Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Fast Packet Keying" Improvements to WEP

Posted by michael on from the what-me-worry dept.

Weedstock writes: "BBC Tech News has an article about the latest development in wireless networking security. It seems that RSA Security has improved the encryption system used by the protocol. Will this new update finally make wireless networking secure? You can also find a list of papers about wireless security issues here." RSA has a press release about their changes to WEP being accepted by the 802.11 committee.

15 of 88 comments (clear)

  1. Fast packet keying again ? by tempmpi · · Score: 4, Redundant

    http://slashdot.org/article.pl?sid=01/12/17/185320 6&mode=thread

    --
    Jan
  2. Don't embed engryption.. by zcat_NZ · · Score: 3, Interesting

    My own view is simple; encryption shouldn't be done at the hardware layer. Assume that everything on the network is wide open and use SSH / SSL on each protocol or an encrypted VPN.

    This way you can be sure everything is encrypted consistently from the host machine all the way to the client, even when your packets pass through 'unknown' equipment.

    The other advantage of this approach is that you can get all your hardware cheap on ebay because everyone else is abandoning them as 'not secure enough' :)

    --
    455fe10422ca29c4933f95052b792ab2
    1. Re:Don't embed engryption.. by Detritus · · Score: 3, Interesting

      The conservative approach is to use both link and end-to-end encryption.

      --
      Mea navis aericumbens anguillis abundat
  3. I know... by The+Paradox · · Score: 3, Insightful
    ...that it isn't fashionable - or geeky - or (mostly) smart - to thumb one's nose at security issues. But frankly... I'm not that worried about 802.11b's encryption problems. Why? I use 802.11b over my home network, totally unencrypted. I live on a dead-end court, so "war drivers" aren't an issue, especially since the access point I'm using has an effective range that makes me turn the 'top the right way to get reception when I'm on the other side of the house (not centered, because of layout issues).

    Yes, I know, perhaps it's stupid of me, and I'm planning to set up some kind of security. But for many users out there - the people who wanna be able to check their email from the kitchen - weak security is just not a problem. Just so long as the spooks don't start wanting wireless access... :D

    --
    Pain(n): when you're telnetting into a box doing somethin cool, and some luser calls for help with a 'critical error' ad
  4. yawn by jeffy124 · · Score: 3, Redundant

    old news

    --
    The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
  5. Re:What I want to know is... by Waffle+Iron · · Score: 3, Interesting
    Can I get this for my Linksys hardware in a firmware update?

    I'd like to know that too, but for my WaveLan cards. And if it can't be upgraded, I want a refund on the $20 extra per card I paid to get "128-bit" (yeah, as if) encryption.

  6. not that secure by xtp · · Score: 5, Informative

    The press releases are designed to soothe security-minded corporate customers and disguise the remaining technical issues with WEP, such as
    1. the key-mixing technique was diluted in strength so that the overhead of firmware upgrades would be acceptable. The "improved" technique has been changed a few times as weaknesses were discovered. It is quite possible that the new WEP can be cracked as thoroughly as the original.
    2. the key-mixing technique requires that a new temporal key be set up every 16K packets - a sign of weakness. The 802.1X procedures for setting up the temporal keys have not been finalized and contain weaknesses.
    3. it is debateable whether the 802.1X temporal key procedures, once finalized, will be practical at higher PHY rates of 802.11g or 802.11a since the rate of temporal key updates must be greater than the lower rates needed for 11b.

    It is more foolproof to rely on IPSEC as other posters observe. The argument against IPSEC and for wireless link crypto is based on the perceived overhead of forcing everything on an internal enterprise network to run IPSEC so that the wireless subnet can be secure. For SOHO setups this should not be an issue.

    1. Re:not that secure by hawkfan · · Score: 5, Interesting

      The argument against IPSEC and for wireless link crypto is based on the perceived overhead of forcing everything on an internal enterprise network to run IPSEC so that the wireless subnet can be secure.

      Using IPSEC on the wireless network only requires the wireless stations and a gateway to run IPSEC. The IPSEC gateway acts like a normal router to the rest of the network. You can even do transparent gatewaying based on proxy-arp.
      Our laptops use 802.11b cards without WEP and 2 Linux machines with Prism2 based cards operating in HostAP mode. One AP handles the encryption and allows handoff to the other via proxy-arp depending on which AP has the link to a particular station on their own wired subnet. The primary AP acts as a router to the rest of the unencrypted wired lan. All the stations on the wireless lan are configured to drop all but the IPSEC traffic. This not only protects against spoofing and hijacking on the wireless lan but also gives strong encryption to the traffic.
      After the pleasant experience I had with Freeswan on the wireless network I'm considering bringing IPSEC to the rest of the wired network.

    2. Re:not that secure by swillden · · Score: 3, Insightful

      All the stations on the wireless lan are configured to drop all but the IPSEC traffic.

