(keitai-l) Re: 802.11b security - WEP is broken

From: Eric Hildum <Eric_Hildum_at_itochu.net>
Date: 08/15/01
Message-ID: <B7A00CA8.465A%Eric_Hildum@itochu.net>
Unfortunately, the IEEE committee made a serious mistake in the key exchange
algorithm, which results in a simple cryptographic attack. Even worse, the
attack is linear with key length, so long keys do not give significant
additional protection against this attack.

You should consider WEP security broken at this point. The problem can be
fixed, but the standards body has not done this yet as the attack was only
announced last month. It will take some time to generate a new standard, and
then all the equipment will need to be upgraded. In the mean time, only data
secured by other means (VPN, SSL, etc.) will be secure.



on 01.8.15 6:11 AM, Benjamin Kowarsch at benjk@mac.com wrote:

> 2) WEP encryption
> 
> this means nothing is sent unencrypted. BTW 802.11b uses DSSS,
> (Direct sequence spread spectrum), which was originally developed for
> secure military applications and if we would discuss 3G and security
> here you would probably explain to me how secure 3G is because of
> DSSS.

-- 
Eric Hildum 


[ Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/ ]
Received on Wed Aug 15 21:14:42 2001