Does the length of a password for Wi-Fi affect speed?Recommend Length for Wi-FI PSK?Reducing password length with hash functionWhat are the implications of an overly-restrictive password policy?Are partially typed passwords a potential security risk?Is limiting/cutting password-length without notice insecure?Identify a user using random characters of the passwordIs there a convenient way for a CS representative to verify the caller's id without compromising security (too much)?Why is there a Cap on Password length?What's the best length for randomly generated passwords? (Security vs. compatibility)Does the password goes weaker as they get longer since hash has a fixed length?
Will some rockets really collapse under their own weight?
Output with the same length always
Why should P.I be willing to write strong LOR even if that means losing a undergraduate from his/her lab?
May the tower use the runway while an emergency aircraft is inbound?
What's the relationship betweeen MS-DOS and XENIX?
What modifiers are added to the attack and damage rolls of this unique longbow from Waterdeep: Dragon Heist?
How do the Durable and Dwarven Fortitude feats interact?
What does a comma signify in inorganic chemistry?
Is this bar slide trick shown on Cheers real or a visual effect?
Which manga depicts Doraemon and Nobita on Easter Island?
How do I answer an interview question about how to handle a hard deadline I won't be able to meet?
Unsolved Problems due to Lack of Computational Power
Programming a recursive formula into Mathematica and find the nth position in the sequence
Polar contour plot in Mathematica?
Regression when x and y each have uncertainties
Eric Andre had a dream
A reccomended structured approach to self studying music theory for songwriting
Pocket Clarketech
How to render "have ideas above his station" into German
C++ Least cost swapping 2
Build a mob of suspiciously happy lenny faces ( ͡° ͜ʖ ͡°)
Why should I pay for an SSL certificate?
Is it alright to say good afternoon Sirs and Madams in a panel interview?
How could Tony Stark wield the Infinity Nano Gauntlet - at all?
Does the length of a password for Wi-Fi affect speed?
Recommend Length for Wi-FI PSK?Reducing password length with hash functionWhat are the implications of an overly-restrictive password policy?Are partially typed passwords a potential security risk?Is limiting/cutting password-length without notice insecure?Identify a user using random characters of the passwordIs there a convenient way for a CS representative to verify the caller's id without compromising security (too much)?Why is there a Cap on Password length?What's the best length for randomly generated passwords? (Security vs. compatibility)Does the password goes weaker as they get longer since hash has a fixed length?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I work at a place that gives Wi-Fi to all the customers, with a password that is 19 characters long. A customer came in and claimed that because the password is long, it slows down the internet speed. Is there any truth to this claim?
passwords wifi performance
edited Aug 8 at 4:57
unor
1,0731 gold badge14 silver badges33 bronze badges
asked Aug 5 at 21:06
user213838user213838
4461 gold badge2 silver badges4 bronze badges
|
show 8 more comments
I work at a place that gives Wi-Fi to all the customers, with a password that is 19 characters long. A customer came in and claimed that because the password is long, it slows down the internet speed. Is there any truth to this claim?
passwords wifi performance
edited Aug 8 at 4:57
unor
1,0731 gold badge14 silver badges33 bronze badges
asked Aug 5 at 21:06
user213838user213838
4461 gold badge2 silver badges4 bronze badges
69
It's worth noting that if the speed of your connection were affected by the length of the password, it would be a very very bad sign about the security of the wireless network connections.
– Pavel
Aug 6 at 8:50
32
Did the customer ever explain where (s)he got this idea from? I'm curious to know
– BlueCacti
Aug 6 at 8:55
61
Is there any possibility that the customer meant "speed to access (i.e., connect to) the Internet"? That would be a much more logical conclusion.
– xLeitix
Aug 6 at 9:52
15
Non-technical customers have all kinds of weird beliefs about computers.
– dr01
Aug 6 at 11:41
51
It certainly makes signing in slower.
– Dave Newton
Aug 6 at 12:34
|
show 8 more comments
I work at a place that gives Wi-Fi to all the customers, with a password that is 19 characters long. A customer came in and claimed that because the password is long, it slows down the internet speed. Is there any truth to this claim?
passwords wifi performance
edited Aug 8 at 4:57
unor
1,0731 gold badge14 silver badges33 bronze badges
asked Aug 5 at 21:06
user213838user213838
4461 gold badge2 silver badges4 bronze badges
I work at a place that gives Wi-Fi to all the customers, with a password that is 19 characters long. A customer came in and claimed that because the password is long, it slows down the internet speed. Is there any truth to this claim?
passwords wifi performance
passwords wifi performance
edited Aug 8 at 4:57
unor
1,0731 gold badge14 silver badges33 bronze badges
asked Aug 5 at 21:06
user213838user213838
4461 gold badge2 silver badges4 bronze badges
edited Aug 8 at 4:57
unor
1,0731 gold badge14 silver badges33 bronze badges
asked Aug 5 at 21:06
user213838user213838
4461 gold badge2 silver badges4 bronze badges
edited Aug 8 at 4:57
unor
1,0731 gold badge14 silver badges33 bronze badges
edited Aug 8 at 4:57
unor
1,0731 gold badge14 silver badges33 bronze badges
edited Aug 8 at 4:57
unor
1,0731 gold badge14 silver badges33 bronze badges
1,0731 gold badge14 silver badges33 bronze badges
asked Aug 5 at 21:06
user213838user213838
4461 gold badge2 silver badges4 bronze badges
asked Aug 5 at 21:06
user213838user213838
4461 gold badge2 silver badges4 bronze badges
asked Aug 5 at 21:06
user213838user213838
4461 gold badge2 silver badges4 bronze badges
4461 gold badge2 silver badges4 bronze badges
69
It's worth noting that if the speed of your connection were affected by the length of the password, it would be a very very bad sign about the security of the wireless network connections.
