Home
Topics
Mobile Security
Mobile Authentication and Encryption
How can I calculate the value for reauthorizations for different encryption methods?

Ask the Expert

How can I calculate the value for reauthorizations for different encryption methods?

Lisa Phifer, Wireless Expert

I am kind of new to the wireless stuff and I have a question on encryption and dot1x reauthorization timers. Do you know if there is a calculator that will calculate the value for reauthorizations for the different encryption methods? It is my understanding that the Achilles heel for encryption is the reuse of keys. For example, I would like to know if I am using TKIP with an 11MB connection that is 50% utilized, how many packets would be sent before the key is reused?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

Encryption key reuse WAS the big problem for WEP. WEP combined a static key with a 24-bit initialization vector; that's 16,777,216. At 802.11b data rates, a fully utilized WLAN could theoretically send that many frames in an hour. Some implementations made this worse by starting the IV from the same value, guaranteeing (IV+key) reuse.

Dynamic WEP (WEP with 802.1X) avoids this by refreshing keys before the IV space is exhausted. Appropriate refresh intervals should be determined by looking at actual frame counts in your WLAN.

Encryption keys are never re-used by TKIP. TKIP combines a temporal key, the transmitter's address and TKIP Sequence Counter (TSC) to generate per-packet keys. If the TSC is exhausted, the standard requires communication to be discontinued or the temporal key to be regenerated. The TSC is 48 bits long, or 281,474,976,710,656. That's a very large number of frames. How long will it take for your WLAN to generate this many frames? At 802.11b data rates, you're talking many years.

The 802.11i standard specifies a maximum lifetime for temporal keys, defined as the minimum of any configured Pairwise Master Key Lifetime and any session timeout carried by RADIUS accept messages returned via 802.1X. That lifetime can cause the temporal key to be refreshed at regular intervals. But you don't need to set that lifetime based on TKIP key reuse. Think in terms of how long a user should really be authorized before requiring reauthentication.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in August 2004

Back to top

More from Related TechTarget Sites

Unified Communications
Networking
Telecom
Networking Channel
CRM
Data Management

Unified Communications
- What's the difference between bits and bytes specific to telephony?
  
  The differences between bits and bytes specific to telephony equipment is explained by UC strategies expert Matt Brunk in this expert response.
- Startup Pexip introduces software-based video conferencing bridge
  
  Pexip Infinity is a subscription-based, virtualized video conferencing bridge from the founders of Tandberg.
- The truth about mobile UC&C uptake
  
  As much as vendors tout their mobile UC&C clients, adoption is still very low. Find out why and what could make true solutions meaningful.
Networking
- Marble Security's cloud-based mobile security service augments MDM
  
  Marble Security released its new cloud-based mobile security service that can work with MDM tools for protection of employee-owned mobile devices.
- New VMS feature enables big spines of Mellanox Ethernet ToR switches
  
  A new Layer 3-based Virtual Modular Switch feature on top-of-rack Ethernet switches from Mellanox enables large clusters for leaf-spine architecture.
- Mobile service providers are target of F5 firewall product
  
  F5 has engineered a mobile provider firewall software that takes an application-specific approach.
Telecom
- Smartphone adoption spurs advanced services demand in Latin America
  
  Latin American smartphone adoption is more robust than North America's, and the consumers are more mobile-friendly than their peers in developed economies.
- Need for wireless network upgrade is key AT&T/T-Mobile driver
  
  Rising demand for high-quality network service delivery will require operators to undertake a massive wireless network upgrade, driving deals like the AT&T/T-Mobile acquisition.
- Video: ACG Research dissects telecom routing and switching market
  
  In this ACG Research HotSeat video, Managing Partner Ray Mota gives viewers a quarterly update on the telecom service provider routing and switching market.
Networking Channel
- Aruba Networks Partner Program Checklist
  
  Value-added resellers and service providers interested in reselling Aruba networking hardware and software can learn the benefits of becoming an Aruba Networks partner with this standardized checklist. Compare Aruba's reseller partner program with other vendors' offering similar products.
- NetScout Systems Partner Program Checklist
  
  Learn the benefits of becoming a NetScout Systems reseller partner with our Partner Program Checklist.
- Visage Mobile Partner Program Checklist
  
  Learn the benefits of becoming a Visage Mobile reseller partner with our Partner Program Checklist.
CRM
- The Salesforce acquisition of ExactTarget: What to expect now
  
  Salesforce's acquisition of digital marketing software firm ExactTarget is virtually a done deal. Find out what customers can expect for the future.
- CRM trends: Customer engagement, free range agents and more
  
  Fresh from the ACCE conference, Lena J. Weiner reports on multiple exciting trends in CRM, including automated and social CRM.
- Former DJ helps businesses do customer engagement like rock stars
  
  Former Houston DJ Dayna Steele wants you to know that customer engagement has more to do with rock n' roll than you might think.
Data Management
- Events report: Information Builders Summit 2013, graph databases and more
  
  SearchDataManagement editors discuss the Information Builders user conference and two other events; topics include graph databases and 'data artists.'
- From 4GLs to HTML5 desktop apps: Bringing data to the masses
  
  Advocating wider access to data, speakers at the Information Builders Summit 2013 traced a journey from 4GL tools to HTML5 desktop apps and beyond.
- Enterprise data quality efforts in good company with MDM, governance
  
  Combining data quality initiatives with master data management and data governance programs can help ensure that data remains accurate and consistent.

All Rights Reserved,Copyright 2003 - 2013, TechTarget