DOS attack on WPA 802.11?

Donald Eastlake 3rd dee3 at torque.pothole.com
Fri Nov 29 22:48:05 EST 2002 

Arnold,

If you want to play with this as in intellectual exercise, be my guest.  
But the probability of changing the underlying IEEE 802.11i draft
standard, which would take a 3/4 majority of the voting members of IEEE
802.11, or of making the WiFi Alliance WPA profiling and subseting of
802.11i incompatible with the standard, are close to zero.

Fri, 29 Nov 2002, Arnold G. Reinhold wrote:

> Date: Fri, 29 Nov 2002 13:53:41 -0500
> From: Arnold G. Reinhold <reinhold at world.std.com>
> To: Niels Ferguson <niels at ferguson.net>
> Cc: cryptography at wasabisystems.com
> Subject: Re: DOS attack on WPA 802.11?
> 
> At 4:57 AM +0100 11/19/02, Niels Ferguson wrote:
> >At 21:58 18/11/02 -0500, Arnold G Reinhold wrote:
> ...
> 
> >
> >>Third, a stronger variant of WPA designed for 11a could also run on
> >>11b hardware if  there is enough processing power, so modularization is
> >>not broken.
> >
> >But there _isn't_ enough processing power to run a super-Michael. If there
> >were, I'd have designed Michael to be stronger.
> 
> I'm not sure that is true for all existing 802.11b hardware. And 
> vendors of new 802.11b hardware could certainly elect to support the 
> stronger variant of WPA.

Of course it is not true for all existing hardware. TKIP neede to run on 
more or less the feeblest legacy 802.11b hardware. Vendors of new 
hardware are intetested in supporting the stronger mandatory parts of 
802.11i (which will be know as WPA v2). The only reason I can think of 
that a vendor might want to support something incompatible is to lock in 
customers, probably because they had at least a patent pending on it.

> >Maybe you are suggesting is to add yet another cryptographic function; the
> >current Michael for existing hardware and a super-Michael for newer 802.11a
> >hardware. Developing super-Michael would cost a couple of month and a lot
> >of money. I would consider that a waste of effort that should have been
> >spent on the AES-based security protocols. That is where we are going, and
> >we need to get there ASAP. It is perfectly possible to design 802.11a
> >hardware today that will be able to implement the future AES-based security
> >protocols. That is what software updates are for.
> 
> ...

Donald
======================================================================
 Donald E. Eastlake 3rd                       dee3 at torque.pothole.com
 155 Beaver Street              +1-508-634-2066(h) +1-508-851-8280(w)
 Milford, MA 01757 USA                   Donald.Eastlake at motorola.com


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list