– Pavel
Aug 6 at 8:50
32
Did the customer ever explain where (s)he got this idea from? I'm curious to know
– BlueCacti
Aug 6 at 8:55
61
Is there any possibility that the customer meant "speed to access (i.e., connect to) the Internet"? That would be a much more logical conclusion.
– xLeitix
Aug 6 at 9:52
15
Non-technical customers have all kinds of weird beliefs about computers.
– dr01
Aug 6 at 11:41
51
It certainly makes signing in slower.
– Dave Newton
Aug 6 at 12:34
|
show 8 more comments
69
It's worth noting that if the speed of your connection were affected by the length of the password, it would be a very very bad sign about the security of the wireless network connections.
– Pavel
Aug 6 at 8:50
32
Did the customer ever explain where (s)he got this idea from? I'm curious to know
– BlueCacti
Aug 6 at 8:55
61
Is there any possibility that the customer meant "speed to access (i.e., connect to) the Internet"? That would be a much more logical conclusion.
– xLeitix
Aug 6 at 9:52
15
Non-technical customers have all kinds of weird beliefs about computers.
– dr01
Aug 6 at 11:41
51
It certainly makes signing in slower.
– Dave Newton
Aug 6 at 12:34
69
69
It's worth noting that if the speed of your connection were affected by the length of the password, it would be a very very bad sign about the security of the wireless network connections.
– Pavel
Aug 6 at 8:50
It's worth noting that if the speed of your connection were affected by the length of the password, it would be a very very bad sign about the security of the wireless network connections.
– Pavel
Aug 6 at 8:50
32
32
Did the customer ever explain where (s)he got this idea from? I'm curious to know
– BlueCacti
Aug 6 at 8:55
Did the customer ever explain where (s)he got this idea from? I'm curious to know
– BlueCacti
Aug 6 at 8:55
61
61
Is there any possibility that the customer meant "speed to access (i.e., connect to) the Internet"? That would be a much more logical conclusion.
– xLeitix
Aug 6 at 9:52
Is there any possibility that the customer meant "speed to access (i.e., connect to) the Internet"? That would be a much more logical conclusion.
– xLeitix
Aug 6 at 9:52
15
15
Non-technical customers have all kinds of weird beliefs about computers.
– dr01
Aug 6 at 11:41
Non-technical customers have all kinds of weird beliefs about computers.
– dr01
Aug 6 at 11:41
51
51
It certainly makes signing in slower.
– Dave Newton
Aug 6 at 12:34
It certainly makes signing in slower.
– Dave Newton
Aug 6 at 12:34
|
show 8 more comments
4 Answers
4
active
oldest
votes
No.
This is because your password is converted to a cryptographic key which is of fixed length (128 bits). For any length of password, the corresponding crypto generated key (CMAC) would be of fixed size. Many other parameters such as the client and server id, large random values provided by client and server are used to calculate this CMAC.
Encryption and decryption uses this fixed length CMAC.
answered Aug 6 at 6:36
Rohith K DRohith K D
9591 gold badge4 silver badges10 bronze badges
5
Another answer mentions 256 bits, so what is correct?
– Jakuje
Aug 6 at 12:40
13
The other answer by @Gene mentions the process in more details. Pairwise Transient Key (PTK) generated in 4-way handshake is splitted into multiple keys. One of the resulted 128 bit key named Temporal Key is used for encrypting data frames. The KEK and KCK generated are used to protect handshake messages.
– Rohith K D
Aug 6 at 13:12
add a comment |
Short version: No, it does not. Your password is turned into a fixed-length 256-bit key (the "PSK" in WPA2-PSK), which is further turned into fixed-length temporary keys during the initial "handshake". These temporary keys are the ones used during the actual encryption, and usually change periodically.
No matter what your password, the underlying keys are fixed-length. Therefore, connection speed is unaffected by the password.
The password and the SSID are boiled down by a key derivation function (PBKDF2 for WPA2-PSK), from which we want 256 bits.
This key, called a PMK (Pairwise Master Key) is always 256 bits regardless of password length.
It is then used (along with nonces aNonce, sNonce and MAC addresses) in a 4-way handshake to generate the 512-bit Pairwise Transient Key (PTK), which is then split into multiple keys:
- 128-bit Temporal Key (TK) - Encrypts data itself
- 128-bit Key Encryption Key (KEK) - Encrypts keys (e.g. GTK) during transfer
- 128-bit Key Confirmation Key (KCK) - Involved in EAPoL MIC (part of authentication)
- 64-bit RX and TX keys, used for message integrity codes (MIC) on data frames
These multiple keys change periodically and are, again, fixed length regardless of the password. Specifically, your data is always encrypted by the Temporal Key (TK) and signed off by the TX/RX keys, which are always 128 bits and 64 bits respectively regardless of password length.
Password -> [PMK -> PTK -> Encryption keys]. Items in brackets are fixed length.
*GTK not discussed. Essentially the same as PTK, but multicast/broadcast, sans KCK KEK.
answered Aug 6 at 7:00
Gene Dela RosaGene Dela Rosa
8357 silver badges13 bronze badges
4
if by AKA you mean "also known as" please spell it out as it kind of appears to be yet another encryption acronym.
