Slashdot Mirror
"Fast Packet Keying" Improvements to WEP
Weedstock writes: "BBC Tech News has an article about the latest development in wireless networking security. It seems that RSA Security has improved the encryption system used by the protocol. Will this new update finally make wireless networking secure? You can also find a list of papers about wireless security issues here." RSA has a press release about their changes to WEP being accepted by the 802.11 committee.
fp!
1st post at 14.4Kbps
This early post for Ida! I love you!
Slashdot - contra bonos mores
http://slashdot.org/article.pl?sid=01/12/17/185320 6&mode=thread
Jan
This is even better!
http://slashdot.org/article.pl?sid=01/12/17/185320 6&mode=thread
/., this /and/ the gift card thing? Is it really /that/ slow of a day for news?
Geeze
Malda's Ex-GF
My own view is simple; encryption shouldn't be done at the hardware layer. Assume that everything on the network is wide open and use SSH / SSL on each protocol or an encrypted VPN.
:)
This way you can be sure everything is encrypted consistently from the host machine all the way to the client, even when your packets pass through 'unknown' equipment.
The other advantage of this approach is that you can get all your hardware cheap on ebay because everyone else is abandoning them as 'not secure enough'
455fe10422ca29c4933f95052b792ab2
Michael, will this new "Fast Packet Keying" make it easier for you to censor people?
Why do I keep receiving emails from an individual calling himself CmdrTaco?
Mr. Malda seems to be speaking in some sort of code. Do you know what it means?
Good Lord. And, yes, he did. What is Taco-snotting?
Ewwwwww. So, can I stop receiving these emails?
I cant stop receiving these emails from CmdrTaco!?
Have you ever been Taco-snotted?
That is so disgusting! How did you finally escape?
Thats horrible. Does Taco-snotting have anything to do with CmdrTacos special taco?
Does Jon Katz get involved in any of this? I thought he was a pædophile, not a homosexual.
Are you getting hard writing this?
No, thanks. Im already CmdrTacos boi toi.
________________________________________J. Wipo Troll, Esq.
Crapflooder Associates
Slashdot.org
Yes, I know, perhaps it's stupid of me, and I'm planning to set up some kind of security. But for many users out there - the people who wanna be able to check their email from the kitchen - weak security is just not a problem. Just so long as the spooks don't start wanting wireless access... :D
Pain(n): when you're telnetting into a box doing somethin cool, and some luser calls for help with a 'critical error' ad
NEW YORK -- The Rev. Al Sharpton said Saturday that New York should spend millions of dollars on the city's homeless, not a pair of new baseball stadiums for the Yankees and the Mets.
"I call on Mayor-elect Bloomberg to build housing for people, not stadiums for recreation," Sharpton told several hundred worshippers at his National Action Network in Harlem.
On Friday, just days before leaving office, Mayor Rudolph Giuliani announced a tentative $1.6 billion deal to build new retractable roof ballparks in Queens and the Bronx to replace aging Shea and Yankee stadiums. The costs would be split evenly between the city and the teams.
Mayor-elect Michael Bloomberg has reacted cautiously to the Giuliani plan, saying that he first needs to see how the city's economy recovers from the Sept. 11 attacks.
Sharpton blasted Giuliani for placing the needs of wealthy sports teams above the city's rising homeless population. The Coalition for the Homeless reported last month that there are now nearly 30,000 homeless adults and children in New York City shelters -- an all-time high.
But if the stadiums are constructed, Sharpton said, the city should use affirmative action to ensure that minority contractors have a hand in the lucrative work.
"When you get to building stadiums make sure you build them with everyone in town involved," he said.
If the deal moves forward, the Mets could open their new park in 2006, while the Yankees' new stadium would be ready in 2007.
Sharpton's remarks come after a midtown Manhattan church filed a lawsuit to block city police from arresting homeless people that it has permitted to sleep on its steps and sidewalk. A federal judge on Friday extended a temporary order that barred the city from carting away the homeless outside the Fifth Avenue Presbyterian Church.
