Researchers Claim to Crack 802.1x WiFi

satsujin writes: "Researchers from the University of Maryland have released a paper on the weaknesses found in the 802.11x protocol. It looks like it might not be as strong as Cisco has contended."

802.1x NOT 802.11x

[John2583]

The articles states this clearly. There is a differnce in meaning, I believe.

Ha come on!

Well, wasn't it obvious that without the Dynamic WEP key you could hijack the connection? But with the WEP things are a lot different than they describe as the man-in-the-middle doesn't know a thing about the session key and the protocol to negotiate those are mutual authentication based.

Except that those DOS attack are still present.

So which is it? 802.1x or 802.11x?

Sure, I know the article only says "802.1x" but slashdot says 802.11x so they MUST have broken 802.11x instead!!!!

Classical goofs

[gweihir]

In any good crypto lecture you learn that there are two parts to authentication:

1. Authentication of both sides towards the other.
   
2. Keeping up the authentication while you communicate.
   

Seems these people goofed in both tasks! First they did not do two-way authentication. So everybody can claim to be the non-authenticated party. Then they used a form of authentication that allows a succesful imposter to now pose as the authenticated party. And third they did not prevent session hijacking, i.e. do not keep up the authentication!

Very, very incompetent. Obviously these people did not have a good crypto lecture or did not understand what they where supposed to learn there.

And they apperaently did not even read the specification of the infrastructure they are using. My favorite quote:

"If you look at the 802.1x, they tell you the 1x protocol is insecure when used in a shared medium environment unless a security association is established. Since 802.11 doesn't do that, so by IEEE's own words it is insecure," Arbaugh said.