[OpenWireless Tech] ANYFI IS PROPRIETARY!
Brad Knowles
brad at shub-internet.org
Wed Aug 14 07:45:06 PDT 2013
On Aug 14, 2013, at 9:16 AM, Todd Freeman <todd at chiwifi.net> wrote:
> Also as amazing as the 256aes for wpa2 sounds, its about 70bits of security in real world application, that is trivial to exploit. http://www.keylength.com/en/4/ Bscially if you wanted the amount of security you are assuming aes256 in wpa2 provides, you would need to be using 15MB keys, when using 2048bit keys with aes256, its really about 70bits of security, not 256.
It strikes me that the real security you'd be getting with 8-character WPA passwords would be even less -- if you assume alphanumerical characters plus a couple of specials, that's 64 possibilities, and 64=2^6, or six bits of entropy per character. With eight character passwords, that would be just 6*8=48 bits of entropy, which is not nearly enough -- and nowhere close to the 70 bits mentioned above.
You'd need twelve characters to be able to achieve 72 bits of entropy, and fourteen characters to get 84 bits of entropy (note that 80 bits is the lowest level of security shown on that page).
Of course, this assumes that you get truly randomly generated characters for the password, etc....
--
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
More information about the Tech
mailing list