Trying to find out what the criteria of a WPA3 Personal wifi password should be. Is it consistent with WPA2 PSK (8-63 ASCII characters)?
Checked the wifi spec and didn't see anything that mentioned minimum and maximum length
Per IEEE 802.11-2020, an SAE password is a UTF-8 string that is composed entirely of code points that are explicitly allowed by the FreeformClass string class defined in RFC8264, processed according to the OpaqueString profile of IETF RFC 8265, the output of which is an octet string. The min and max length are undefined.
Since WAP2-Personal implementations are intended to transition to WPA3-Personal, most implementations that I have seen use the same constraints as WPA2. For example, Android uses 8 to 63 characters: https://android.googlesource.com/platform/external/wpa_supplicant_8/+/refs/heads/master/hostapd/hostapd.conf#1881. It looks like Linux allows up to 128 bytes: https://github.com/torvalds/linux/blob/master/include/linux/ieee80211.h#L3601.
Related
Is there an EDI x12 segment that has no character limit? We often use the MSG segment for open text fields but this is capped at 256 characters, so we’re looking for an alternative that can handle 500+ characters.
The short answer
The MTX Text segment allows you to send messages of up to 4096 characters long, which is the longest available in X12. You can’t just swap out an MSG segment for an MTX segment, though. You can only use MTX if it’s included in the transaction set, and that depends on which X12 'release' (version) you're using.
For the 005010 release (one of the more popular ones), here are the transaction sets that MTX appears in:
105 Business Entity Filings
113 Election Campaign and Lobbyist Reporting
150 Tax Rate Notification
155 Business Credit Report
179 Environmental Compliance Reporting
194 Grant or Assistance Application
251 Pricing Support
274 Healthcare Provider Information
284 Commercial Vehicle Safety Reports
500 Medical Event Reporting
620 Excavation Communication
625 Well Information
650 Maintenance Service Order
805 Contract Pricing Proposal
806 Project Schedule Reporting
814 General Request, Response or Confirmation
832 Price/Sales Catalog
836 Procurement Notices
840 Request for Quotation
843 Response to Request for Quotation
850 Purchase Order
855 Purchase Order Acknowledgment
860 Purchase Order Change Request - Buyer Initiated
865 Purchase Order Change Acknowledgment/Request - Seller Initiated
Some additional clarification
Technically, character limits don't apply to X12 segments – what you're referring to is an X12 element. A segment is just a container for elements, and the element you're referring to is the element referenced in MSG01 (the first element of the MSG segment).
Each X12 element references an ID number. For each element, the ID number points to a dictionary that specifies the name, description, type, minimum length, and maximum length. In the case of MSG01, it points to data element [933][1].
Data element 933 – the one you're currently using – actually has a character limit of 264 characters (more than 256 characters, but not by much). Note: the link above is to the 005010 X12 release, but I checked backed to 003010 and up to 008030 and it seems to be 264 characters all the way through.
Now, back to your original question: is there a data element that allows for a larger character payload?
The answer is that there are 8 data elements that accept a payload larger than 264 characters.
Two of them are binary data types, which we can likely eliminate off the bat:
785. Binary Data. A string of octets which can assume any binary pattern from hexadecimal 00 to FF. Note: The maximum length is dependent upon the maximum data value that can be entered in DE 784, which value is 999,999,999,999,999. Max characters: 999999999999999.
1700. Transformed Data. Binary or filtered data having one or more security policy options applied; transformed data may represent compressed, encrypted, or compressed and encrypted plaintext. Max characters: 10000000000000000.
The rest are strings, which is promising:
364. Communication Number. Complete communications number including country or area code when applicable. Max characters: 2048.
1565. Look-up Value. Value used to identify a certificate containing a public key. Max characters: 4096.
1566. Keying Material. Additional material required for decrypting the one-time key. Max characters: 512.
1567. One-time Encryption Key. Hexadecimally filtered encrypted one-time key. Max characters: 512.
1573. Encoded Security Value. Encoded representation of the Security Value specified by the Security Value Qualifier. Max characters: 1.00E+16.
And, last but not least:
1551. Textual Data. To transmit large volumes of message text. Max characters: 4096.
Looks like a winner!
Note that element 1551 appears in only one segment: MTX, which was introduced in the 003060 X12 release. And in the initial 003060 release, it was only included in one X12 Transaction Set: 194 Grant or Assistance Application (which makes sense – a longer field was needed for grant applications).
It seems that as new releases were developed, the MTX segment made its way into more and more transaction sets – likely for exactly the reason you're asking. In 003070, it was included in 5 transaction sets; in 004010, 15; in 005010, 24, and so on.
