Page 218 - StudyBook.pdf
P. 218

202    Chapter 4 • Communication Security: Wireless

             (GRE) and transport layer protocols to encapsulate and transport data. HTTP-S
             and Secure Shell (SSH) are application layer (layer 7) protocols for encrypting data.
             Because of the complexity of the 802.11 MAC and the amount of processing
             power it requires, the 802.11 standard made 40-bit WEP an optional implementa-
             tion only.

             Vulnerability to Plaintext Attacks
             From the outset, knowledgeable people warned that WEP was vulnerable because
             of the way it was implemented. In October 2000, Jesse Walker, a member of the
             IEEE 802.11 working group, published his now famous paper,“Unsafe at Any Key
             Size:An Analysis of WEP Encapsulation.”The paper points out a number of serious
             shortcomings of WEP and recommends that WEP be redesigned. For example,
             WEP is vulnerable to plaintext attacks because it is implemented at the data link
             layer, meaning that it encrypts IP datagrams. Each encrypted frame on a wireless
             network contains a high proportion of well-known TCP/IP information, which
             can be revealed fairly accurately through traffic analysis, even if the traffic is
             encrypted. If a hacker can compare the ciphertext (the WEP-encrypted data) to the
             plaintext equivalent (the raw TCP/IP data), they have a powerful clue for cracking
             the encryption used on the network.All they would have to do is plug the two
             values (plaintext and ciphertext) into the RC4 algorithm used by WEP to uncover
             the keystream used to encrypt the data.

             Vulnerability of RC4 Algorithm
             As discussed in the previous paragraph, another vulnerability of WEP is that it uses
             RC4, a stream cipher developed by RSA to encrypt data. In 1994, an anonymous
             user posted the RC4 algorithm to a cipherpunk mailing list, which was subse-
             quently re-posted to a number of Usenet newsgroups with the title “RC4
             Algorithm Revealed.” Until August 2001, it was thought that the underlying algo-
             rithm used by RC4 was well designed and robust, so even though the algorithm
             was no longer a trade secret, it was still thought to be an acceptable cipher to use.
             However, Scott Fluhrer, Itsik Mantin, and Adi Shamir published a paper entitled,
             “Weaknesses in the Key Scheduling Algorithm of RC4” that demonstrated that a
             number of keys used in RC4 were weak and vulnerable to compromise.The paper
             designed a theoretical attack that could take advantage of these weak keys. Because
             the algorithm for RC4 is no longer a secret and because there were a number of
             weak keys used in RC4, it is possible to construct software that is designed to break
             RC4 encryption relatively quickly using the weak keys in RC4. Not surprisingly, a




          www.syngress.com
   213   214   215   216   217   218   219   220   221   222   223