Thursday, February 14, 2019

WPA and Open System Authentication

Did you know that before you authenticate to your wireless network, it's using the same security mechanisms as open Wi-Fi?

With TLS, it's fairly well known how (most) cipher suites implement the Diffie-Hellman exchange to provide reasonably effective forward secrecy. ECC Diffie-Hellman has largely superseded RSA, but the underlying reason for implementation remains the same - until you establish an encrypted session, confidentiality does not exist. The ultimate solution would be out-of-band exchanged pads, but that is technically infeasible. There will always be a compromise with sacrificial cipher exchanges to achieve forward secrecy.

This is a really helpful video that visually describes the Diffie-Hellman Exchange:

No comments:

Post a Comment

Why Automate? Writing a self-testing Python class for REST or XML API invocation

 So far, most API invocations, at least in terms of what you need to do, are pretty simple to execute. Then again, just about every other ad...