Unfortunately right now, anyone with a NIC card and laptop can deny service to multiple AP's on a WLAN using tools available on the Internet. This is true for the current and ALL future standards, and each case they don't have to resort to sending malformed frames to TKIP. It is just a simple, unprotected by a MIC/MAC, disassociate message.
On Thursday, Dec 5, 2002, at 12:40 US/Eastern, Arnold G. Reinhold wrote:
At 10:48 PM -0500 11/29/02, Donald Eastlake 3rd wrote:Arnold,Cryptographic standards should be judged on their merits, not on the bureaucratic difficulties in changing them. Specs have been amended before. Even NSA was willing to revise its original secure hash standard. That's why we have SHA1. If I am right and WPA needlessly introduces a significant denial of service vulnerability, then it should be fixed. If I am wrong, no change is needed of course.
If you want to play with this as in intellectual exercise, be my guest.
But the probability of changing the underlying IEEE 802.11i draft
standard, which would take a 3/4 majority of the voting members of IEEE
802.11, or of making the WiFi Alliance WPA profiling and subseting of
802.11i incompatible with the standard, are close to zero.
Check out the President's message for September 202 at the Association of Old Crows web site ("Serving the Electronic Warfare and Information Operations Community"): http://www.aochq.org/news.htm
Arnold Reinhold
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]