Anti lameness filter crack 010110101011001010101101010101010101010 fdfdsafds dfsadffd dff f f lkfds fsfd sdf fd943 fddf k;fds kfjfd df f fdk fdkdf fkjfd f jf ff jksf dfk df dsf fd fdkf dfdsfdkldfskdf sfdfddfjfdlkd fdcxf dc9r9 4kjfl;fdfdl dsd fjkf
old news
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
Just use a form of VPN to get your security over a wireless network. Remember, ethernet isn't secure either.
It is probably better to use your own encryption tools anyway, since built-in schemes will likely be obsoleted eventually.
Due to the lameness filters, this comment cannot be displayed!
IPSec is what I'm planning to use to make my future wireless LAN be secure.
Old 486 laptop with broken screen + OpenBSD + some 802.11 card = "no kids breaking into your network via wireless" for under $100.
A year full of trolls, cowards and goatse.cx links!
Can I get this for my Linksys hardware in a firmware update?
IPSec solves this problem. And the much more common of someone plugging into a wire or hub between point A and point B. And the man-in-the-middle problem, for some networks. For some reason people seem to think it'l only work with IPv6 but it works fine with IPv4. You don't need to pay extra for a card that supports >40 bit encryption, either. All you need is an OS that supports it. Even Microsoft supports IPSec these days. Why are people still worrying about 802.11-level encryption when true end-to-end encryption is better and cheaper?
$ SU /dev/zero /dev/mem
$ cp
Just goes how easy it is for mr root to fuck up your "oh so reliable" operating "system"
Offtopic, but here is a link for a project to attempt converting 2.4 GHz 802.11b wireless LAN cards down to the 900 MHz band to help overcome non line-of-sight issues.
here's the link
If you say anything nasty we will give you taco snotting!
-Rob malda
-J0n Katz
-C0wb0y neal
Why do I keep receiving emails from an individual calling himself CmdrTaco?
Mr. Malda seems to be speaking in some sort of code. Do you know what it means?
Good Lord. And, yes, he did. What is Taco-snotting?
Ewwwwww. So, can I stop receiving these emails?
I cant stop receiving these emails from CmdrTaco!?
Have you ever been Taco-snotted?
That is so disgusting! How did you finally escape?
Thats horrible. Does Taco-snotting have anything to do with CmdrTacos special taco?
Does Jon Katz get involved in any of this? I thought he was a pædophile, not a homosexual.
Are you getting hard writing this?
No, thanks. Im already CmdrTacos boi toi.
________________________________________J. Wipo Troll, Esq.
Crapflooder Associates
Slashdot.org
This article has been out for a while. move on, nothing to see here. You're probably gonna have to complain to get your 802.11 wireless lan cards updated.
News? This is fucking ancient history bastards! God I hate this room.
Q: Why is a chicken when it rains?
A: Because the slower, the farther.
The press releases are designed to soothe security-minded corporate customers and disguise the remaining technical issues with WEP, such as
1. the key-mixing technique was diluted in strength so that the overhead of firmware upgrades would be acceptable. The "improved" technique has been changed a few times as weaknesses were discovered. It is quite possible that the new WEP can be cracked as thoroughly as the original.
2. the key-mixing technique requires that a new temporal key be set up every 16K packets - a sign of weakness. The 802.1X procedures for setting up the temporal keys have not been finalized and contain weaknesses.
3. it is debateable whether the 802.1X temporal key procedures, once finalized, will be practical at higher PHY rates of 802.11g or 802.11a since the rate of temporal key updates must be greater than the lower rates needed for 11b.
It is more foolproof to rely on IPSEC as other posters observe. The argument against IPSEC and for wireless link crypto is based on the perceived overhead of forcing everything on an internal enterprise network to run IPSEC so that the wireless subnet can be secure. For SOHO setups this should not be an issue.
