-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > So when rotating the key every 3 minutes, it is still unhackable. You > might be able to decript the 3 minutes of traffic.
This is incorrect; there are plenty of mechanisms to manipulate the network even with very short key rotation. Further, I don't believe many implementations even rotate unicast keys regularly; you might want to ask your AP provider about that. If you want to watch for yourself, capture a trace for 10 minutes for a single station and watch the WEP IV counter (you'll need a station that selects WEP IV sequentially). If it resets to 0 every 3 minutes, you may have key rotation support on your AP. If not, chances are you use the same WEP key for the duration of the client's session, until they logoff and login again. > We have tried the method, but see no possibility with short rotation > times. Attacks like the WEP ICV inverse induction (chopchop) and replay attacks and PRGA determination from the 802.2 LLC header (Sorbox) are all possible with short key rotation intervals. On an 802.11a network, I wouldn't be surprised if traffic injection attacks are able to generate the 100,000+ packets needed to mount the extended FMS attacks within 3 minutes. WEP does not provide a measure of security that can be relied upon for confidentiality or integrity of wireless networks. Move to WPA2 if at all possible. - -Josh -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFFRLOHTS8i9jZYpL8RAt43AJ9gPFzgvTlnjIDGIZOGW7Iuoca3qACdEmI1 dWAv62a2Z0z3qpmHYVkr83Y= =hS05 -----END PGP SIGNATURE----- ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
