DOS attack on WPA 802.11?
Niels Ferguson
niels at ferguson.net
Thu Nov 14 12:19:04 EST 2002
At 00:55 14/11/02 -0800, Bill Stewart wrote:
>At 12:03 PM 11/11/2002 -0500, Arnold G. Reinhold wrote:
>>One of the tenets of cryptography is that new security systems
>>deserve to be beaten on mercilessly without deference to their creator.
>
>In particular, I'd be interested in finding out if the new stuff
>has been beaten up by Ian, Nikita, and the other people who
>did the earlier shreddings of the WEP system -
>while it certainly needs broader attention than that,
>it at least needs to get by some of the usual suspects
>rather than just approval by the same sort of standards people
>who let the first one out the door.
>
>That doesn't mean that it's a solid guarantee,
>but all this talk of 20-bit MIC codes doesn't strike me as something
>that could pass the "Ian's Lunch Break" test, much less the
>kind of attention that AES got.
I would contend that I am not "the same sort of standards people that let
WEP out the door". Have a look at my website and list of publications
(http://niels.ferguson.net/). I've been designing cryptographic systems
since 1990.
That doesn't mean that I don't make mistakes. I make many of them. Michael
is very much an on-the-edge design, due to the harsh requirements. It is
quite possible that someone will find a better attack against Michael, but
unless I really goofed it will take Ian more than a single lunch break.
Cheers!
Niels
==============================================================
Niels Ferguson, niels at ferguson.net, phone: +31 20 463 0977
PGP: 3EC2 3304 9B6E 27D9 72E7 E545 C1E0 5D7E
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list