      Bravo! This is the absolutely crucial element that most people miss. If any of the wirelessly-connected stations accept any non-authenticated traffic, they're vulnerable to being compromised, which, in turn, compromises the entire network, wired and wireless.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    3. Re:not that secure by swillden · · Score: 3, Insightful

      The "improved" technique has been changed a few times as weaknesses were discovered. It is quite possible that the new WEP can be cracked as thoroughly as the original.

      Remember, it's a *good* thing that the new technique has been cracked a few times. Had serious (or even rudimentary) cryptanalysis been applied to the original protocol, we'd never have gotten into this mess. RSA Data knows how to create good cryptography, and wireless networking is important enough that many other people will take a hard look at this new protocol before it's implemented.

      the key-mixing technique requires that a new temporal key be set up every 16K packets - a sign of weakness

      Very possibly. It certainly seems not to leave a whole lot of margin for improvement in the face of any new attacks. However, I don't know how much conservatism is built into the 16K number.

      It is more foolproof to rely on IPSEC as other posters observe.

      Absolutely. As long as all hosts have firewalls that drop all non-IPSEC traffic. However, it's worth remembering that the original intent of WEP was to build something that approximated the security of a wired network. Although the first attempt failed utterly, if the upgraded protocol can just make all passive attacks infeasible and make active attacks fairly difficult then the original intent will have been achieved.

      Had it been designed by knowledgeable cryptographers, WEP would have been as strong as IPSEC, which would have been great. As things are now, the patched system won't ever be as good as WEP could have been, but it probably will be as strong as it needs to.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  7. will it make it secure? by Lumpy · · Score: 3, Interesting

    not unless it's a firmware update that fixes all current equipment. There is alot of 802.11b stuff out there. much of it is 24-40 bit only. Most everyone using it hasn't a clue about firmware updates or even security problems for that matter (The sheer number of open 802.11b networks I can snif that have no encryption is proof of that.

    They need to make this a part of the driver and make the driver force a firmware update and enable it by default if securing wireless is important. Otherwise this is only an expected feature of the new stuff that I'll buy in about 2-3 years.

    --
    Do not look at laser with remaining good eye.
  8. Credit where credit is due? by William+Tanksley · · Score: 3, Interesting

    I wonder... The press release quotes a PhD from Hifn and a marketing droid from RSA, and says that RSA and Hifn developed this together.

    I know RSA's the big name here, but I wonder whether they merely contributed the name, not the research.

    -Billy

  9. darn by NotAnotherReboot · · Score: 3, Funny

    I rather enjoy going to colleges' student centers and reading everyone's email. Hope this won't change my ways.

  10. Fast Packet Keying by afidel · · Score: 3, Interesting

    Already implemented in Cisco's newest firmware, acu and drivers (both Linux and Windows). Since the old firmware wasn't even vulnevable to airsnort unless there were VERY determined hackers out there Cisco gear hasn't been vulnerable at all. With the new firmware they also implemented per packet hashing so spoof attacks are foiled.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  11. The problem with WEP by XNormal · · Score: 3, Interesting

    The real problem with WEP isn't the weak method it uses to generate RC4 keys. I've seen with my own eyes many networks that don't even have encryption enabled.

    The real problem is that encryption is:

    A. Optional.
    B. Difficult to set up.

    WEP isn't close to being "wire equivalent" because wires are, by default, pretty secure. You don't need to manually enable 'no-public-hub-ports-on-external-walls' mode with a wired Ethernet.

    A wire isn't just a way to get the bits from A to B - it also acts as a user interface for associating machines with networks. I bet you didn't think of the patch panel in the server room as a user interface, right? Actually, it's a pretty good user interface. It's much more intuitive than any GUI and very reliable (ok, so it's a little messy, but so is my desktop :-)

    Here's an idea for how WEP could have been much closer to 'wired equivalent':

    When you set up the device on your machine it scans for available networks and shows a list. You choose one. It then tells you to press a key at the same time as pressing a button on the access point.

    If you have physical access to the access point you can do it yourself. Otherwise you call the admin on the phone and after checking your identity (usually it's just a matter of recognizing your voice) the admin tells you to press the key '...now!'. That's it. You're on the network, with securely configured strong encryption.

    This can be much more secure that it appears - the key is exchanged using Diffie-Hellman key exchange so eavesdropping is not possible. Man-in-the-middle attacks are difficult in a shared medium such as wireless where everyone hears everyone else: if the two participants are careful they can detect such attacks. To prevent attempts to 'take a ride' and join the network at the same time as another machine the access point will verify that there are no other attempts to join the network within a certain period before or after the time window for 'simultaneous' button presses (actually within plus or minus a few hundred milliseconds).

    Now, what are the chances of some company actually implementing this?

    --
    Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.