[12055] in cryptography@c2.net mail archive
Re: DOS attack on WPA 802.11?
daemon@ATHENA.MIT.EDU (Arnold G Reinhold)
Tue Nov 19 16:27:29 2002
Date: Fri, 15 Nov 2002 18:15:18 -0500
From: Arnold G Reinhold <reinhold@world.std.com>
To: Niels Ferguson <niels@ferguson.net>
Cc: <cryptography@wasabisystems.com>
In-Reply-To: <3.0.3.32.20021113144914.00ae55a0@pop.xs4all.nl>
I agree that we have covered most of the issues. One area whre you have
not responded is the use of WPa in 802.11a. I see no justification for
intoducing a crippled authentication there.
Also here is one more idea for possibly improving Michael.
Scramble the output of Michael in a way that depends on the MIC key, K.
This could be as simple as rotating each output word a number of bits
derived from K. Or you could generate a 8 by 8 permutation from K and
apply it to the bytes in the Michael output. you might even be able to use the
small cipher that is used to generate the individual packed encryption
keys in WPA.
This would break up an attack that depends on messing with the bits of the
MIC in the message. It does nothing for attacks on parts of the message
body. Any additional integrety check on the message would catch that,
however.
On the other hand it is very cheap and might interfere with future more
sophisticated attacks.
Arnold Reinhold
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
