New Protection for 802.11
William Arbaugh
waa at cs.umd.edu
Wed Nov 6 17:33:41 EST 2002
It uses:
-IEEE 802.1x for access control and authentication
-RC4 but with a new key mixing/generation method called TKIP that
provides for per packet keys and eliminates the Fluhrer et. al.
attack. Russ Housely, Doug Whitting, and Nils Ferguson designed TKIP.
-Michael is the MAC/MIC that provides 20 bits (yes 20 bits) of
security. The reason they chose that is because older AP hardware can't
do much more. Nils Ferguson designed Michael. Michael MUST be used
with detection methods to prevent integrity attacks. Hopefully, the
vendors will do it correctly.
I'll try and dig up the documents that define each of this and post
them somewhere.
Bill
On Wednesday, Nov 6, 2002, at 17:19 US/Eastern, David Honig wrote:
> At 03:32 PM 11/6/02 -0500, Perry E. Metzger wrote:
>> Does anyone know details of the new proposed protocols?
>
>
> Small article at:
> http://www.eetimes.com/story/OEG20021031S0007
>
> Somewhere I read a larger article; things that
> stuck in memory are: No AES, a cipher called "Michael"
> being used; also, the change is intended to be
> a software-upgrade to existing devices, which
> is why so many features were omitted.
>
> There were also comments about legacy issues --you
> have to upgrade everyone, so its likely that back-compatibility
> will not completely obsolete wardriving. Much like Microsoft's
> OS-interop-legacy-security problems.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list