[8564] in cryptography@c2.net mail archive
Re: 802.11 Wired Equivalent Privacy (WEP) attacks
daemon@ATHENA.MIT.EDU (Eric Rescorla)
Tue Feb 6 14:55:29 2001
To: cryptography@c2.net
Reply-To: EKR <ekr@rtfm.com>
Mime-Version: 1.0 (generated by tm-edit 7.108)
Content-Type: text/plain; charset=US-ASCII
From: Eric Rescorla <ekr@speedy.rtfm.com>
Date: 05 Feb 2001 15:16:45 -0800
In-Reply-To: "P.J. Ponder"'s message of "Mon, 5 Feb 2001 13:08:04 -0500 (EST)"
Message-ID: <kjpugwsote.fsf@romeo.rtfm.com>
"P.J. Ponder" <ponder@freenet.tlh.fl.us> writes:
> as reported on Good Morning Silicon Valley:
>
> Researchers from UC Berkeley and private security firm Zero-Knowledge
> Systems have uncovered a means of disrupting the Wired Equivalent Privacy
> (WEP) algorithm, an important part of the 802.11 corporate standard for
> wireless computer networks. While data transmitted over these networks is
> encrypted, the researchers determined that it was easy to modify 802.11
> equipment to pillage that data.
>
> http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
I'm a little unclear on what's supposed to be the new information here.
The fact that the per-packet IV was way too short and that you could
build a lookup table for packets has been known for months. It was already
old news at IETF San Diego in early December.
I'm not sure about the other attacks--though the MAC problem is
pretty obvious once you know that it's CRC and encrypted with RC4.
-Ekr
[Eric Rescorla ekr@rtfm.com]
http://www.rtfm.com/
