Hi Team,On of my customers connected the MC35 to the Non-Moto Access Point,the Authentication was "Shared",the Data Encryption was "Wep" , the MC35 could connected the AP smoothly.
But When I used the MC9090_CE5.0 to test, I could not find the "Shared" option from Authentication menu.
Even I have upgraded the Fusion to the 2.57.0.0.021B
Any experience can be participated?
ThanksFrancisco
3 Replies
Francisco, David is exactly correct on the security view of Shared Authentication. You can also add to your discussions with your customer that this form of authentication is optional for Wi-Fi interoperability. Vendors are not required to support it to be considered interoperable. If you need additional discussion points for use with your customer- consider the following resources:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186…; look to the "Accept Authentication Type" portion of the configuration instructions and you will see Cisco's own simple comment on the issue, "Note: This query can leave the AP open to a known-text attack from intruders. Therefore, this setting is not as secure as the Open setting." Cisco training and design books explore the detail, but this is the basic concern.
http://www.aircrack-ng.org/doku.php?id=shared_key This will give you a view from those out looking for information on a network.
http://www.networkworld.com/research/2002/0909wepprimer.html Here you can see a quote on the issue from a pure knowledge article perspective, "Shared Key authentication involves demonstrating the knowledge of the shared WEP key by encrypting a challenge. The problem is that a monitoring attacker can observe the challenge and the encrypted response."
The only reason MC35 has that option, is that MC35 uses the default Microsoft zero-config WiFi options, since Fusion was not implemented on that product.
Hi Francisco, No Fusion version supports "Shared" authentication. Shared authentication is actually not secure. It opens up a loop hole that makes it even worse than running WEP with open authentication. For this reason, Symbol/Motorola never implemented it in our clients. The issue with shared authentication is that it makes use of the WEP key to encrypt a clear text challenge. This makes it easy for a potential intruder to see a clear and encrypted version of the same text and figure out the WEP key. Although WEP itself is also not secure, the vulnerability to WEP with Shared Auth has been known long before WEP with Open was cracked, and thus has never been implemented in Fusion.