Thread: Which encryption to use?

  1. #1

    Join Date
    May 2005
    Posts
    1,042

    Which encryption to use?

    I just got a different router and it supports a bunch of different security measures. I've been reading up on their pros/cons on wiki so I have a rough idea of the differences between the options. I just want something that provides some measure of safety but isn't too difficult to get working (or fix in the event that something resets when I'm not home, this is my parents house).

    The options available for my router are:

    WEP (which I guess you shouldn't really use anymore), 802.1x and RADIUS (this seems promising?), WPA-PSK, WPA, WPA2-PSK(AES), WPA2-AES, WPA-PSK/WPA2-PSK, WPA1/WPA2.

    That's the list copied from the router's config page. Any suggestions?
    I'm not immature, I'm refined in the opposite direction.

  2. #2
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    28,413
    I did some reading about this myself some time ago, and came to the conclusion that for a home network, WPA2-PSK (AES) should suffice, unless you have some rather old network devices. You should choose a strong passphrase to share.
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  3. #3
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    I don't use any crypto on my home wireless network. Anything worth hiding is going over HTTPS already. And I want other people to be able to use my access point.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  4. #4
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,660
    > And I want other people to be able to use my access point.
    Ah yes, until the likes of RIAA come knocking for all the illegal music downloads traced to your IP address. But it'll be you who's facing the music, rather than listening to it.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

  5. #5
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    Quote Originally Posted by Salem View Post
    > And I want other people to be able to use my access point.
    Ah yes, until the likes of RIAA come knocking for all the illegal music downloads traced to your IP address. But it'll be you who's facing the music, rather than listening to it.
    I'm not changing what I do just because of a roaming band of psychotics. If I take some huge fine because of an IP address showing up in a log somewhere (and nothing else, since I don't even listen to RIAA-made crap much less download it) then there will be another injustice in the world, I suppose.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  6. #6
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    28,413
    Quote Originally Posted by brewbuck
    I don't use any crypto on my home wireless network. Anything worth hiding is going over HTTPS already.
    You're in good company.

    Quote Originally Posted by brewbuck
    And I want other people to be able to use my access point.
    I don't, and like at least one other mere mortal, I do not quite buy Schneier's argument (which is similiar to yours).
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  7. #7
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    Anyway, if you use any sort of encryption and therefore password on your wireless, you need to at least explain to your parents how to factory-reset the thing so that, if you go on extended hiatus and it borks itself, they can at least use their Internet until you get back.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  8. #8
    Dr Dipshi++ mike_g's Avatar
    Join Date
    Oct 2006
    Location
    On me hyperplane
    Posts
    1,218
    Well they could not prove anything even if they wanted to, in the UK that is, as only commercial access points need to be encrypted by law. I doubt they would be able to seize you computer either.

    Personally, I use WPA2 because WEP < WPA and 1 < 2. dont know much else about it really.

  9. #9
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,660
    How about a different band of roaming psychotics?
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

  10. #10
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    Quote Originally Posted by Salem View Post
    How about a different band of roaming psychotics?
    I don't see how a network of unsecured access points is less secure than the open Internet. On the 'net, anybody can get to your IP address anyway (of course there are firewalls, but you can set those up on a home network as well while still leaving WiFi open). If open WiFi was a vector for the spread of a virus, it's no more so than the Internet as a whole. The security has to be at the host level, no matter what protocol you're using.

    WiFi encryption is only useful for hiding the data you are transmitting, since anybody can sniff it. It's not a substitute for strong host security.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  11. #11

    Join Date
    May 2005
    Posts
    1,042
    Quote Originally Posted by laserlight View Post
    I did some reading about this myself some time ago, and came to the conclusion that for a home network, WPA2-PSK (AES) should suffice, unless you have some rather old network devices. You should choose a strong passphrase to share.
    Okay cool, I'll probably go with that then. Thank you for the feedback.
    I'm not immature, I'm refined in the opposite direction.

  12. #12
    Devil's Advocate SlyMaelstrom's Avatar
    Join Date
    May 2004
    Location
    Out of scope
    Posts
    4,079
    Quote Originally Posted by mike_g View Post
    WEP < WPA
    His logic is purely in terms of their ASCII values, too, ladies and gentleman.
    Last edited by SlyMaelstrom; 03-02-2009 at 12:20 AM.
    Sent from my iPadŽ

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 16
    Last Post: 11-23-2007, 01:48 PM
  2. help needed with edit control & encryption
    By willc0de4food in forum Windows Programming
    Replies: 2
    Last Post: 03-16-2006, 08:21 PM
  3. abt encryption algorithm
    By purIn in forum C Programming
    Replies: 9
    Last Post: 12-22-2003, 10:16 PM
  4. What's wrong with my Stream Cipher Encryption?
    By Davros in forum C++ Programming
    Replies: 3
    Last Post: 04-18-2002, 09:51 PM
  5. File Encryption & Read/Write in Binary Mode
    By kuphryn in forum C++ Programming
    Replies: 5
    Last Post: 11-30-2001, 06:45 PM