Thread: WAP54GP (POE VLAN AP)
View Single Post
  #6 (permalink)  
Old 11-18-2006, 06:45 PM
Jeff Liebermann
Guest
  
Posts: n/a
Default Re: WAP54GP (POE VLAN AP)
John Navas <spamfilter0@navasgroup.com> hath wroth:

>On Sat, 18 Nov 2006 08:58:19 -0800, Jeff Liebermann
><jeffl@comix.santa-cruz.ca.us> wrote in
><gmeul29j9ahj2klic0d8d68qpqtl29p38i@4ax.com>:
>
>>John Navas <spamfilter0@navasgroup.com> hath wroth:
>>
>>>On Sat, 18 Nov 2006 06:03:11 GMT, Jeff Liebermann
>>><jeffl@comix.santa-cruz.ca.us> wrote in
>>><bp7tl21to1l8jip3q6spl8slhrfnevgglj@4ax.com>:
>>>
>>>>On Fri, 17 Nov 2006 23:21:21 -0500, Robert Coe <bob@1776.COM> wrote:
>>>>
>>>>>BTW, another glitch in that model is that the WPA2 "shared secret" is limited
>>>>>to 20 characters. Didn't someone in this very newsgroup recommend using at
>>>>>least 22? Some APs, I believe, allow 63.
>>
>>>>The allowed length can be anything from 8 to 63 ASCII characters. See
>>>>comments in:
>>>>| http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
>>
>>>20 characters is sufficient for good security, especially if random
>>>characters are used.
>>
>>Sure, but it doesn't meet the requirements for WPA or WPA2 Wi-Fi
>>certification. My guess(tm) is that Linksys ran out of available RAM
>>and had to cut corners.
>
>I suspect it's a different issue -- the difference is not enough RAM to
>be significant.

Maybe. In WPA2-RADIUS, the encryption key is unique for each session.
Therefore, there has to be at least 64 bytes (hashed) per WPA key
times the number of connections (probably 128) or 8KBytes of storage.
That's not a huge amount, but still substantial considering most
current devices have about 16MBytes of RAM. For example, my home
WRT54GS v3.0 router shows 0.8MBytes available out of 16MBytes RAM with
I think 128 MaxConnections. I've seen it with less on a WRT54G v5
router. See my memory tables at:
https://home.LearnByDestroying.com:8080

>>I'm also wondering how it will do WPA-RADIUS,
>>where the AP assigns a maximum length encryption key for each session.
>
>That's part of what makes me think it's a different issue, or perhaps
>just some sort of misunderstanding.

Possibly. The obvious question is whether the WPA2 key is really
limited to 20 characters on the WAP54GP or whether there's some manner
of browser or internal web page issue. Dunno.

--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Reply With Quote