Comment removed based on user account deletion
Whats black, blue and green and doesnt like sex? The Girl Scout locked in my basement. Whats the worst part about having sex with a six year-old? Getting the blood out of your clown suit. Whats the best thing about getting a hand job from a five year-old? That little hand makes your thing look really huge. Guy comes home from work to find his girlfriend sitting on the porch, crying. Whats wrong, honey? Im leaving you! I just found out youre a pædophile! Pædophile? Why, thats a pretty big word for a ten year-old. How can you tell when your sisters on her period? When your dads dick tastes like blood! Two pedophiles are lying on a beach tanning, one turns to the other and says, Excuse me, youre in my son. Whats 18 inches long, blue, veiny, and makes a woman cry? Crib death. How could the mans seven year-old son tell that his dad had fucked his eight year-old sister? His dads weiner tasted like blood! Watson returns home to find Holmes in bed with a child. He shouts, Is this some sort of a schoolgirl? Holmes replies, Elementary, my dear Watson. So I was having sex with my girlfriend, and I decided I wanted to get kinky and try and do her in the ass. So I slipped around back; she looked over her shoulder at me and said, My, how presumptuous of you. I said, Presumptuous? Thats a big word for a ten year-old. Two guys are walking down the street when a beautiful woman passes. The first guy says, Damn! Id love to tear her clothes off, do her in the rear, smear my fæces all over her, slice off her breasts, chop her into little pieces, put her in a garbage bag and toss her into the river! Second guy says, Yuck! Youre a sick bastard! First guy says, Whatre you? A fag? A kindergarten teacher is asking the kids what their father does for a living. All the kids answer except for Little Johnny. The teacher asks Little Johnny what his Dad does and Johnny replies, My dad is dead. The teacher says, Thats terribile, but what did he do before he died? Little Johnny replies, He turned blue and shit all over himself! A guy calls in sick to work. Whats wrong? asks the boss. Im sick, the guy replies. You sound all right. No, Im really sick. Believe me. Listen, you were fine yesterday, and we have a lot of work today. I want you in here. You cant be that sick! Dude, I just banged my sister. Dont tell me Im not sick. A little girl accompanied her father to the barbershop. While her dad received a haircut, the little girl stood next to the barber chair, enjoying a snack cake. The barber smiled at her and said, Sweetheart, youre going to get hair on your Twinkie. I know, the little girl replied. Im gonna get tits, too. An older man and a small boy walk hand in hand through the woods. Boy: These woods sure are spooky! Man: You think youre scared, Ive gotta walk out of here alone. Whats the difference between Neil Armstrong and Michael Jackson? One walked on the moon, and the other rapes little boys. Has anyone read Michael Jacksons new book, The Ins and Outs of Child Rearing? Q: Whats the difference between a dead baby and a golden delicious apple? A: I dont cum all over the golden delicious apple before I take a bite out of it. Q: Whats the difference between a dead baby and my girlfriend? A: I dont kiss my girlfriend after sex. Q: What is special about a dead baby over all other forms of life? A: You can achieve deep throat from whichever way you enter. Q: What do you have when you have four dead babies, take away two, and add five more? A: An orgy! Q: Whats the difference between a dead baby and a table? A: You cant fuck a table. Q: Whats white and bobs up and down in a babys crib? A: A pædophiles ass. Q: Whats the safest way to play with a baby? A: With a condom. Q: Whats more fun than feeling up a dead baby? A: Feeling up a dead baby with three nipples. Q: What does a baby and a Pinto have in common? A: Theyre fun to ride until they die. Q: What do you get whan you dislocate a dead babys jaw? A: Deep throat. Q: Whats the difference between a baby and a grandmother? A: Grandmothers dont die when you fuck them in the ass. Q: Whats the best sound in the world? A: Hearing dead babys hips crack under pressure! Q: Whats worse than a having sex with a dead baby? A: Having sex with a dead baby filled with razor blades. Q: How do you stop a baby from choking? A: Take your dick out of its mouth. Q: Whats worse than finding a dead baby on your pillow in the morning? A: Realizing you were drunk and made love to it the night before. Q: How do you make a baby cry twice? A: Wipe your bloody cock on his teddy bear. Whats better than sex with a twelve year-old boy? Absolutely nothing. ________________________________________Thanks to Fark.com for all of these wonderfully sick jokes! I couldnt have done it without you! And thanks to all the Anonymous Cowards who have flamed me, I have three words for you! YHBT! YHL! HAND!