– CGCampbell
Aug 6 at 13:33
Just to be clear: the derivation of the 128 bit PSK is also constant time, right? An 8 character password (shortest allowed) takes equally long to derive a PSK as a 64 character password?
– Nzall
Aug 6 at 14:30
1
@CGCampbell I bet just 'aka' in lower case would be good enough.
– Spencer
Aug 7 at 14:04
add a comment |
Password verification process is not linked to the connection speed. So the answer is no, the speed is not affected.
edited Aug 6 at 7:00
Community♦
1
answered Aug 5 at 21:09
marcusaureliusmarcusaurelius
3671 silver badge4 bronze badges
18
No sources make this a poor answer, down-voted
– Cloud
Aug 6 at 10:21
12
@Joe I dunno, the other answers are able to motivate why the answer is "no" just fine...
– marcelm
Aug 6 at 10:32
1
@marcelm IMHO explaining how each process works is out of scope here. The important part is that password verification is a punctual ( whatever how it is done) check, and therefore doesn’t affect the speed. I tried to answer simply to a simple question that didn’t seem to require technical depth in both concepts.
– marcusaurelius
Aug 6 at 12:09
14
@marcusaurelius Stack Q&A aren't here only to answer the question, but also to help others searching for answers to their own questions. The more details you get, the more helpful your answer will be and the more people you'll help.
– Zoma
Aug 6 at 13:00
8
@marcusaurelius I disagree that such explanations are out of scope. But, more importantly, I think answers stating something as fact without backing that up aren't particularly helpful. It may not be necessary to detail the entire process, but I feel it would be better to mention the names of some relevant steps of the process, or provide links to sources with a more in-depth explanation. This way readers can verify your answer, or learn more if they so desire. Quoting the help center: "Brevity is acceptable, but fuller explanations are better."
– marcelm
Aug 6 at 17:12
|
show 5 more comments
No.
When discussing this it is important to note that there are many links between your device and the server it is connecting to. Each link in that path has its own throughput rate and is limited in a variety of ways - none of which have to do with a password length.
Each physical medium, WiFi, Ethernet, Microwave, Fiber, have data rates associated with them. The devices at each end of the links also have limitations both physical and through the software controlling them. But once again, none of those limitations have anything to do with the length of a password.
Physical conditions are the only other things that can limit link rates. For wireless links, the RF conditions rule. For Fiber, it can depends on the laser, the bending of the fiber, the cleave of the ends, etc. For wires, it depends on the connectors, the cable, etc. And again, the password length has nothing to do with these conditions.
The customer may have been confusing password length with key length. But even then, computers are so fast and the implementations so efficient, users are not going to notice the latency associated with those algorithms.
My company, for example, uses AES-256 to do real-time video encryption and decryption at more than 20Mbps with an end to end latency of less than 60ms. The encryption is a very minor part of that 60ms. The encoding and decoding of the H.264 and H.265 (HVEC) video is by far more computationally intensive than the encryption.
answered Aug 6 at 17:18
Tracy CramerTracy Cramer
8185 silver badges10 bronze badges
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f214717%2fdoes-the-length-of-a-password-for-wi-fi-affect-speed%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
No.
This is because your password is converted to a cryptographic key which is of fixed length (128 bits). For any length of password, the corresponding crypto generated key (CMAC) would be of fixed size. Many other parameters such as the client and server id, large random values provided by client and server are used to calculate this CMAC.
Encryption and decryption uses this fixed length CMAC.
answered Aug 6 at 6:36
Rohith K DRohith K D
9591 gold badge4 silver badges10 bronze badges
5
Another answer mentions 256 bits, so what is correct?
– Jakuje
Aug 6 at 12:40
13
The other answer by @Gene mentions the process in more details. Pairwise Transient Key (PTK) generated in 4-way handshake is splitted into multiple keys. One of the resulted 128 bit key named Temporal Key is used for encrypting data frames. The KEK and KCK generated are used to protect handshake messages.
– Rohith K D
Aug 6 at 13:12
add a comment |
No.
This is because your password is converted to a cryptographic key which is of fixed length (128 bits). For any length of password, the corresponding crypto generated key (CMAC) would be of fixed size. Many other parameters such as the client and server id, large random values provided by client and server are used to calculate this CMAC.
Encryption and decryption uses this fixed length CMAC.
answered Aug 6 at 6:36
Rohith K DRohith K D
9591 gold badge4 silver badges10 bronze badges
5
Another answer mentions 256 bits, so what is correct?
– Jakuje
Aug 6 at 12:40
13
The other answer by @Gene mentions the process in more details. Pairwise Transient Key (PTK) generated in 4-way handshake is splitted into multiple keys. One of the resulted 128 bit key named Temporal Key is used for encrypting data frames. The KEK and KCK generated are used to protect handshake messages.
– Rohith K D
Aug 6 at 13:12
add a comment |
No.
This is because your password is converted to a cryptographic key which is of fixed length (128 bits). For any length of password, the corresponding crypto generated key (CMAC) would be of fixed size. Many other parameters such as the client and server id, large random values provided by client and server are used to calculate this CMAC.
Encryption and decryption uses this fixed length CMAC.
answered Aug 6 at 6:36
Rohith K DRohith K D
9591 gold badge4 silver badges10 bronze badges
No.
