Dell PowerConnect W-AP105 Руководство - Страница 34

Просмотреть онлайн или скачать pdf Руководство для Переключатель Dell PowerConnect W-AP105. Dell PowerConnect W-AP105 45 страниц. Powerconnect w-ap104 and w-ap105 access points
Также для Dell PowerConnect W-AP105: Руководство (10 страниц), Руководство по установке (2 страниц), Технические характеристики (2 страниц), Технические характеристики (2 страниц), Технические характеристики (4 страниц), Руководство по установке (2 страниц)

Dell PowerConnect W-AP105 Руководство
Authentication
Mechanism Strength
Mechanism
Wireless Client
For WPA2-PSK there are at least 95^16 (=4.4 x 10^31) possible
WPA2-PSK
combinations. In order to test a guessed key, the attacker must complete the
(Wireless Client
4-way handshake with the AP. Prior to completing the 4-way handshake, the
role)
attacker must complete the 802.11 association process. That process involves
the following packet exchange:
Total bytes sent: at least 140. Note that since we do not include the actual 4-
way handshake, this is less than half the bytes that would actually be sent, so
the numbers we derive will absolutely bound the answer.
The theoretical bandwidth limit for IEEE 802.11n is 300Mbit, which is
37,500,000 bytes/sec. In the real world, actual throughput is significantly less
than this, but we will use this idealized number to ensure that our estimate is
very conservative.
This means that the maximum number of associations (assume no delays, no
inter-frame gaps) that could be completed is less than 37,500,000/214 =
267,857 per second, or 16,071,429 associations per minute. This means that
an attacker could certainly not try more than this many keys per second (it
would actually be MUCH less, due to the added overhead of the 4-way
handshake in each case), and the probability of a successful attack in any 60
second interval MUST be less than 16,071,429/(4.4 x 10^31), or roughly 1 in
10^25, which is much less than 1 in 10^5.
Mesh AP WPA2
Same as Wireless Client WPA2-PSK above
PSK (User role)
RSA Certificate
The module supports RSA 1024 bit keys and 2048-bit RSA keys. RSA 1024
based authentication
bit keys correspond to 80 bits of security. The probability of a successful
(CO role)
random attempt is 1/(2^80), which is less than 1/1,000,000. The probability of
a success with multiple consecutive attempts in a one-minute period is less
than 1/100,000.
Attacker sends Authentication request (at least 34 bytes)
AP sends Authentication response (at least 34 bytes)
Attacker sends Associate Request (at least 36 bytes)
AP sends Associate Response (at least 36 bytes)
34