2 is known to it. If the STA only supports 1 key, however, the AP would have to encrypt the broadcast seperately for each such receiving STA, which is kind of kludgy and rather wasteful of bandwidth.
Just out of interest, does anybody on the list have any info on the completeness of various WEP implimentations by different chipsets and drivers? Is the single 104 bit sized key limitation that the Belkin cards have common to all prism 2 cards and windows drivers?
Ben.