This is because your password is converted to a cryptographic key which is of fixed length (128 bits). For any length of password, the corresponding crypto generated key (CMAC) would be of fixed size. Many other parameters such as the client and server id, large random values provided by client and server are used to calculate this CMAC.
Encryption and decryption uses this fixed length CMAC.
answered Aug 6 at 6:36
Rohith K DRohith K D
9591 gold badge4 silver badges10 bronze badges
answered Aug 6 at 6:36
Rohith K DRohith K D
9591 gold badge4 silver badges10 bronze badges
answered Aug 6 at 6:36
Rohith K DRohith K D
9591 gold badge4 silver badges10 bronze badges
answered Aug 6 at 6:36
Rohith K DRohith K D
9591 gold badge4 silver badges10 bronze badges
9591 gold badge4 silver badges10 bronze badges
5
Another answer mentions 256 bits, so what is correct?
– Jakuje
Aug 6 at 12:40
13
The other answer by @Gene mentions the process in more details. Pairwise Transient Key (PTK) generated in 4-way handshake is splitted into multiple keys. One of the resulted 128 bit key named Temporal Key is used for encrypting data frames. The KEK and KCK generated are used to protect handshake messages.
– Rohith K D
Aug 6 at 13:12
add a comment |
5
Another answer mentions 256 bits, so what is correct?
– Jakuje
Aug 6 at 12:40
13
The other answer by @Gene mentions the process in more details. Pairwise Transient Key (PTK) generated in 4-way handshake is splitted into multiple keys. One of the resulted 128 bit key named Temporal Key is used for encrypting data frames. The KEK and KCK generated are used to protect handshake messages.
– Rohith K D
Aug 6 at 13:12
5
5
Another answer mentions 256 bits, so what is correct?
– Jakuje
Aug 6 at 12:40
Another answer mentions 256 bits, so what is correct?
– Jakuje
Aug 6 at 12:40
13
13
The other answer by @Gene mentions the process in more details. Pairwise Transient Key (PTK) generated in 4-way handshake is splitted into multiple keys. One of the resulted 128 bit key named Temporal Key is used for encrypting data frames. The KEK and KCK generated are used to protect handshake messages.
– Rohith K D
Aug 6 at 13:12
The other answer by @Gene mentions the process in more details. Pairwise Transient Key (PTK) generated in 4-way handshake is splitted into multiple keys. One of the resulted 128 bit key named Temporal Key is used for encrypting data frames. The KEK and KCK generated are used to protect handshake messages.
– Rohith K D
Aug 6 at 13:12
add a comment |
Short version: No, it does not. Your password is turned into a fixed-length 256-bit key (the "PSK" in WPA2-PSK), which is further turned into fixed-length temporary keys during the initial "handshake". These temporary keys are the ones used during the actual encryption, and usually change periodically.
No matter what your password, the underlying keys are fixed-length. Therefore, connection speed is unaffected by the password.
The password and the SSID are boiled down by a key derivation function (PBKDF2 for WPA2-PSK), from which we want 256 bits.
This key, called a PMK (Pairwise Master Key) is always 256 bits regardless of password length.
It is then used (along with nonces aNonce, sNonce and MAC addresses) in a 4-way handshake to generate the 512-bit Pairwise Transient Key (PTK), which is then split into multiple keys:
- 128-bit Temporal Key (TK) - Encrypts data itself
- 128-bit Key Encryption Key (KEK) - Encrypts keys (e.g. GTK) during transfer
- 128-bit Key Confirmation Key (KCK) - Involved in EAPoL MIC (part of authentication)
- 64-bit RX and TX keys, used for message integrity codes (MIC) on data frames
These multiple keys change periodically and are, again, fixed length regardless of the password. Specifically, your data is always encrypted by the Temporal Key (TK) and signed off by the TX/RX keys, which are always 128 bits and 64 bits respectively regardless of password length.
Password -> [PMK -> PTK -> Encryption keys]. Items in brackets are fixed length.
*GTK not discussed. Essentially the same as PTK, but multicast/broadcast, sans KCK KEK.
answered Aug 6 at 7:00
Gene Dela RosaGene Dela Rosa
8357 silver badges13 bronze badges
4
if by AKA you mean "also known as" please spell it out as it kind of appears to be yet another encryption acronym.
– CGCampbell
Aug 6 at 13:33
Just to be clear: the derivation of the 128 bit PSK is also constant time, right? An 8 character password (shortest allowed) takes equally long to derive a PSK as a 64 character password?
– Nzall
Aug 6 at 14:30
1
@CGCampbell I bet just 'aka' in lower case would be good enough.
– Spencer
Aug 7 at 14:04
add a comment |
Short version: No, it does not. Your password is turned into a fixed-length 256-bit key (the "PSK" in WPA2-PSK), which is further turned into fixed-length temporary keys during the initial "handshake". These temporary keys are the ones used during the actual encryption, and usually change periodically.
No matter what your password, the underlying keys are fixed-length. Therefore, connection speed is unaffected by the password.
The password and the SSID are boiled down by a key derivation function (PBKDF2 for WPA2-PSK), from which we want 256 bits.
This key, called a PMK (Pairwise Master Key) is always 256 bits regardless of password length.
