Search /
Advanced search  |  Help  |  Site map
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Heartbleed bug is irritating McAfee, Symantec, Kaspersky Lab
Server makers rushing out Heartbleed patches
6 Social Media Mistakes That Will Kill Your Career
4 Qualities to Look for in a Data Scientist
Big bucks going to universities to solve pressing cybersecurity issues
Mozilla appoints former marketing head to interim CEO
Box patches Heartbleed flaw in its cloud storage systems
Obama administration backs disclosing software vulnerabilities in most cases
6 Amazing Advances in Cloud Technology
Collaboration 2.0: Old meets new
Data breaches nail more US Internet users, regulation support rises
With a Wi-Fi cloud service, Ruckus aims to help hotspot owners make money
How to get Windows Phone 8.1 today
Secure browsers offer alternatives to Chrome, IE and Firefox
10 Big Data startups to watch
Big data drives 47% growth for top 50 public cloud companies
Here are the options with Heartbleed-flawed networking gear (Hint: there aren't many)
Akamai admits its OpenSSL patch was faulty, reissues keys
Second Google Glass user attacked in San Francisco in two months
Microsoft puts the squeeze on Windows to shoehorn it into 16GB devices
An unnecessary path to tech: A Bachelor's degree
Heartbleed Bug hits at heart of many Cisco, Juniper products
iPhone 6 rumor rollup for the week ending April 11

Send to a friend Feedback

Researchers break wireless LAN encryption algorithm

Related linksToday's breaking news
Send to a friendFeedback

Seven months after researchers at the University of California at Berkeley discovered flaws in the encryption algorithm designed to protect wireless LANs, a different group of experts has uncovered a new, more dangerous method of attack that they say should be sounding security alarms throughout the business world.

Researchers from Rice University and AT&T Labs in Florham Park, N.J., published a paper on Aug. 6 outlining a new passive attack that is capable of defeating the 128-bit version of the Wired Equivalent Privacy (WEP) encryption algorithm used to protect 802.11 wireless LANs.

In their paper, the researchers state that all industry standard 802.11 wireless LANs should be viewed as insecure and those users should "treat all systems that are connected via 802.11 as external." They also urged corporate users to "place all access points outside the firewall."

Unlike the Berkeley attack, which required skilled hackers to break the encryption keys, this new attack method "is much stronger and much easier for a generic person to carry out," said Adam Stubblefield, a graduate student at Rice and co-author of the report. "The adversary is completely passive. He can just listen to the network traffic and the victim will never know they've been compromised."

The new attack method discovered by Stubblefield and Aviel Rubin, a researcher at AT&T Labs, came one week after Scott Fluhrer at Cisco Systems and Itsik Mantin and Adi Shamir at the Weizmann Institute in Israel published a paper describing the attack in theory. Stubblefield took that paper and, using a $100 wireless LAN card he purchased from Linksys Group in Irvine, Calif., proved after less than two hours worth of coding that it was possible to recover the 128-bit secret WEP key used in wireless LANs.

However, Rubin said it's important to point out that generic 128-bit encryption is still secure and that this most recent discovery demonstrates flaws in the way WEP uses the WEP RC4 cypher. "You can take cyphers that use a 128-bit key and design or use them in an insecure way. In WEP, it's a flawed design," he said.

Though WEP today uses 64-bit encryption, the industry plans to move to a 128-bit key for additional protection in a new standard due out later this year. But, the Fluhrer paper said, existing weakness in WEP means a successful attack can be mounted against "any key size," including "the revisited version WREP2."

Fluhrer and his colleagues said that WEP could be cracked by exploiting what they called "large classes of weak keys" in the protocol that make it vulnerable to attack. The Fluhrer paper added that attackers could also target another related key vulnerability by exposing part of the key to the attacker. Attackers can "then rederive the secret part by analyzing the initial word of the key streams with relatively little work."

John Pescatore, an analyst at Stamford, Conn.-based Gartner, said his company has been telling clients for some time to run virtual private networks (VPN) to secure wireless LANs. "Treat WLANs like you do the Internet," said Pescatore. "Don't trust the security [that's] built in."

"Some of the vendors like Cisco have built in better security than WEP, but Rubin's attack against streaming crypto shows the need to run proven stuff like IPSec or [Secure Socket Layer]."

For more enterprise computing news, visit Computerworld online. Story copyright 2001 Computerworld, Inc. All rights reserved.

Related Links

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.