[LUG.ro-Wireless] Micro Kown-How
Gus L.
lugro-wireless@lugro.org.ar
Mon, 28 Jul 2003 21:14:17 -0300
> Poseer códigos de encriptación (WEP) entre las comunicaciones con el uso
> de claves que van desde 40 a 128 bits (bueh! en EEUU)
La mayoría de los equipos disponibles en el mercado local soportan 128 bits.
Pero la realidad es que...
"The Wired Equivalent Privacy protocol is incorporated as part of the IEEE 802.11b protocol. Actually, the standard only calls for 40-bit WEP, but almost all vendors offer up to 128-bit WEP.
To secure data, WEP uses the RC4 algorithm to encrypt the packets of information as they are sent out from the access point or wireless network card. This is the same algorithm used in many other Internet applications that require security, such as Secure Sockets Layer (SSL). SSL is the most common protocol used by online stores to encrypt customer information sent over the Internet. This reduces the risk of a hacker sniffing the customer's credit card information off the wire and adds a layer of protection to the transaction process.
RC4 is a secure algorithm, and should remain so for several years to come. However, in this case it is the specific wireless implementation of the RC4 algorithm with respect to the initialization vector that is at fault.
In general, it is difficult to correctly implement strong cryptography. Even if a vendor implements a cipher that is known to be very strong, many times the implementation can weaken the cipher or make it ineffective. Implementation oversights could be as simple as insecure key storage, poor random number generation, or flaws in key generation routines. All of these functions may comprise a cipher without actually being part of the cipher itself. The cipher is at the mercy of these outside functions, and can thus be circumvented or weakened by flaws in those dependencies.
As you will learn, implementation oversights in WEP include a small IV space (IV collisions), large amounts of known plaintext in IP traffic, IV weaknesses, no key exchange/management mechanisms (which leads to the same shared key for all users), very weak packet integrity protection (CRC32), lack of replay protection, and a flawed authentication system. Items not addressed by the 802.11 WEP definitions, such as IV incrementing, also lead to problems with WEP implementations. Most implementations start IV counters at zero upon card initialization, and IV collisions between nodes is very common when users boot in the morning. "
Salu2 / Gustavo.