Protected WLAN

[Patrick O'Callaghan]

On Sat, 2011-05-21 at 17:45 -0700, James McKenzie wrote:
> On 5/20/11 3:54 PM, Patrick O'Callaghan wrote:
> > On Fri, 2011-05-20 at 14:20 +0000, g wrote:
> > I know it extremely well, having taught it in undergrad CS courses.
> >
> Most of us out here that lived through that mess are very well versed in 
> the history and arrest of Phil.  There was a fund to help pay for his 
> defense.
> > I have completely lost track of whatever point it was you were trying to
> > make. PGP has nothing whatever to do with Wifi security in the sense of
> > this thread.
> >
> Cryptographic algorithms and making their internal workings public.  
> BTW, there are TWO versions of PGP, one that uses the still patented RSA 
> front end and the other uses IDEA.  Guess which one is stronger and 
> costs money to use and is ILLEGAL to export outside of the United 
> States?  That is why I LOVE the ability to bring things into the United 
> States that basically make some points moot.

IANL, but I think you are misinformed. Notwithstanding the historical
situation, no implementation of PGP (or GPG) is currently illegal to
export from the US, with the exception of a short list of countries with
whom virtually all trade is illegal.

> The point is that the WPA-2 and AES products are fully documented.  
> Breaking them is basically against the law for several reasons.

WPA2 and AES are algorithms, not products. Breaking them or attempting
to break them is *not* illegal. Crypto conferences regularly address
possible weaknesses in crypto algorithms, as do the refereed journals in
the field, some of which are published in the US.

Attempting to circumvent controls in specific products which use
cryptographic techniques for copyright protection may be in violation of
the DMCA, but that's a different story, and has nothing to do with
protection of Wifi networks.

poc