[9553] in cryptography@c2.net mail archive
Re: New encryption technology closes WLAN security loopholes
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Mon Oct 1 18:37:16 2001
From: "Steven M. Bellovin" <smb@research.att.com>
To: Bill Stewart <bill.stewart@pobox.com>
Cc: Udhay Shankar N <udhay@pobox.com>, cryptography@wasabisystems.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Mon, 01 Oct 2001 18:24:55 -0400
Message-Id: <20011001222455.CF6477BFE@berkshire.research.att.com>
In message <5.0.2.1.1.20011001002633.036f94a0@idiom.com>, Bill Stewart writes:
>
>One interesting issue with radio networks is Man-in-the-middle attacks,
>because nobody can intercept a request and forward it
>faster than you can receive it directly, unless there are
>distances that are too far for the two parties to reach each other
>but still let the MITM contact both.
>
Move up the stack a bit. The way to launch a MITM attack on wireless
is via ARP-spoofing. *Maybe* the gateway will notice an ARP entry
being overwritten -- but most likely, a human will not.
--Steve Bellovin, http://www.research.att.com/~smb
http://www.wilyhacker.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
