From: Masaharu Kobashi (mkbsh@cs.washington.edu)
Date: Tue Nov 23 2004 - 20:38:57 PST
1. Main result of the paper
This paper reveals critical flaws of WEP in the 802.11 standard,
which can lead to failure to achieve all of the three goals of WEP,
confidentiality, access control, and data integrity. The paper
presents the argument clearly and suggests improvements to WEP.
2. Strengths in this paper
The paper has made great contribution to all the network users across
the world, since it detected vital flaws of the widely used protocol.
The presentation of the argument is clear, concise and convincing.
In addition it proposes remedies to the protocol to make it safer and
to enable it to achieve the original three goals.
The paper is also very good and unusual in pointing out the
sociological problems in the current practice of standardizing
security related protocols, stressing the importance of public review
and raising the problem of financial burden on the researchers.
3. Limitations and suggested improvements
It focuses on the reuse of IV (initialization vector) as the major
cause of the troubles. It is correct reuse of IV is a big problem.
But the authors do not go beyond it to finding other common causes.
I find the property of XOR (e.g. linearity) is also a great cause of
the problems raised in the paper. If XOR operation were not used or
it did not have the property of linearity, all of the problems would
be eliminated regardless of any reuse of IV, since without the
linearity of XOR, all the derivations listed on pages 182 and 184
would not be possible. Without those derivations, the eavesdropping
would be impossible. Even the checksum related attacks and the
injection of new traffic would not be possible since those attacks
are also based, although indirectly, upon the keystream related
properties made available by the XOR's linearity.
Therefore, I would suggest not just focusing only on the reuse of IV,
the authors should broaden their scope of thinking to include the
possibility of eliminating other great common causes such as the use
of XOR. XOR is great in terms of speed. But we can use other methods
such as reordering of bits, etc., although they may need more
computing power. (The cost of computing power is rapidly decreasing.)
4. Relevance today and future
It is quite relevant today and it is vitally important to incorporate
the authors' suggestions and lessons into the future protocols.
(I guess it has already. If not, I would be curious to know why not.)
This archive was generated by hypermail 2.1.6 : Tue Nov 23 2004 - 20:38:58 PST