From: Kevin Wampler (wampler@cs.washington.edu)
Date: Wed Nov 24 2004 - 01:37:43 PST
Since wireless communications make eavesdropping trivial, the 802.11
protocol incorporated encryption techniques in order to provide secure
communication. The paper "Intercepting Mobile Communications: The
Insecurity of 802.11" examines how a malicious user could circumvent this
security be exploiting subtle flaws in the implementation of the
encryption.
The authors focus on ways of breaking each of the three security goals of
WEP: confidentiality, access control, and data integrity. Many of these
attacks pivot on the small (20 bit) public IV used, or on the poor
cryptographic properties of CRC checksums. As is common in cypher
attacks, there are many attacks possible which do not rely on being able
to determine the plaintext from a cyphertext, but still allow inserting
false messages, etc. Known plaintext attacks are also highlighted (and I
suspect are very viable in web communication, as there are probably common
packets that occur with relatively high frequency).
Although this paper does highlight that WEP does not provide a high degree
of security, I do not that that the situation is too bad. In particular,
breaking into a WEP wireless network seems to be at least as difficult as
breaking into a wired network using TCP. I see little problem with the
use of protocol layer encryption merely providing weak security, as most
of the time this is all that is desired. For situations where strong
security guarantees are needed, an end-to-end solution to the problem
should probably be used anyway.
This archive was generated by hypermail 2.1.6 : Wed Nov 24 2004 - 01:37:43 PST