DOS attack on WPA 802.11?

Michael Disabato cmd at dellamente.com
Tue Dec 17 14:11:59 EST 2002


Monday, December 9, 2002, 5:36:08 PM, David scribbled:

>> DW> Th question is: "Why bother working on a `fix' to WPA that
>> DW> will likely never be deployed and that will be obsoleted
>> DW> in a few years by the spread of AES-CCMP?".
>> 
>> You make the assumption that, having gone throught the WEP to WPA
>> conversion, businesses will be willing to move to AES. My clients tell
>> me they are not, absent a major fault in WPA.

DW> Thanks.  That's an interesting point.
DW> But, won't the same argument apply with the same force
DW> to any patch to WPA?  I don't see the denial-of-service
DW> issue that the original poster is worried about as a major
DW> fault, and any patch to WPA would hence only be a minor tweak
DW> to deal with a minor weakness -- which doesn't sound to me
DW> like the sort of thing those businesses are going to want
DW> to spend a lot on deploying.  Would you agree?

David,

There is a large difference between upgrading from WEP to WPA and
upgrading WPA code. In the first case, the operational characteristics
of the network will change. This falls under the "non-trivial task"
definition. In the second case, you've already done the hard work of
conversion, and are simply applying patches. There are several systems
on the market that can automate this kind of work.

Regards,

Michael


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list