Professional Documents
Culture Documents
Wireless Security: Why Swiss-Cheese Security Isn't Enough
Wireless Security: Why Swiss-Cheese Security Isn't Enough
Internet
More Motivation
In this talk:
WEP
(encrypted traffic)
(Wired Equivalent
Privacy)
Mar 2000
Oct 2000
Jan 30, 2001
Feb 5, 2001
IV,
P RC4(K, IV)
A Property of RC4
IV,
P RC4(K, IV)
IV,
P RC4(K, IV)
If we send two ciphertexts (C, C) using the same IV, then the
xor of plaintexts leaks (P P = C C), which might reveal
both plaintexts
IV
key
IV
RC4
encrypted packet
checksum
P RC4(K)
P RC4(K) 0x0101
ACK
Summary So Far
Subsequent Events
Jan 2001
Mar 2001
May 2001
Jun 2001
Aug 2001
Feb 2002
War Driving
Wireless Networks in LA
Silicon Valley
San Francisco
A Dual-Use Product
wireless networks
1999 802.11, WEP
1990
TDMA eavesdropping [Bar]
2000
Future: 3rd gen.: 3GPP,
sensor networks
2000
2001
2002
2003 WPA
Future: 802.11i
Berkeley motes
2002
TinyOS 1.0, TinySec
2003
Future: ???
Conclusions