Re: WEP+: In hardware, firmware, or software?


From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-04-20 04:48:18 UTC



On Fri, Apr 19, 2002 at 08:32:32PM -0500, Brian Capouch wrote:

> Wondering if anyone out there could comment on the "vulnerability
> situation" of the WEP that has been recently added to the HostAP driver.

Is "It is not secure" clear enough? ;-)

> My understanding is that the fix is in firmware (a la WEP+ that Lucent
> claims is now in their Prism cards) and if that is the case then the
> question would be what is in the current Prism2 firmware.

I don't know fully, what ORiNOCO's WEP+ (or WEPplus) means. If it is just starting from random IV and avoiding (some) weak keys, then similar features are present in the host-driver side implementation of WEP in the Host AP driver. However, you should also note that the client stations should have similar improvements and anyway, there are still problems with allowing same IV to be used again or too short key (if 40-bit WEP is used).

> Someone else suggested that no, the solution is in key selection, and
> that is a software function and so then the question would be what
> support is in the HostAP driver in that respect.

Current Host AP driver does not support individual keys for different stations. I may add support for it at some point. In addition, one would need to use a separate mechanism for key distribution between the AP and stations. I'm also planning on adding optional configuration for doing WEP (or any other algorithm for that matter) in the host-driver for TX and/or RX and using any operation mode (Master/Managed/Ad-hoc).

That said, I would still recommend using IPSec or secure shell tunnels etc. on top of link layer. WEP could still be used if it is required for some reasons, but the real security would then be provided on higher layer.

-- 
Jouni Malinen                                            PGP id EFC895FA


This archive was generated by hypermail 2.1.4.