The MTX segment uses element 1551 in both MTX02 and MTX03, so you can get double the length by using both of them. Note that there's a 'relational condition': If MTX-03 is present, then MTX-02 is required (in other words, you can't use MTX03 if you don't use MTX02 first).
And depending on the transaction set, the MTX segment may be able to be repeated as well.
Long story short: if the MTX segment is in the transaction set / release you're using, you're likely in luck.
Hope this helps.
Use multiple MSGs and trim the data at each to the maximum allowed. You usually have free text segments set with repetitions > 1, so you should be okay. That's how everybody does it.
Looking at this question on Quora HERE ("Are data stored in registers and memory in hex or binary?"), I think the top answer is saying that data persistence is achieved through physical properties of hardware and is not directly relatable to either binary or hex.
I've always thought of computers as 'binary', but have just realized that that only applies to the usage of components (magnetic up/down or an on/off transistor) and not necessarily the organisation of, for example, memory contents.
i.e. you could, theoretically, create an abstraction in memory that used 'binary components' but that wasn't binary, like this:
100000110001010001100
100001001001010010010
111101111101010100001
100101000001010010010
100100111001010101100
And then recognize that as the (badly-drawn) image of 'hello', rather than the ASCII encoding of 'hello'.
An answer on SO (What's the difference between a word and byte?) mentions that processors can handle 'words', i.e. several bytes at a time, so while information representation has to be binary I don't see why information processing has to be.
Can computers do arithmetic on hex directly? In this case, would the internal representation of information in memory/registers be in binary or hex?
Perhaps "digital computer" would be a good starting term and then from there "binary digit" ("bit"). Electronically, the terms for the values are sometimes "high" and "low". You are right, everything after that depends on the operation. Most of the time, groups of bits are operated on together. Commonly groups are 1, 8, 16, 32 and 64 bits. The meaning of the bits depends on the program but some operations go hand-in-hand with some level of meaning.
When the meaning of a group of bits is not known or important, humans like to be able to decern the value of each bit. Binary could be used but more than 8 bits is hard to read. Although it is rare to operate on groups of 4 bits, hexadecimal is much more readable and is generally used regardless of the number of bits. Sometimes octal is used but that's based on contexts where there is some meaning to a subgrouping of the 3 bits or an avoidance of digits beyond 9.
Integers can be stored in two's complement format and often CPUs have instructions for such integers. Once such operation is negation. For a group of 8 bits, it would map 1 to -1,… 127 to -127, and -1 to 1, … -127 to 127, and 0 to 0 and -128 to -128. Decimal is likely the most valuable to humans here, not base 256, base 2 or base 16. In unsigned hexadecimal, that would be 01 to FF, …, 00 to 00, 80 to 80.
For an intro to how a CPU might do integer addition on a group of bits, see adder circuits.
Other number formats include IEEE-754 floating point and binary-coded decimal.
I think you understand that digital circuits are binary. So, based on the above, yes, operations do operate on a higher conceptual level despite the actual storage.
I'm currently working on reverse engineering a device I have serial protocol.
I'm mostly there however I can't figure out one part of the string.
For each string the machine returns it always has !XXXX where the XXXX varies in a hex value. From what I can find this may be CRC16?
However I can't figure out how to calculate the CRC myself to confirm it is correct.
Here's an example of 3 Responses.
U;0;!1F1B
U;1;!0E92
U;2;!3C09
The number can be replaced with a range of ascii characters. For example here's what I'll be using most often.
U;RYAN W;!FF0A
How do I calculate how the checksum is generated?
You need more examples with different lengths.
With reveng, you will want to reverse the CRC byte, e.g. 1b1f, not 1f1b. It appears that the CRC is calculated over what is between the semicolons. With reveng I get that the polynomial is 0x1021, which is a very common 16-bit polynomial, and that the CRC is reflected.
% reveng -w 16 -s 301b1f 31920e 32093c 5259414e20570aff
width=16 poly=0x1021 init=0x1554 refin=true refout=true xorout=0x07f0 check=0xfa7e name=(none)
width=16 poly=0x1021 init=0xe54b refin=true refout=true xorout=0xffff check=0xfa7e name=(none)
With more examples, you will be able to determine the initial value of the CRC register and what the result is exclusive-or'ed with.
There is a tool available to reverse-engineer CRC calculations: CRC RevEng http://reveng.sourceforge.net/
You can give it hex strings of the input and checksum and ask it what CRC algorithm matches the input. Here is the input for the first three strings (assuming the messages are U;0;, U;1; and U;2;):
$ reveng -w 16 -s 553b303b1f1b 553b313b0e92 553b323b3c09
width=16 poly=0xa097 init=0x63bc refin=false refout=false xorout=0x0000 check=0x6327 residue=0x0000 name=(none)
The checksum follows the input messages. Unfortunately this doesn't work if I try the RYAN W message. You'll probably want to try editing the input messages to see which part of the string is being input into the CRC.
