From: Tyler Robison (trobison@cs.washington.edu)
Date: Wed Nov 24 2004 - 07:58:34 PST
This paper describes numerous security issues with WEP, and how
the protocol fails to live up to its goals of preventing various kinds of
attacks. Some of these are issues with the protocol itself, and others
are issues of how the protocol is commonly used, all of which can be
exploited to allow attackers to eavesdrop on traffic, modify traffic or
insert new traffic into the supposedly secure system.
WEP is really based around the difficulty involved in determining
the encryption key, but in reality that isn't such a big problem. The
40bit key can be found through brute-force (with sufficient resources),
and 40 was the standard size of the protocol. But even if larger keys are
used, there are still ways to for attackers to listen in. Many cards
reset the IV component of the key (24 bits) to 0 when they are
re-initialized, and merely increment it for each packet, making it much
easier for an attacker to find multiple packets with the same IV.
If an attacker has multiple packets with the same IV, they can try
to get the plaintext of the message if they have some idea of what some of
the text may be; the paper states that much of the text is predictable,
and that the attacker can also build a 'decryption dictionary' over time
and use this to decrypt new packets.
WEP uses a checksum to ensure that data is not modified, but
checksums are really intended for detection of random bit errors. As
such, they don't provide incredible security against planned and
calculated modifications to the data, or against the insertion of new
messages. The paper also goes into how access points can be tricked into
decrypting a message for the attackers, and spends a bit of time
describing how the security problems of WEP should be taken into account
in an actual network.
The paper was overall fairly interesting, and certainly important
in terms of security; they point out some very real problems with WEP.
However, its difficult to get a feel for how vulnerable WEP actually is,
as they really don't have any data, just explanations of how the security
can be broken. For instance, they could have designed some tools to carry
some of these techniques out, and tried it in some setting where the
legality is not in question, such as on their own network. Even this
wouldn't be perfect, since attackers may have much more time to expend on
attacks than the researchers, but it would have at least given us an
estimate. As it is, the paper makes it sound as though WEP is useless
without actually giving indications of how easy the security is to break
in practice. Certainly the issues they address are important, but the
actual amount of effort needed to break the security remains unclear.
This archive was generated by hypermail 2.1.6 : Wed Nov 24 2004 - 07:58:35 PST