|
|
Encryption
salata time for
stonehard hardware encryption in asic declared with 21 years behind bars
rules if mocked around with and
with proper id instead of some mediocre jpeg
vector emv4 chip script emulator id???
www.japan1.freewebspace.com/postale.htm
www.japan1.freewebspace.com/encrypt.htm
www.japan1.freewebspace.com/encrypt2.htm
http://wifinetnews.com/archives/006612.html
The Xinhua agency reports that the China Broadband Wireless
IP Standard Group (BWIPS)—the recently formed WAPI Industrial Union isn’t
mentioned here—has collected 49 pieces of evidence proving ethics violations. The 802.11i standard was
fast-tracked for consideration of approval; WAPI was rejected, in part, according to reports in March of this year, that
The group of 22 firms that
are involved with WAPI’s future were earlier reported to include many with
government and military investments and control, which is a typical occurrence
in
I’ve written a lot about
WAPI; you can find earlier posts here. My ongoing concern, shared by many
Wi-Fi industry insiders, is that without WAPI being
fully published for examination, there’s no way to determine the strength and
integrity of the protocol—including whether backdoors are part of the standard.
I’ve been told by some readers this is a paranoid attitude, but I’d suggest
that events of the last six months make it clear that
WAPI cannot. It's likely
WAPI is kept secret for multiple reasons, but one of them is almost certainly
for tapping. 802.11i doesn't include tapping as a feature.
Specific companies could
modify 802.11i in their implementation to include tapping, but that is true
with all telecommunications equipment in which encrypted sessions terminate
within the unit itself.
If an AP handles WPA
Enterprise (802.1X with WPA), there's no good way for an AP maker to create an
interception as a man in the middle if the certificates for the secure session
between a user and a back-end server are handled correctly because that would
fail without a valid certificate.--gf]
http://english.people.com.cn/200605/29/eng20060529_269419.html
Telecom expert Li Jinliang said that the
new standard for WLAN is required because of weak security in the original
technology.
To see for yourself the
threat that short, plain-text encryption
keys pose to your WPA-based wireless network, you can download the WPA Cracker
utility from tinyPEAP (http://www.tinypeap.com). The network packets WPA Cracker
needs for analysis can be gathered with the Ethereal open-source network
protocol analyzer available from http://www.ethereal.com. As suggested earlier in this
chapter, you should use WPA Cracker and similar tools to analyze your current
WPA-based network configuration for vulnerabilities.
Although WPA, particularly
in its WPA-Enterprise version, is much more secure than WEP, it is not as
secure as it could be. As mentioned previously in this chapter, WPA was
designed as an interim solution until the ratification of the IEEE 802.11i
standard could take place. IEEE 802.11i was ratified in 2004, and the first
products became available in the fall of 2004. IEEE 802.11i is the basis for WPA2, and WPA2 is the term used to
identify IEEE 802.11-based products which meet IEEE 802.11i security standards.
WPA2 differs from
WPA in the use of a stronger encryption
algorithm. While WEP
and WPA used RC4 encryption,
WPA2 uses the stronger AES encryption algorithm.
Aha
stronger? Baha its low
http://www.iaik.tugraz.at/research/krypto/AES/
Sooooo, do we have low grade encryption due to
moneymaking or/and ONLY
surveillance…
surveillance in realtime or enough time to
crack encryption with high performance machines
to see the content? That’s why my bank don’t
answer properly…aha brilliant.
Ok? Wapi?
http://wifinetnews.com/archives/004907.html
I learned recently that the Chinese object to 802.11i because it includes a 128-bit
key length version of AES which they believe the NSA has the
ability to decipher. The corresponding problem with WAPI is that it is a
proprietary protocol controlled by the government which leads one to believe
that it has either a back-door or a weak known flaw in it that would allow
interception
http://news.com.com/2100-7351_3-5112832.html
WAPI adds yet another
security specification that companies will have to consider as they begin
installing Wi-Fi networks, adding further confusion to the market, according to
security experts.
By
prohibiting gear that does not use WAPI, the Chinese government is
throwing an obstacle in the way of manufacturers looking to enter the Chinese
market, they say.
http://news.com.com/China+battles+rejection+of+Wi-Fi+encryption+algorithm/2100-7351_3-6077975.html
The IEEE's
802.11i encryption standard is backed by
Wi-Fi chip leader Intel
http://www.networkcomputing.com/showArticle.jhtml?articleID=18402840&pgno=1
RSN
and WPA have a lot in common. They use the same security architecture for
upper-level authentication, key distribution and key renewal. WPA, though, is
built around TKIP (Temporal Key Integrity Protocol), which is available as a
firmware upgrade to most legacy hardware. RSN is more comprehensive and includes support for AES (Advanced Encryption
Standard), which is available only on the latest WLAN
hardware.
http://www.embedded.com/showArticle.jhtml?articleID=34400002
The resulting IEEE 802.11i amendment has many components, the most
obvious of which are the two new data-confidentiality protocols, TKIP and CCMP.