It is then used (along with nonces aNonce, sNonce and MAC addresses) in a 4-way handshake to generate the 512-bit Pairwise Transient Key (PTK), which is then split into multiple keys:
- 128-bit Temporal Key (TK) - Encrypts data itself
- 128-bit Key Encryption Key (KEK) - Encrypts keys (e.g. GTK) during transfer
- 128-bit Key Confirmation Key (KCK) - Involved in EAPoL MIC (part of authentication)
- 64-bit RX and TX keys, used for message integrity codes (MIC) on data frames
These multiple keys change periodically and are, again, fixed length regardless of the password. Specifically, your data is always encrypted by the Temporal Key (TK) and signed off by the TX/RX keys, which are always 128 bits and 64 bits respectively regardless of password length.
Password -> [PMK -> PTK -> Encryption keys]. Items in brackets are fixed length.
*GTK not discussed. Essentially the same as PTK, but multicast/broadcast, sans KCK KEK.
answered Aug 6 at 7:00
Gene Dela RosaGene Dela Rosa
8357 silver badges13 bronze badges
4
if by AKA you mean "also known as" please spell it out as it kind of appears to be yet another encryption acronym.
– CGCampbell
Aug 6 at 13:33
Just to be clear: the derivation of the 128 bit PSK is also constant time, right? An 8 character password (shortest allowed) takes equally long to derive a PSK as a 64 character password?
– Nzall
Aug 6 at 14:30
1
@CGCampbell I bet just 'aka' in lower case would be good enough.
– Spencer
Aug 7 at 14:04
add a comment |
Short version: No, it does not. Your password is turned into a fixed-length 256-bit key (the "PSK" in WPA2-PSK), which is further turned into fixed-length temporary keys during the initial "handshake". These temporary keys are the ones used during the actual encryption, and usually change periodically.
No matter what your password, the underlying keys are fixed-length. Therefore, connection speed is unaffected by the password.
The password and the SSID are boiled down by a key derivation function (PBKDF2 for WPA2-PSK), from which we want 256 bits.
This key, called a PMK (Pairwise Master Key) is always 256 bits regardless of password length.
It is then used (along with nonces aNonce, sNonce and MAC addresses) in a 4-way handshake to generate the 512-bit Pairwise Transient Key (PTK), which is then split into multiple keys:
- 128-bit Temporal Key (TK) - Encrypts data itself
- 128-bit Key Encryption Key (KEK) - Encrypts keys (e.g. GTK) during transfer
- 128-bit Key Confirmation Key (KCK) - Involved in EAPoL MIC (part of authentication)
- 64-bit RX and TX keys, used for message integrity codes (MIC) on data frames
These multiple keys change periodically and are, again, fixed length regardless of the password. Specifically, your data is always encrypted by the Temporal Key (TK) and signed off by the TX/RX keys, which are always 128 bits and 64 bits respectively regardless of password length.
Password -> [PMK -> PTK -> Encryption keys]. Items in brackets are fixed length.
*GTK not discussed. Essentially the same as PTK, but multicast/broadcast, sans KCK KEK.
answered Aug 6 at 7:00
Gene Dela RosaGene Dela Rosa
8357 silver badges13 bronze badges
Short version: No, it does not. Your password is turned into a fixed-length 256-bit key (the "PSK" in WPA2-PSK), which is further turned into fixed-length temporary keys during the initial "handshake". These temporary keys are the ones used during the actual encryption, and usually change periodically.
No matter what your password, the underlying keys are fixed-length. Therefore, connection speed is unaffected by the password.
The password and the SSID are boiled down by a key derivation function (PBKDF2 for WPA2-PSK), from which we want 256 bits.
This key, called a PMK (Pairwise Master Key) is always 256 bits regardless of password length.
It is then used (along with nonces aNonce, sNonce and MAC addresses) in a 4-way handshake to generate the 512-bit Pairwise Transient Key (PTK), which is then split into multiple keys:
- 128-bit Temporal Key (TK) - Encrypts data itself
- 128-bit Key Encryption Key (KEK) - Encrypts keys (e.g. GTK) during transfer
- 128-bit Key Confirmation Key (KCK) - Involved in EAPoL MIC (part of authentication)
- 64-bit RX and TX keys, used for message integrity codes (MIC) on data frames
These multiple keys change periodically and are, again, fixed length regardless of the password. Specifically, your data is always encrypted by the Temporal Key (TK) and signed off by the TX/RX keys, which are always 128 bits and 64 bits respectively regardless of password length.
Password -> [PMK -> PTK -> Encryption keys]. Items in brackets are fixed length.
*GTK not discussed. Essentially the same as PTK, but multicast/broadcast, sans KCK KEK.
answered Aug 6 at 7:00
Gene Dela RosaGene Dela Rosa
8357 silver badges13 bronze badges
edited Aug 6 at 22:09
answered Aug 6 at 7:00
Gene Dela RosaGene Dela Rosa
8357 silver badges13 bronze badges
answered Aug 6 at 7:00
Gene Dela RosaGene Dela Rosa
8357 silver badges13 bronze badges
answered Aug 6 at 7:00
Gene Dela RosaGene Dela Rosa
8357 silver badges13 bronze badges
8357 silver badges13 bronze badges
4
if by AKA you mean "also known as" please spell it out as it kind of appears to be yet another encryption acronym.
– CGCampbell
Aug 6 at 13:33
Just to be clear: the derivation of the 128 bit PSK is also constant time, right? An 8 character password (shortest allowed) takes equally long to derive a PSK as a 64 character password?
– Nzall
Aug 6 at 14:30
1
@CGCampbell I bet just 'aka' in lower case would be good enough.
