From: Charles Reis (creis@cs.washington.edu)
Date: Wed Nov 24 2004 - 00:55:28 PST
Intercepting Mobile Communications: The Insecurity of 802.11
Borisov, Goldberg, Wagner, 2001.
The paper shows the remarkable ease with which attackers can compromise all the security goals of Wired Equivalent Privacy (WEP), the default security mechanism of the 802.11 wireless standard. The problems are shown to be a direct result of poor use of cryptographic mechanisms, such as allowing frequent key reuse and using CRC rather than a cryptographic message authentication code. As a result, attackers can easily decrypt traffic, arbitrarily modify traffic without detection, inject new encrypted traffic, and bypass access control mechanisms.
On the one hand, this paper shows how shockingly inadequate WEP is for achieving its security goals, and it remains unsettling that almost four years later, WEP is still the common form of encryption used in practice, if any is used at all.
On the other hand, though, the end-to-end argument says that link-layer encryption of wireless traffic is neither necessary nor sufficient for any of its security goals. To maintain confidentiality and integrity of their traffic, users should use end-to-end mechanisms such as SSL (which also benefit from experience and extensive review), while access control requires a more thorough authentication mechanism between users and administrators. Any attempts to provide these at the link layer should only be supplemental (hence the name "wired equivalent privacy," suggesting no more security than wired networks, which have little to begin with).
Nevertheless, the paper shows that WEP doesn't even live up to its name, allowing arbitrary attackers (without wired port access) to interpose on traffic. In the absence of ubiquitous SSL flows for all traffic, the security of wireless networks is at least increasing with stronger, frequently changed keys and better authentication mechanisms (eg. TKIP/AES, WPA, 802.1x, RADIUS).
This archive was generated by hypermail 2.1.6 : Wed Nov 24 2004 - 00:55:28 PST