WEPplus from Agere

Solutions Links: Point to MultiPoint; Point to Point; Network Optimizers; WiMax; White Papers
White Paper Links: 60-GHz Performance Characteristics; Using 2.4 GHz; Radio Primer; Understanding Decibels; Using External Amplifiers and Antennas; Planning a Microwave Link; Benefits of 60 GHz; WEPplus
from Agere; Waterproofing Connectors; IEEE 802.11 Tutorial; IEEE 802.11 DSSS

By Michael F. Young
Former President and CTO (YDI Wireless)

There have been growing concerns about over-the-air security of existing 802.11b Wireless LAN systems. With the number of these systems growing both indoors and out in a wide range of networks and applications, the need to provide security that meets the needs of a wide variety of customers is great. Much attention has been focused on the fact that the Wired Equivalent Privacy (WEP) encryption defined by IEEE 802.11 is not an "industrial strength" encryption protocol.

With the introduction of the Linux AirSnort software package, which is designed to allow passive monitoring of a WLAN, it is easy to mount passive attacks with a laptop computer and a WLAN card. Now its possible for almost anyone to attack and decode the WEP key, even a 128-bit WEP encrypted system. Once they have the WEP key, they can easily join a WEP protected wireless network. While an unauthorized use of a WEP protected network is of concern, it should be noted that other means of network protection do exist. Obtaining the WEP key does not necessarily mean that complete network access is available. WEP is a MAC layer security protocol and other security protocols exist at higher levels, such as at the network layer and the transport layer like VPNs (Virtual Private Networks). Agere recognized the over-the-air security concerns of Wireless LAN products. To add to this security, they created WEP-Plus.

With the release of the firmware version 8.xx in the Agere WLAN card in mid-2002, WEPplus is now available. WEPplus reduces the vulnerability of the Wireless LAN to the "Weak Key" method of attack that AirSnort and other programs use to break the key.

The enhancement that the Agere WEPplus implementation provides is as follows:

The key that is input to the WEP RC4 encryption algorithm consists of the secret key configured by the user (or via 802.1x) concatenated with the IV (Initialization Vector). The IV is determined by the transmitting station and needs to vary per transmitted frame. By excluding certain IV values that would create the so-called "weak keys", the weakness of WEP as described in "Weaknesses in the Key Scheduling Algorithm of RC4" by Scott Fluhrer, Itsik Mantin and Adi Shamir, and demonstrated through the AirSnort program, are avoided.

Note that, as the IV is always determined by the transmitting station, there is no impact on interoperability. Stations / Access Points (AP's) with weak key avoidance implemented can interoperate with stations / AP's that do not have this. Of course, protection against this attack is provided only if all stations and AP's implement this new scheme.

The Agere WEPplus implementation provides complete inter-operability with all Wi-Fi compliant Wireless LAN products, offering complete interoperability of Wireless LAN equipment across different vendors. If WEP is enabled on any device (AP, client, EtherAnt-II, etc) with an Agere/Diamond WLAN card and that card is talking to another Agere/Diamond WLAN card running also version 8.xx or higher, the WEP-Plus will automatically be enabled. If the other device is not an Agere card, then the Agere card is smart enough to talk to it using standard WEP. All this happens automatically with no input from the user (other than just enabling WEP.)

In conclusion, when an Agere WLAN device or infrastructure product, is used in a Wireless network exclusively, it allows the user to deploy a higher level of security than used with the standard WEP. It will protect a network against attacks using the current version of the AirSnort software.

It is expected that new methods of attack of Wireless LAN's will appear over time, over and above the existing AirSnort software. Agere says that they will monitor these new methods and will continue to develop enhancements to the security in Wireless LAN's, both as part of industry-wide initiatives and internal software development.

References:

Orinoco WEPPLus White Paper, October 2001
Brewer, Borisov, et al, "802.11 Security", http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
Walker, Jesse, "Unsafe at any Key Size: an analysis of the WEP encapsulation, November 2000"
Fluhrer, Mantin, Shamir, "Weaknesses in the Key Scheduling Algorithm of RC4", August 2001.
http://sourceforge.net/projects/airsnort

Return to White Papers.