– Spencer
Aug 7 at 14:04
add a comment |
4
if by AKA you mean "also known as" please spell it out as it kind of appears to be yet another encryption acronym.
– CGCampbell
Aug 6 at 13:33
Just to be clear: the derivation of the 128 bit PSK is also constant time, right? An 8 character password (shortest allowed) takes equally long to derive a PSK as a 64 character password?
– Nzall
Aug 6 at 14:30
1
@CGCampbell I bet just 'aka' in lower case would be good enough.
– Spencer
Aug 7 at 14:04
4
4
if by AKA you mean "also known as" please spell it out as it kind of appears to be yet another encryption acronym.
– CGCampbell
Aug 6 at 13:33
if by AKA you mean "also known as" please spell it out as it kind of appears to be yet another encryption acronym.
– CGCampbell
Aug 6 at 13:33
Just to be clear: the derivation of the 128 bit PSK is also constant time, right? An 8 character password (shortest allowed) takes equally long to derive a PSK as a 64 character password?
– Nzall
Aug 6 at 14:30
Just to be clear: the derivation of the 128 bit PSK is also constant time, right? An 8 character password (shortest allowed) takes equally long to derive a PSK as a 64 character password?
– Nzall
Aug 6 at 14:30
1
1
@CGCampbell I bet just 'aka' in lower case would be good enough.
– Spencer
Aug 7 at 14:04
@CGCampbell I bet just 'aka' in lower case would be good enough.
– Spencer
Aug 7 at 14:04
add a comment |
Password verification process is not linked to the connection speed. So the answer is no, the speed is not affected.
edited Aug 6 at 7:00
Community♦
1
answered Aug 5 at 21:09
marcusaureliusmarcusaurelius
3671 silver badge4 bronze badges
18
No sources make this a poor answer, down-voted
– Cloud
Aug 6 at 10:21
12
@Joe I dunno, the other answers are able to motivate why the answer is "no" just fine...
– marcelm
Aug 6 at 10:32
1
@marcelm IMHO explaining how each process works is out of scope here. The important part is that password verification is a punctual ( whatever how it is done) check, and therefore doesn’t affect the speed. I tried to answer simply to a simple question that didn’t seem to require technical depth in both concepts.
– marcusaurelius
Aug 6 at 12:09
14
@marcusaurelius Stack Q&A aren't here only to answer the question, but also to help others searching for answers to their own questions. The more details you get, the more helpful your answer will be and the more people you'll help.
– Zoma
Aug 6 at 13:00
8
@marcusaurelius I disagree that such explanations are out of scope. But, more importantly, I think answers stating something as fact without backing that up aren't particularly helpful. It may not be necessary to detail the entire process, but I feel it would be better to mention the names of some relevant steps of the process, or provide links to sources with a more in-depth explanation. This way readers can verify your answer, or learn more if they so desire. Quoting the help center: "Brevity is acceptable, but fuller explanations are better."
– marcelm
Aug 6 at 17:12
|
show 5 more comments
Password verification process is not linked to the connection speed. So the answer is no, the speed is not affected.
edited Aug 6 at 7:00
Community♦
1
answered Aug 5 at 21:09
marcusaureliusmarcusaurelius
3671 silver badge4 bronze badges
18
No sources make this a poor answer, down-voted
– Cloud
Aug 6 at 10:21
12
@Joe I dunno, the other answers are able to motivate why the answer is "no" just fine...
– marcelm
Aug 6 at 10:32
1
@marcelm IMHO explaining how each process works is out of scope here. The important part is that password verification is a punctual ( whatever how it is done) check, and therefore doesn’t affect the speed. I tried to answer simply to a simple question that didn’t seem to require technical depth in both concepts.
– marcusaurelius
Aug 6 at 12:09
14
@marcusaurelius Stack Q&A aren't here only to answer the question, but also to help others searching for answers to their own questions. The more details you get, the more helpful your answer will be and the more people you'll help.
– Zoma
Aug 6 at 13:00
8
@marcusaurelius I disagree that such explanations are out of scope. But, more importantly, I think answers stating something as fact without backing that up aren't particularly helpful. It may not be necessary to detail the entire process, but I feel it would be better to mention the names of some relevant steps of the process, or provide links to sources with a more in-depth explanation. This way readers can verify your answer, or learn more if they so desire. Quoting the help center: "Brevity is acceptable, but fuller explanations are better."
– marcelm
Aug 6 at 17:12
|
show 5 more comments
Password verification process is not linked to the connection speed. So the answer is no, the speed is not affected.
edited Aug 6 at 7:00
Community♦
1
answered Aug 5 at 21:09
marcusaureliusmarcusaurelius
3671 silver badge4 bronze badges
Password verification process is not linked to the connection speed. So the answer is no, the speed is not affected.
edited Aug 6 at 7:00
Community♦
1
answered Aug 5 at 21:09
marcusaureliusmarcusaurelius
3671 silver badge4 bronze badges
edited Aug 6 at 7:00
Community♦
1
edited Aug 6 at 7:00
Community♦
1
edited Aug 6 at 7:00
Community♦
1
1
answered Aug 5 at 21:09
marcusaureliusmarcusaurelius
3671 silver badge4 bronze badges
answered Aug 5 at 21:09
marcusaureliusmarcusaurelius
3671 silver badge4 bronze badges
answered Aug 5 at 21:09
marcusaureliusmarcusaurelius
3671 silver badge4 bronze badges
3671 silver badge4 bronze badges
18
No sources make this a poor answer, down-voted
– Cloud
Aug 6 at 10:21
12
@Joe I dunno, the other answers are able to motivate why the answer is "no" just fine...
