分类: LINUX
2012-11-15 15:37:13
This process is illustrated below.
|
|
Figure 2-2 |
The following steps occur when two devices use Shared Key Authentication:
If
the decrypted text does not match the original challenge text (that is,
the access point and
station do not share the same WEP key), then the
access point will refuse to authenticate the
station, and the station
will be unable to communicate with either the 802.11 network or Ethernet
network.
The IEEE 802.11 standard supports two types of WEP encryption: 40-bit and 128-bit.
The
64-bit WEP data encryption method allows for a five-character (40-bit)
input. Additionally, 24
factory-set bits are added to the forty-bit
input to generate a 64-bit encryption key. (The 24 factory
-set bits are
not user-configurable). This encryption key will be used to
encrypt/decrypt all data
transmitted via the wireless interface. Some
vendors refer to the 64-bit WEP data encryption as
40-bit WEP data
encryption because the user-configurable portion of the encryption key
is 40 bits
wide.
The
128-bit WEP data encryption method consists of 104 user-configurable
bits. Similar to the
40-bit WEP data encryption method, the remaining 24
bits are factory-set and not user-
configurable. Some vendors allow
passphrases to be entered instead of the cryptic hexadecimal
characters
to ease encryption key entry.
The
128-bit encryption is stronger than 40-bit encryption, but 128-bit
encryption may not be
available outside the United States due to U.S.
export regulations.
When
configured for 40-bit encryption, 802.11 products typically support up
to four WEP keys.
Each 40-bit WEP key is expressed as five sets of two
hexadecimal digits (0-9 and A-F). For example,
"12 34 56 78 90" is a
40-bit WEP key.
When
configured for 128-bit encryption, 802.11g products typically support
four WEP keys, but
some manufacturers support only one 128-bit key. The
128-bit WEP Key is expressed as 13 sets
of two hexadecimal digits (0-9
and A-F). For example, "12 34 56 78 90 AB CD EF 12 34 56 78 90"
is a
128-bitWEP key.
Typically,
802.11 access points can store up to four 128-bit WEP keys, but some
802.11 client
adapters can only store one. Therefore, make sure that
your 802.11 access and client adapters'
configurations match.
Whatever
keys you enter for an access point, you must also enter the same keys
for the client
adapter in the same order. In other words, WEP key 1 on
the AP must match WEP key 1 on the
client adapter, WEP key 2 on the AP
must match WEP key 2 on the client adapter, etc.
------------------------------------------------PS--------------------------------------------
加密可以分别和Open system、Shared key链路使用。
1.采用Open system authentication方式:此时WEP密钥只做加密,即使密钥配的不一致,用户也是可以上线,但上线后传输的数据会因为密钥不一致被接收端丢弃。
2.采用Shared key authentication方式:此时如果双方密钥不一致,客户端就不能通过Shared key认证,无法上线。也就是说,当WEP和Shared key认证方式配合使用时,WEP也可以作为一种认证方法
