Whooo! Got my wireless working! Now, a question about encryption...

[Ned Pointsman]

Wise words !!

Lobster's recommendation up the page is perfect for generating both the PSK and the SSID. Change em both once a month and jobs a good un. Because you're using a random PSK and SSID, it leaves your attackers facing a brute force assult. Not practical at this moment in time.

Won't WPA-TKIP do something similar on the proverbial fly ?

 

[Boris Sprinkler]

nope.

 

[Ned Pointsman]

<checks>

Yep.

 

[Radar]

<checks>

Yep.

Nope

The clue is in the name.. TKIP = Temporal Key Integrity Protocol.

Temporal - enduring for a time only; temporary; transitory.

The key that is managed by TKIP is a per frame key, and changes as each frame is sent. It's derivable from the PSK (it has to be as each end has to be able to derive the same key otherwise the decryption would fail)

What we're talking about is an automatic method to generate and distribute the PSK and SSID values. We want this as its good practice and makes dictionary attacks pointless and brute force attacks very computationally expensive as the temp keys used are derived from the PSK and SSID in use at that time. As the SSID has changed, any keys generated previously are now useless.