From: Pravin Bhat (pravinb@u.washington.edu)
Date: Wed Nov 24 2004 - 01:49:33 PST
Paper summary: The paper provides a review of the widely used WEP
protocol from a security standpoint. The review exposes several passive
and active attacks that can be launched against WEP and provides
feasibility analysis of the attacks listed.
Paper strengths:
# The attacks presented in this paper are ingenious. The authors were
able to subvert WEP in all its key objectives - confidentiality, access
control and data integrity. Some of the attacks exploit shabby
implementations - like IV collision based attacks while others rely on
some clever math to turn access points into oracles - i.e. IP redirection
and reaction attacks.
# The authors compliment their review of attacks with a discussion on the
practicality of each attack. This exercise goes far in dispelling the general
attitude towards sophisticated security attacks as theoretical exercises
which are impractical in reality. At the very least the authors do a superb
job in convincing the reader of the dire need to revise WEP.
# The paper also provides several insights on designing secure systems:
- Stateless and liberal inflow networks lead to stronger attacks
- Making a secure system compatible with a less secure system hurts the
stronger system
- Public review across various expert communities lead to more secure
systems.
Limitations and Room for Improvement:
The key issue with this paper is that it exposes the entire WEP wireless
community to powerful attacks, some of which cannot be blocked by
network administrators. By the time WEP is revised and updated in
firmware by the vendors and eventually adopted by most end users
the amount of damage that will be done by the hacker community could
be immense. This raises serious ethical questions regarding disclosure
of harmful information v.s. censorship in academia. Unfortunately
communities only tend to react to the most pressing needs. Hopefully
this paper will provide the required impetus to secure WEP and guide
the security design of future systems.
The paper could have done a better job of providing a short description
of the cryptography specific concepts referred to in the paper. For
example I would have liked a short note on what it means for an
authentication code to be a keyed function. A summary of MAC
would have also helped.
Future work:
# A revision of WEP-
Longer public keys
Better IV collision prevention schemes
Use of stronger cryptographic algorithms like MAC
# Secure distribution techniques for private keys
# A push for stronger review process of technologies across various
expert communities (theory, cryptography, algorithms, networking, etc)
before mass deployment.
# It would be great to see a survey paper that compiles design guidelines
on security that are scattered across the literature into one succinct reference
for the benefit of future protocol designers.
This archive was generated by hypermail 2.1.6 : Wed Nov 24 2004 - 01:49:35 PST