Apparently this post is extremely good at getting biters. According to an anonymous coward, Attorney General Ashcroft is also after little old WIPO Troll now, in addition to the Canadian cops-on-a-horse that another A.C. sent after me a couple days earlier. Well, this should be fun. Keep up the biting, Slashdotters!
________________________________________J. Wipo Troll, Esq.
Crapflooder Associates
Slashdot.org
not unless it's a firmware update that fixes all current equipment. There is alot of 802.11b stuff out there. much of it is 24-40 bit only. Most everyone using it hasn't a clue about firmware updates or even security problems for that matter (The sheer number of open 802.11b networks I can snif that have no encryption is proof of that.
They need to make this a part of the driver and make the driver force a firmware update and enable it by default if securing wireless is important. Otherwise this is only an expected feature of the new stuff that I'll buy in about 2-3 years.
Do not look at laser with remaining good eye.
I wonder... The press release quotes a PhD from Hifn and a marketing droid from RSA, and says that RSA and Hifn developed this together.
I know RSA's the big name here, but I wonder whether they merely contributed the name, not the research.
-Billy
Rotating the keys quickly will not solve the only problems with WEP. In general, encrypting stuff isn't enough. The receiver of encrypted data must insure that the data was not changed in route. Since the packet validator in WEP is CRC rather than something cryptographically strong, it is possible to perform replay attacks, or even worse, replay modified packets and have them be received as if they were legitimate. Even if it is not possible to decrypt packets, the ability to modify and reinject packets and have them be received creates some big problems.
I rather enjoy going to colleges' student centers and reading everyone's email. Hope this won't change my ways.
How about using private/public key cryptography? A randomly-generated private/public keypair can be blown into WiFi cards during manufacturing. When a card hops onto a network, it exchanges public keys with all devices on the network, and seamlessly encrypts all data to that device with the appropriate key. Make it built right in and mandatory. (The size of the key and selection of the algorigthm are left as an exercise for the reader.)
Already implemented in Cisco's newest firmware, acu and drivers (both Linux and Windows). Since the old firmware wasn't even vulnevable to airsnort unless there were VERY determined hackers out there Cisco gear hasn't been vulnerable at all. With the new firmware they also implemented per packet hashing so spoof attacks are foiled.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
- every card knows every other card's public key, so the storage requirement grows polynomially with the size of the network (not good).
- key exchange is a non-trivial step; in order to have adequate security you need to protect against man-in-the-middle attacks.
- using fixed keys is probably not so smart, since recovering the device would mean that you could decode all messages previously sent to that device, and a device with a compromised key could never be used securely again.
Not true, we have a PS2, and we don't have a special remote, and we watched a movie on the conslole it last night using an ordinary dual shock controller that came with the system. It's also documented in the manual. I think this author may be thinking about the Xbox, but I don't have one of those.
My playstation may have a more recent firmware than the author's, we bought it this Christmas. I notice you can view version info when you boot it. Does anyone else have a PS2 that does this?
Too busy staying alive... ~ R.A.
I bet I can key your car faster than these packets can.
The real problem with WEP isn't the weak method it uses to generate RC4 keys. I've seen with my own eyes many networks that don't even have encryption enabled.
:-)
The real problem is that encryption is:
A. Optional.
B. Difficult to set up.
WEP isn't close to being "wire equivalent" because wires are, by default, pretty secure. You don't need to manually enable 'no-public-hub-ports-on-external-walls' mode with a wired Ethernet.
A wire isn't just a way to get the bits from A to B - it also acts as a user interface for associating machines with networks. I bet you didn't think of the patch panel in the server room as a user interface, right? Actually, it's a pretty good user interface. It's much more intuitive than any GUI and very reliable (ok, so it's a little messy, but so is my desktop
Here's an idea for how WEP could have been much closer to 'wired equivalent':
When you set up the device on your machine it scans for available networks and shows a list. You choose one. It then tells you to press a key at the same time as pressing a button on the access point.
