Dear crimelist, if you are using WEP/802.11 you might wish to read the following: http://www.cs.rice.edu/~astubble/wep/ abstract: We implemented an attack against WEP, the link-layer security protocol for 802.11 networks. The attack was described in a recent paper by Fluhrer, Mantin, and Shamir. With our implementation, and permission of the network administrator, we were able to recover the 128 bit secret key used in a production network, with a passive attack. The WEP standard uses RC4 IVs improperly, and the attack exploits this design failure. This paper describes the attack, how we implemented it, and some optimizations to make the attack more efficient. We conclude that 802.11 WEP is totally insecure, and we provide some recommendations. ------------------------------- I have not read this paper yet, but the names associated with both the recent paper, and this paper (Shamir, then Rubin/JI) are enough for me to bring this to your attention. Another current url with recent slides from a Black Hat talk by Ian Goldberg ... http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html My personal opinions on this subjects are rather pithy: Do not EVER rely on wireless link layer security as your only protocol protection. If you do, you may be unhappy sooner or later. There is no track record other than bad. Ian Goldberg has a security talk/rant out there somewhere on cell phone security (http://www.cs.berkeley.edu/~iang/blackhat.ps) that panders to my instincts. I am skeptical about claims that the next version will be right. (802.1X or whatever it is). Why not IPSEC? :-> regards, Jim Binkley jrb@private PSU Computer Science http://www.cs.pdx.edu/~jrb
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:09 PDT