1
I couldn't find a source explaining detailed how open system authentication works.
Does open system authentication automatically generates random keys for each session?
Why it's safer than shared key?
BernardoLima
Posted 2015-11-06T19:58:55.943
Reputation: 127
2
The reason is that Open System does not have any authentication step, but setting up WEP with no authentication still leaves the client with a unuseable Connection unless the client knows the WEP key, since the WEP key is required to encrypt the packets.
The reason the Open System is safer, is that with the authentication step, any eavesdropper gets a good cipher/plain pair, that they can crack.
However, Open System would still allow a unauthorized client to associate (connect), but not Exchange any data, in some cases this might be undesired, if for example any authorative actions is performed by mere connecting to the network.
This is only valid for WEP. Also, since you use no authentication step, the client will Think the network is public, and try to associate to it without a password. You will have to set the network details manually (like you would do with a hidden network) to use a OA WEP network.
If you use WPA/WPA2, you should use a authentication step.
"Open System" is NOT to be confused with the setting "No encryption" or similiar, "Open System" is a setting that is part of wep. Sometimes, router manufacturers use "Open System" as "No encryption" setting, so only way is to test out if the network work for a unauthenticated client, eg connect and then try to surf the internet.
sebastian nielsen
Posted 2015-11-06T19:58:55.943
Reputation: 961
1
Open System Authentication does not provide Authentication it provides identification using the wireless Adapter's MAC address.
It provides identification using the wireless adapter's MAC address. Open system authentication is used when no authentication is required. It is the default authentication algorithm.
Source : https://msdn.microsoft.com/en-us/library/aa916736.aspx
Source : http://documentation.netgear.com/reference/nld/wireless/WirelessNetworkingBasics-3-08.html
pun
Posted 2015-11-06T19:58:55.943
Reputation: 5 311
You're confusing the setting "WEP/Open System" with the settting "No Encryption at all". – sebastian nielsen – 2015-11-06T20:19:25.283
Sebastian, but the source is calling it "WEP Open System Authentication". – BernardoLima – 2015-11-06T20:38:12.517
They might mean the authentication process only then. They seem to indicate it gives all users access. But you can read more here why Open is safer than shared key, if you absolutely MUST use wep: http://www.tomshardware.co.uk/forum/9705-43-authentication-open-system-shared
– sebastian nielsen – 2015-11-06T20:40:09.967
Thank you for your answer, but I don't understand, if I'm using Open System Authentication, anyone will be authenticated but no one will be able to exchange data? So even Open System Authentication requires a key? – BernardoLima – 2015-11-06T20:34:44.960
Yes. Provided that you specify a key, it should require a key. But you absolutely need to make sure it works (denying unauthorized clients any communication) by TESTING. Some routers do say "Open system" when they really mean "No encryption", and they might display the key fields but ignore any input to them. Only way to find out is to TEST! And also, its better to use WPA/WPA2 instead of wep, they are much more safer than wep without authentication – sebastian nielsen – 2015-11-06T20:38:23.473
I understand what you say, but I would like to know what the WEP protocol specifies as Open System Authentication, I mean how it's formally defined. Because I don't understand what would be the purpose of authenticating anyone if the network would still be unusable. – BernardoLima – 2015-11-06T20:41:57.200
The reason was that the encryption and authentication was different steps. The idea was that the router would Always encrypt/decrypt with same WEP key, but authentication could be done with WEP key, via username/password, via smart card, and so on. That was the intent of specifying a authentication method (no authentication/shared key authentication) separate from encryption (no encryption/wep encryption). However, WEP was depreciated quickly, and that was why no more auth methods was developed for WEP. – sebastian nielsen – 2015-11-06T20:46:06.110
http://wirelessnetworkssecurity.blogspot.se/2013/01/wep-open-key-vs-wep-shared-key.html – sebastian nielsen – 2015-11-06T20:46:32.837
I'm writing a paper, so I'm worried because some sources says it needs a key to be associated and some says that it's automatically associated. I mean, Netgear said that it automatically joins the network, do you think they are wrong? – BernardoLima – 2015-11-06T20:48:07.027
Let us continue this discussion in chat.
– sebastian nielsen – 2015-11-06T20:49:47.323