On 06.07.2004 15:25 +0100, Peter Curran wrote:
> I think encyrption is intriguing as a solution to the
> confidentiality issues, but as they are using DES on the Netgear
> stuff I assume that you have to pre-configure all the devices with
> a shared key. As this tends to be derived from a passord it could
> be relatively easy to attack.
I did a little analysis of HomePlug powerline networking about a year
ago. The password hashing is done as per PBKDF1 - it involves using
MD5 1000 times, so with the usual password precautions in place, the
resulting 56-bit DES key should be good. Also, provided that the
implementation in HomePlug doesn't suffer from similar flaws as WEP,
56-bit encryption is IMHO enough for home users. I mean, it's not
like you can brute-force-search a 56-bit key in a useful amount of
time with only a few PCs at hand...