I am currently learning about UUID in iOS, and of course I'm trying to make sense of them. From what I can gather, when you call NSUUID(), it returns a 128 bit string that is completely unique (though I'm not currently interested in how it can ensure a completely unique string, I figure it takes into account the date, time, and device identity). To make use of this string, you can append it to the end of the Document Directory (which I believe is unique to each application) to ensure a unique file path that can be used to access files later. Is this a correct understanding of the concept?
Globally Unique Identifiers are 128-bit binary strings.
Microsoft COM uses them to prevent "name collisions" between components without needing some "central naming authority" (like we have for DNS names, IP addresses, broadcast frequencies, etc etc).
GUIDs are likely to be unique ... but it's not guaranteed.
Here is a good article explaining more:
http://betterexplained.com/articles/the-quick-guide-to-guids/
And yes, your understanding of iOS NSUUIDs is exactly right:
http://nshipster.com/nstemporarydirectory/
http://nshipster.com/uuid-udid-unique-identifier/
It depends on the version of Universally unique identifier. Version 4 is almost guaranteed to be unique but not completely. Wikipedia states the following:
"Out of a total of 128 bits, two bits indicate an RFC 4122 ("Leach-Salz") UUID and four bits the version (0100 indicating "randomly generated"), so randomly generated UUIDs have 122 random bits. The chance of two such UUIDs having the same value can be calculated using probability theory (birthday paradox). Using the approximation"
Reference: https://en.wikipedia.org/wiki/Universally_unique_identifier#Version_4_.28random.29
What is the maximum length of the 'name' part in a domain?
I'm referring to the google in http://www.google.com. How long can the google part be without what's before and after it?
Each label may contain up to 63 characters.
"URI producers should use names
that conform to the DNS syntax, even when use of DNS is not
immediately apparent, and should limit these names to no more than
255 characters in length."
https://www.rfc-editor.org/rfc/rfc3986
"The DNS itself places only one restriction on the particular labels
that can be used to identify resource records. That one restriction
relates to the length of the label and the full name. The length of
any one label is limited to between 1 and 63 octets. A full domain
name is limited to 255 octets (including the separators)."
https://www.rfc-editor.org/rfc/rfc2181
The full domain name may not exceed a total length of 253 characters in its external dotted-label specification.
http://en.wikipedia.org/wiki/Domain_Name_System
If you are getting anywhere close to 253 characters, I think you should look for a shorter domain name...
TLDR Answer
Use these limits:
Labels: 61 octets.
Names: 253 octets.
Many applications will work even if you exceed these limits (like Gmail), but there are many older applications that will not.
Source
RFC1035: Domain Names - Implementation And Specification (published November 1987), an accepted Internet Standard, gives the following limits to subdomains and to the entire domain length when viewed in a browser...
Various objects and parameters in the DNS have size limits. They are
listed below. Some could be easily changed, others are more
fundamental.
labels 63 octets [bytes/characters] or less
names 255 octets [bytes/characters] or less
The working level of these are:
Labels: 61 octets.
Names: 253 octets.
That's because RFC821 (published August 1982) defines emails in the format of user#domain.com, and the smallest value for user would be one character. That leaves one character for #, and then you only have 253 characters left for the domain.com part.
This was reconfirmed numerous times...
RFC2181: Clarifications to the DNS Specification (published July 1997) : Only a proposed standard. "A full domain name is limited to 255 octets (including the separators)."
RFC3986: Uniform Resource Identifier (URI): Generic Syntax (published January 2005) : Accepted Internet standard. "URI producers should use names that conform to the DNS syntax, even when use of DNS is not immediately apparent, and should limit these names to no more than 255 characters in length."
RFC5321: Simple Mail Transfer Protocol (published October 2008) : Only a proposed standard. This RFC gives the max length of label or subdomains to be 64, one more than the others of 63. I recommend sticking with 63. "The maximum total length of a domain name or number is 255 octets."
You may have 63 characters per label (or subdomain) and 255 characters per name (this includes the TLD).
Notice that it gives the definition in octets. That's because it's looking at physical bytes, not literal bytes. For instance, \. is interpreted as . (one literal byte), because the \ escapes it, but it is encoded as \. (two physical bytes). These octet limits are physical byte limits.
As a demonstration, this website has a 63 characters domain name, the maximum allowed:
http://63-characters-is-the-longest-possible-domain-name-for-a-website.com