WEPplus from Agere
Search Site Advanced Search Solutions Links Point to MultiPoint Point to Point Network Optimizers WiMax White Papers White Paper Links 60-GHz Performance Characteristics Using 2.4 GHz Radio Primer Understanding Decibels Using External Amplifiers and Antennas Planning a Microwave Link Benefits of 60 GHz WEPplus from Agere Waterproofing Connectors IEEE 802.11 Tutorial IEEE 802.11 DSSS	By Michael F. Young Former President and CTO (YDI Wireless) There have been growing concerns about over-the-air security of existing 802.11b Wireless LAN systems. With the number of these systems growing both indoors and out in a wide range of networks and applications, the need to provide security that meets the needs of a wide variety of customers is great. Much attention has been focused on the fact that the Wired Equivalent Privacy (WEP) encryption defined by IEEE 802.11 is not an "industrial strength" encryption protocol. With the introduction of the Linux AirSnort software package, which is designed to allow passive monitoring of a WLAN, it is easy to mount passive attacks with a laptop computer and a WLAN card. Now its possible for almost anyone to attack and decode the WEP key, even a 128-bit WEP encrypted system. Once they have the WEP key, they can easily join a WEP protected wireless network. While an unauthorized use of a WEP protected network is of concern, it should be noted that other means of network protection do exist. Obtaining the WEP key does not necessarily mean that complete network access is available. WEP is a MAC layer security protocol and other security protocols exist at higher levels, such as at the network layer and the transport layer like VPNs (Virtual Private Networks). Agere recognized the over-the-air security concerns of Wireless LAN products. To add to this security, they created WEP-Plus. With the release of the firmware version 8.xx in the Agere WLAN card in mid-2002, WEPplus is now available. WEPplus reduces the vulnerability of the Wireless LAN to the "Weak Key" method of attack that AirSnort and other programs use to break the key. The enhancement that the Agere WEPplus implementation provides is as follows: The key that is input to the WEP RC4 encryption algorithm consists of the secret key configured by the user (or via 802.1x) concatenated with the IV (Initialization Vector). The IV is determined by the transmitting station and needs to vary per transmitted frame. By excluding certain IV values that would create the so-called "weak keys", the weakness of WEP as described in "Weaknesses in the Key Scheduling Algorithm of RC4" by Scott Fluhrer, Itsik Mantin and Adi Shamir, and demonstrated through the AirSnort program, are avoided. Note that, as the IV is always determined by the transmitting station, there is no impact on interoperability. Stations / Access Points (AP's) with weak key avoidance implemented can interoperate with stations / AP's that do not have this. Of course, protection against this attack is provided only if all stations and AP's implement this new scheme. The Agere WEPplus implementation provides complete inter-operability with all Wi-Fi compliant Wireless LAN products, offering complete interoperability of Wireless LAN equipment across different vendors. If WEP is enabled on any device (AP, client, EtherAnt-II, etc) with an Agere/Diamond WLAN card and that card is talking to another Agere/Diamond WLAN card running also version 8.xx or higher, the WEP-Plus will automatically be enabled. If the other device is not an Agere card, then the Agere card is smart enough to talk to it using standard WEP. All this happens automatically with no input from the user (other than just enabling WEP.) In conclusion, when an Agere WLAN device or infrastructure product, is used in a Wireless network exclusively, it allows the user to deploy a higher level of security than used with the standard WEP. It will protect a network against attacks using the current version of the AirSnort software. It is expected that new methods of attack of Wireless LAN's will appear over time, over and above the existing AirSnort software. Agere says that they will monitor these new methods and will continue to develop enhancements to the security in Wireless LAN's, both as part of industry-wide initiatives and internal software development. References: Orinoco WEPPLus White Paper, October 2001 Brewer, Borisov, et al, "802.11 Security", http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html Walker, Jesse, "Unsafe at any Key Size: an analysis of the WEP encapsulation, November 2000" Fluhrer, Mantin, Shamir, "Weaknesses in the Key Scheduling Algorithm of RC4", August 2001. http://sourceforge.net/projects/airsnort Return to White Papers. home \| customers \| solutions \| corporate \| news \| support \| partners \| contact us
© 2004 Terabeam Wireless. All rights reserved.


	Terabeam Wireless > Solutions > White Papers > WEPplus from Agere
: Home : Customers : Solutions : Corporate : News : Support : Training : Partners : Contact Us

WEPplus from Agere

By Michael F. Young Former President and CTO (YDI Wireless)

References:

By Michael F. Young
Former President and CTO (YDI Wireless)