[12123] in cryptography@c2.net mail archive
Re: DOS attack on WPA 802.11?
daemon@ATHENA.MIT.EDU (Derek Atkins)
Sun Dec 8 17:39:07 2002
To: daw@mozart.cs.berkeley.edu (David Wagner)
Cc: cryptography@wasabisystems.com
From: Derek Atkins <derek@ihtfp.com>
Date: 08 Dec 2002 17:18:31 -0500
In-Reply-To: <at0dfa$4co$1@abraham.cs.berkeley.edu>
The answer is multi-fold.
1) The 802.11i standard wont be finished for a while.
2) There is an apparent Market Requirement for something better than
WEP __NOW__.
3) The WPA can only change their "requirements" once per year, so even
if 802.11i were ready in 3 months, it would still take another year
until it hit the WPA conformance requirements. But they wanted to
make some changes _now_ in order to get "better" security into next
year's product line.
In other words, the answer is due to layers 8 and 9, and nothing
technical....
-derek
daw@mozart.cs.berkeley.edu (David Wagner) writes:
> Arnold G. Reinhold wrote:
> >If I am right and WPA needlessly
> >introduces a significant denial of service vulnerability, then it
> >should be fixed. If I am wrong, no change is needed of course.
>
> But TKIP (the part of WPA you're talking about) is only a
> temporary measure, and will soon be replaced by AES-CCMP.
>
> The question is not "Should we replace TKIP?", because the
> answer to that is obvious: "Yes, we should, and we will".
> Th question is: "Why bother working on a `fix' to WPA that
> will likely never be deployed and that will be obsoleted
> in a few years by the spread of AES-CCMP?".
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
--
Derek Atkins
Computer and Internet Security Consultant
derek@ihtfp.com www.ihtfp.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