IEEE 802.11i also uses IEEE 802.1X's key-distribution system to control access
to the network. Because IEEE 802.11 handles unicast and broadcast traffic differently,
each traffic type has different security concerns. With several
data-confidentiality protocols and the key distribution, IEEE 802.11i includes
a negotiation process for selecting the correct confidentiality protocol and
key system for each traffic type. Other features introduced include key caching
and preauthentication.
http://www.embedded.com/showArticle.jhtml?articleID=34400002
CCMP is a data-confidentiality protocol that handles packet
authentication as well as encryption. For confidentiality, CCMP uses AES in
counter mode. For authentication and integrity, CCMP uses Cipher Block Chaining
Message Authentication Code (CBC-MAC). In IEEE 802.11i, CCMP uses a 128-bit
key. The block size is 128 bits. The CBC-MAC size is 8 octets, and the nonce
size is 48 bits. There are two bytes of IEEE 802.11 overhead. The CBC-MAC, the
nonce, and the IEEE 802.11 overhead make the CCMP packet 16 octets larger than
an unencrypted IEEE 802.11 packet. Although slightly slower, the larger packet
is not a bad exchange for increased security.
CCMP protects some fields that aren't encrypted. The additional parts of
the IEEE 802.11 frame that get protected are known as additional
authentication data (AAD). AAD includes the packets source and destination
and protects against attackers replaying packets to different destinations.
Between the supplicant and the authenticator, the protocol is IEEE
802.1X. The
protocol between the authenticator and authentication server isn't defined in
IEEE 802.1X nor IEEE 802.11i. However, Radius is
typically used between authenticator and authentication server.
And here the blocking switch:
The uncontrolled port is used to pass authentication traffic between the
supplicant and the authentication server. Once the authentication server concludes authentication with the
supplicant, the authentication server informs the authenticator of the successful
authentication and passes established keying material to the authenticator. At
this point, the supplicant and the
authenticator share established key material through an EAPOL-key exchange.
(EAPOL, the Extensible Authentication Protocol over LANs, comes from clause
4 of IEEE 802.1X-2001.) And if all exchanges have been successful, the authenticator allows traffic to flow through the
controlled port, giving the client to access to the network.
The
PTK gets divided into three keys. The first key is the EAPOL-key
confirmation key (KCK). The KCK is used by the EAPOL-key exchanges to
provided data origin authenticity. The second key is the EAPOL-key
encryption key (KEK). The KEK is used by the EAPOL-key exchanges to provide
for confidentiality. The third key is the temporal key, which is used by the
data-confidentiality protocols.
A
pseudorandom function gets run over the GMK and some other
parameters to create the group temporal key (GTK).
Some
of the parameters are the authenticator's MAC address and a nonce from the
authenticator for GTK creation (GNonce).
Just a simple email to kajander12345@hotmail.com
or kajander1@nodns.org Funny in mailaccount from hotmail is only
government girlies and
Nice females ala pump the backdoor
in function at telco’s and in nodns account very few not properly emailed some
Nigerian scams and so on..
http://www.japan1.freewebspace.com/postale.htm
http://www.japan1.freewebspace.com/encrypt2.htm
a forgot a simple email kajander12345@hotmail.com or kajander1@nodns.org
Is it so that International
bankcards, rfid systems, postals sortingsystems, mobiles Faxes, Phones, governments
workoffer department could be
“administrated, blacklisted or redlisted ” without
users knowledge or courtcase
Setting 1 and 0 (flags)for
persons and company’s in universal databases located where?
Blocking all of above
functionality making a person or company
not abel to work properly?
That’s what I see and
understand .. in my studies of IT & security from govs and banks and
telecom in eu at least If its
implemented without voting not ok, if done by backdoors even worse
If so it’s the
highest crime of all adding
also the no answer solution from accounting in tax and
banksystems
Which itself is an answer.
www.un.org www.police allover
the earth astomia in greek = to protect
the economical systems…?
10 years is a long time of losses for state and business…millions .time for a deal?
Noo? Aha… I wonder what my exes
and children thinks about this.
Yours sincerely Jan P Kajander