– marcelm
Aug 6 at 10:32
1
@marcelm IMHO explaining how each process works is out of scope here. The important part is that password verification is a punctual ( whatever how it is done) check, and therefore doesn’t affect the speed. I tried to answer simply to a simple question that didn’t seem to require technical depth in both concepts.
– marcusaurelius
Aug 6 at 12:09
14
@marcusaurelius Stack Q&A aren't here only to answer the question, but also to help others searching for answers to their own questions. The more details you get, the more helpful your answer will be and the more people you'll help.
– Zoma
Aug 6 at 13:00
8
@marcusaurelius I disagree that such explanations are out of scope. But, more importantly, I think answers stating something as fact without backing that up aren't particularly helpful. It may not be necessary to detail the entire process, but I feel it would be better to mention the names of some relevant steps of the process, or provide links to sources with a more in-depth explanation. This way readers can verify your answer, or learn more if they so desire. Quoting the help center: "Brevity is acceptable, but fuller explanations are better."
– marcelm
Aug 6 at 17:12
|
show 5 more comments
18
No sources make this a poor answer, down-voted
– Cloud
Aug 6 at 10:21
12
@Joe I dunno, the other answers are able to motivate why the answer is "no" just fine...
– marcelm
Aug 6 at 10:32
1
@marcelm IMHO explaining how each process works is out of scope here. The important part is that password verification is a punctual ( whatever how it is done) check, and therefore doesn’t affect the speed. I tried to answer simply to a simple question that didn’t seem to require technical depth in both concepts.
– marcusaurelius
Aug 6 at 12:09
14
@marcusaurelius Stack Q&A aren't here only to answer the question, but also to help others searching for answers to their own questions. The more details you get, the more helpful your answer will be and the more people you'll help.
– Zoma
Aug 6 at 13:00
8
@marcusaurelius I disagree that such explanations are out of scope. But, more importantly, I think answers stating something as fact without backing that up aren't particularly helpful. It may not be necessary to detail the entire process, but I feel it would be better to mention the names of some relevant steps of the process, or provide links to sources with a more in-depth explanation. This way readers can verify your answer, or learn more if they so desire. Quoting the help center: "Brevity is acceptable, but fuller explanations are better."
– marcelm
Aug 6 at 17:12
18
18
No sources make this a poor answer, down-voted
– Cloud
Aug 6 at 10:21
No sources make this a poor answer, down-voted
– Cloud
Aug 6 at 10:21
12
12
@Joe I dunno, the other answers are able to motivate why the answer is "no" just fine...
– marcelm
Aug 6 at 10:32
@Joe I dunno, the other answers are able to motivate why the answer is "no" just fine...
– marcelm
Aug 6 at 10:32
1
1
@marcelm IMHO explaining how each process works is out of scope here. The important part is that password verification is a punctual ( whatever how it is done) check, and therefore doesn’t affect the speed. I tried to answer simply to a simple question that didn’t seem to require technical depth in both concepts.
– marcusaurelius
Aug 6 at 12:09
@marcelm IMHO explaining how each process works is out of scope here. The important part is that password verification is a punctual ( whatever how it is done) check, and therefore doesn’t affect the speed. I tried to answer simply to a simple question that didn’t seem to require technical depth in both concepts.
– marcusaurelius
Aug 6 at 12:09
14
14
@marcusaurelius Stack Q&A aren't here only to answer the question, but also to help others searching for answers to their own questions. The more details you get, the more helpful your answer will be and the more people you'll help.
– Zoma
Aug 6 at 13:00
@marcusaurelius Stack Q&A aren't here only to answer the question, but also to help others searching for answers to their own questions. The more details you get, the more helpful your answer will be and the more people you'll help.
– Zoma
Aug 6 at 13:00
8
8
@marcusaurelius I disagree that such explanations are out of scope. But, more importantly, I think answers stating something as fact without backing that up aren't particularly helpful. It may not be necessary to detail the entire process, but I feel it would be better to mention the names of some relevant steps of the process, or provide links to sources with a more in-depth explanation. This way readers can verify your answer, or learn more if they so desire. Quoting the help center: "Brevity is acceptable, but fuller explanations are better."
– marcelm
Aug 6 at 17:12
@marcusaurelius I disagree that such explanations are out of scope. But, more importantly, I think answers stating something as fact without backing that up aren't particularly helpful. It may not be necessary to detail the entire process, but I feel it would be better to mention the names of some relevant steps of the process, or provide links to sources with a more in-depth explanation. This way readers can verify your answer, or learn more if they so desire. Quoting the help center: "Brevity is acceptable, but fuller explanations are better."
– marcelm
Aug 6 at 17:12
|
show 5 more comments
No.
When discussing this it is important to note that there are many links between your device and the server it is connecting to. Each link in that path has its own throughput rate and is limited in a variety of ways - none of which have to do with a password length.
Each physical medium, WiFi, Ethernet, Microwave, Fiber, have data rates associated with them. The devices at each end of the links also have limitations both physical and through the software controlling them. But once again, none of those limitations have anything to do with the length of a password.