If you have physical access to the access point you can do it yourself. Otherwise you call the admin on the phone and after checking your identity (usually it's just a matter of recognizing your voice) the admin tells you to press the key '...now!'. That's it. You're on the network, with securely configured strong encryption.
This can be much more secure that it appears - the key is exchanged using Diffie-Hellman key exchange so eavesdropping is not possible. Man-in-the-middle attacks are difficult in a shared medium such as wireless where everyone hears everyone else: if the two participants are careful they can detect such attacks. To prevent attempts to 'take a ride' and join the network at the same time as another machine the access point will verify that there are no other attempts to join the network within a certain period before or after the time window for 'simultaneous' button presses (actually within plus or minus a few hundred milliseconds).
Now, what are the chances of some company actually implementing this?
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
Of course, aside from the completely bone headed reuse of RC4 keystream, the actual Hard Problem is key distribution. Why the 802.11 guys want to revinvent this is a complete mystery to me. IPsec has IKE -- which is about to get a face lift in the form of either JFK, IKEv2 or most likley a combination of these proposals. IPsec also has KINK (Kerberized IPsec) which is about to go to last call. Eventually, I expect that AAA (DIAMETER) based IPsec keying will be formalized since they're already toeing that line in many areas.
Yet, the 802.11 folks still want to roll their own. Ick. How this will all play out with fast mobility (ie so you can run voip instead of circuit switched voice on CDMA/802.11 dual mode phones that will eventually appear) will be very interesting. My guess is that it won't until somebody takes an integrated look at security, quality of service, admission control, etc. I have some hope that the IETF protocols will eventually get this right, but the best I can hope for the L2 folks is that we can turn all of this krufty L2 wheel-reinvention off.
"fast packet rekeying" is not the same as changing the base keys or master keys (knowledge shared by the endpoints and key distribution system).
Rather, it refers to a technique of using regular
'ol WEP to encipher each packet, but using a different key FOR EACH PACKET. These per-packet keys are computed on the fly using a hash function-like method that scrambles the real key and thus increases the difficulty of attacking the underlying RC4. This technique has been called "key mixing" - a better term than "fast packet rekeying" IMHO - because it avoids confusion with "rekeying" whereby key material is exchanged between endpoints. Rekeying every 16K packets is required in addition to key mixing in order to avoid the passive key recovery methods (airsnort).
By the way, the "real" problem with RC4/WEP is that WEP uses the initial 256 bytes of the RC4 cipherstream. The best "fix" for WEP would be to simply discard all the key flogging trickery, but that approach was rejected because of overhead and difficulty of retrofitting NIC cards that have dedicated RC4 hardware.
It should also be pointed out that spiffing up the WEP does not eliminate attacks whereby 3rd parties inject messages. The rest of the fixup work for WEP involves specifying a separate message authentication function that prevents imposters from sending messages. A good example of what can happen in the absence of authentication is the recent well-publicized weaknesses in Universal Plug and Play. One problem was that an unsolicited UPNP NOTIFY message, if bogus and accepted, initiated a bad chain of events.
Similarly, a rekeying procedure using something like 802.1X is vulnerable to hijacking if the rekey messages are not protected with an authentication function. The bad guy can, in theory, instruct the endpoints to switch to a new key. Of course it's not quite as easy as that because the messages may not be easily forgeable. But if there are ways to forge such messages and there is no authentication function, then the system is wide open.
There is a fair chance that 11b vendors will subset WEP updates in a manner that will may separate message authentication as a configurable option. The result will be a better WEP, but in a system context that can still be compromized although not as easily as before.
Why do you insist on poiting your inanity at +1? Do you think anyone really gives a shit?
I live on a dead-end court too. Two of my neighbors have open 802.11 networks. If I didn't need a static IP address I'd consider dropping my DSL and using theirs; with connection bonding I'd get faster downloads than either of them ;-)