From: Seth Cooper (scooper@cs.washington.edu)
Date: Wed Nov 24 2004 - 01:23:05 PST
This paper presents several insecurities of the 802.11 Wired Equivalent
Privacy protocol. The WEP is an attempt to bring the security available
in wireless systems closer to that in wired ones. However, it appears
that there are still problems. These include both passive and active
attacks, where attackers can listen in on or even modify transmissions.
Because of the fact that the ciphertext is generated by xoring with
the plaintext, and the small space if Initialization Vectors (which are
transmitted unencrypted), it is possible through interception of several
messages to determine what their plaintext was. Due to other properties
of the encryption scheme, such as the checksum being a linear function,
it is possible to perform more active attacks such as modifying messages.
One strength of the paper is that it does a good job of pointing out
how the weaknesses is WEP are tied to the protocol. For instance,
Although WEP specifies 40 bit keys, some implementations use 104 bit
keys. However, they are still vulnerable because of the IV, which is
limited to 24 bits to be compliant. Also Although changing the IV with
each packet would greatly increase the security of the system, one does
not ever actually have to change the IV to be compliant with the protocol.
A weakness of this paper is that it seems to be finding security
problems in a scheme that is not meant to be all that secure in the
first place. WEP is meant to block against casual eavesdropping, and
most of the methods presented seem to require more than a casual
interest, particularly the access to the link layer needed to perform
and active attack. The paper mentions that the 40-bit key even makes
WEP vulnerable to brute-force attacks. It appears that WEP is just
attempting to give some minimal security level, and higher layers can
add more if it is necessary.
This paper is relevant because security in networks is becoming an
increasingly important issue, particularly as the use of wireless
networks increases. It is important to design networks in the future
with security in mind. The paper also raises the issue of where
security should be implemented. WEP implements weak security at a low
layer; applications that are interested in string security must
reimplement it themselves at a higher layer, and applications that don't
must still pay the cost for it.
This archive was generated by hypermail 2.1.6 : Wed Nov 24 2004 - 01:22:58 PST