Wednesday, Nov 18, 2015 11:04 AM Henning Rogge wrote: > On Wed, Nov 18, 2015 at 4:46 PM, Ted Lemon <mel...@fugue.com> wrote: >> WPA2, at least in PSK mode, does not provide confidentiality from attackers >> who have the PSK. WPA isn't even as good as WPA2. I think relying on >> this level of security makes sense if we have no alternative, but in no >> other case. > > I don't think DTLS with PSK is much better than WPA2 with PSK...
I bought this argument when I first saw it, but when reading Stephen's comment just now (arguing that PSK should be MTI) I realized that I was wrong. The PSK in the case of HNCP is being shared amongst infrastructure devices, _not_ amongst end users, unlike the WPA2 PSK, which everybody using the network must know. So while it is certainly _possible_ for the PSK to be vulnerable in the way you describe, it is not _necessary_ for it to be vulnerable in that way, and therefore even the DTLS/PSK mode of secure HNCP is preferable to no security at all. -- Sent from Whiteout Mail - https://whiteout.io My PGP key: https://keys.whiteout.io/mel...@fugue.com
pgpeA8ULKEAoW.pgp
Description: PGP signature
_______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