Physical conditions are the only other things that can limit link rates. For wireless links, the RF conditions rule. For Fiber, it can depends on the laser, the bending of the fiber, the cleave of the ends, etc. For wires, it depends on the connectors, the cable, etc. And again, the password length has nothing to do with these conditions.
The customer may have been confusing password length with key length. But even then, computers are so fast and the implementations so efficient, users are not going to notice the latency associated with those algorithms.
My company, for example, uses AES-256 to do real-time video encryption and decryption at more than 20Mbps with an end to end latency of less than 60ms. The encryption is a very minor part of that 60ms. The encoding and decoding of the H.264 and H.265 (HVEC) video is by far more computationally intensive than the encryption.
answered Aug 6 at 17:18
Tracy CramerTracy Cramer
8185 silver badges10 bronze badges
add a comment |
No.
When discussing this it is important to note that there are many links between your device and the server it is connecting to. Each link in that path has its own throughput rate and is limited in a variety of ways - none of which have to do with a password length.
Each physical medium, WiFi, Ethernet, Microwave, Fiber, have data rates associated with them. The devices at each end of the links also have limitations both physical and through the software controlling them. But once again, none of those limitations have anything to do with the length of a password.
Physical conditions are the only other things that can limit link rates. For wireless links, the RF conditions rule. For Fiber, it can depends on the laser, the bending of the fiber, the cleave of the ends, etc. For wires, it depends on the connectors, the cable, etc. And again, the password length has nothing to do with these conditions.
The customer may have been confusing password length with key length. But even then, computers are so fast and the implementations so efficient, users are not going to notice the latency associated with those algorithms.
My company, for example, uses AES-256 to do real-time video encryption and decryption at more than 20Mbps with an end to end latency of less than 60ms. The encryption is a very minor part of that 60ms. The encoding and decoding of the H.264 and H.265 (HVEC) video is by far more computationally intensive than the encryption.
answered Aug 6 at 17:18
Tracy CramerTracy Cramer
8185 silver badges10 bronze badges
add a comment |
No.
When discussing this it is important to note that there are many links between your device and the server it is connecting to. Each link in that path has its own throughput rate and is limited in a variety of ways - none of which have to do with a password length.
Each physical medium, WiFi, Ethernet, Microwave, Fiber, have data rates associated with them. The devices at each end of the links also have limitations both physical and through the software controlling them. But once again, none of those limitations have anything to do with the length of a password.
Physical conditions are the only other things that can limit link rates. For wireless links, the RF conditions rule. For Fiber, it can depends on the laser, the bending of the fiber, the cleave of the ends, etc. For wires, it depends on the connectors, the cable, etc. And again, the password length has nothing to do with these conditions.
The customer may have been confusing password length with key length. But even then, computers are so fast and the implementations so efficient, users are not going to notice the latency associated with those algorithms.
My company, for example, uses AES-256 to do real-time video encryption and decryption at more than 20Mbps with an end to end latency of less than 60ms. The encryption is a very minor part of that 60ms. The encoding and decoding of the H.264 and H.265 (HVEC) video is by far more computationally intensive than the encryption.
answered Aug 6 at 17:18
Tracy CramerTracy Cramer
8185 silver badges10 bronze badges
No.
When discussing this it is important to note that there are many links between your device and the server it is connecting to. Each link in that path has its own throughput rate and is limited in a variety of ways - none of which have to do with a password length.
Each physical medium, WiFi, Ethernet, Microwave, Fiber, have data rates associated with them. The devices at each end of the links also have limitations both physical and through the software controlling them. But once again, none of those limitations have anything to do with the length of a password.
Physical conditions are the only other things that can limit link rates. For wireless links, the RF conditions rule. For Fiber, it can depends on the laser, the bending of the fiber, the cleave of the ends, etc. For wires, it depends on the connectors, the cable, etc. And again, the password length has nothing to do with these conditions.
The customer may have been confusing password length with key length. But even then, computers are so fast and the implementations so efficient, users are not going to notice the latency associated with those algorithms.
My company, for example, uses AES-256 to do real-time video encryption and decryption at more than 20Mbps with an end to end latency of less than 60ms. The encryption is a very minor part of that 60ms. The encoding and decoding of the H.264 and H.265 (HVEC) video is by far more computationally intensive than the encryption.
answered Aug 6 at 17:18
Tracy CramerTracy Cramer
8185 silver badges10 bronze badges
answered Aug 6 at 17:18
Tracy CramerTracy Cramer
8185 silver badges10 bronze badges
answered Aug 6 at 17:18
Tracy CramerTracy Cramer
8185 silver badges10 bronze badges
answered Aug 6 at 17:18
Tracy CramerTracy Cramer
8185 silver badges10 bronze badges
8185 silver badges10 bronze badges
add a comment |
add a comment |
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f214717%2fdoes-the-length-of-a-password-for-wi-fi-affect-speed%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
69
It's worth noting that if the speed of your connection were affected by the length of the password, it would be a very very bad sign about the security of the wireless network connections.
– Pavel
Aug 6 at 8:50
32
Did the customer ever explain where (s)he got this idea from? I'm curious to know
– BlueCacti
Aug 6 at 8:55
61
Is there any possibility that the customer meant "speed to access (i.e., connect to) the Internet"? That would be a much more logical conclusion.
– xLeitix
Aug 6 at 9:52
15
Non-technical customers have all kinds of weird beliefs about computers.
– dr01
Aug 6 at 11:41
51
It certainly makes signing in slower.
– Dave Newton
Aug 6 at 12:34