From: Michelle Liu (liujing@u.washington.edu)
Date: Tue Nov 23 2004 - 20:17:36 PST
Review of "Intercepting Mobile Communications: The Insecurity of 802.11"
Jing Liu
This paper discusses some security flaws of Wired Equivalent Privacy (WEP) protocol in 802.11 standard. The author pointed out that WEP is intended to protect link-layer communications from eavesdropping and other attacks. However, there are a number of practical attacks discovered.
The paper talks that WEP protocol is intended to enforce three main security goals including confidentiality, access control and data integrity. However, in all those aspects, there are possible attacks. The first risk comes from keystream reuse. The keystream reuse lead to a number of attacks: if the plaintext of one of the messages is known, the plaintext of the other is immediately obtainable. In order to prevent such attacks, WEP uses a per-packet IV to vary the keystream generation process for each frame to data transmitted. However, it does not say anything about how to select IV's and some implementations do it poorly. Secondly, since a single key is distributed among many users, it increases chances of IV collision. This causes the problem of key management. Third, WEP checksum is a linear function of the message, thus it is possible to make controlled modifications to a ciphertext without disrupting the checksum and also possible to reuse old IV values without triggering any alarms at the receiver. This is a pitfall in message authentication. Third, there are IP redirection attacks and attacks by making use of TCP acknowledges.
From this paper, we can see that design of secure protocols is difficult, and fraught with many complications. A link-layer protocol must take into account interactions with many different entities at the same time. The author also gives some suggestions on security protocol design, such as to reuse past design and to offer new designs for public review.
This paper has pointed out quite a lot of security flaws of WEP. However, there are not much remedy methods mentioned and I would be more interested to know how we can design a more secure protocol for wireless networks considering that security is especially important and tough task for wireless communications.
Today security is a big issue in network design. Considering the special properties of wireless networks, it is even more important to design protocols with strong security concerns.
This archive was generated by hypermail 2.1.6 : Tue Nov 23 2004 - 20:17:57 PST