[8593] in cryptography@c2.net mail archive
Re: 802.11 Wired Equivalent Privacy (WEP) attacks
daemon@ATHENA.MIT.EDU (itojun@iijlab.net)
Tue Feb 13 20:34:32 2001
To: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: cryptography@c2.net, wep@isaac.cs.berkeley.edu
In-reply-to: reinhold's message of Thu, 08 Feb 2001 12:05:32 EST.
<v04210112b6a72d86a6b5@[24.218.56.92]>
X-Template-Reply-To: itojun@itojun.org
X-Template-Return-Receipt-To: itojun@itojun.org
From: itojun@iijlab.net
Date: Sat, 10 Feb 2001 05:55:53 +0900
Message-ID: <23023.981752153@coconut.itojun.org>
>WF1
>
>In WF1 the 802.11 WEP keys would be changed many times each hour, say
>every 10 minutes. A parameter, P , determines how many time per hour
>the key is to be changed, where P must divide 3600 evenly. The WEP
>keys are derived from a master key, M, by taking the low order N
>bits (N = 40, 104, whatever) of the SHA1 hash of the master key with
>the date and time (UTC) of the key change appended.
>
> WEPkey = Bits[0-N](SHA1(M | yyyymmddhhmmss))
(snip)
>Clearly good synchronization of the time-of-day clock on each node is
>essential in WF1, but protocols already exist that can do this over
>a network. Small synchronization discrepancies can be handled by the
>802 retry mechanism and should look very much like a short RF outage.
i see chicken and egg loop here - for instance, if I've got a laptop
with 802.11 card only, I need to use the 802.11 network to synchronize
clock. i'm not sure if WF1 is workable (if you have other secure
channel for synchronizing clock, you are okay - but then why bother
using 802.11?).
itojun
