"the net"... campus-type links, and conceptualizing remote data

[Dave Farber <dave () farber net>]

Begin forwarded message:

> From: "David P. Reed" <dpreed () reed com>
> Date: September 16, 2009 11:53:54 EDT
> To: dave () farber net
> Cc: ip <ip () v2 listbox com>
> Subject: Re: [IP] "the net"... campus-type links, and  
> conceptualizing remote data

> Steve Bellovin's note makes my points exactly.   But to be as secure  
> as a "wire" is a very low bar.  Wired ethernet was not secure in any  
> sense.  Easy to tap, either by becoming promiscuous or by simple  
> drop-in device plugged transparently between hub/switch and target.
>
> The presence or absence of "security" in the 802.11 suite merely  
> presented a marketing checkbox, one that was essentially a fib (lie  
> is perhaps too strong).
>
> IMO, which may not be shared, the obsession of the crypto-heads with  
> improving WEP's prefix and so forth was a diversion.  Even WPA is  
> horrendously weak against pen-testers, because it doesn't fit into  
> real threat models almost all of the time.  (strong crypto  
> algorithms don't solve problems, they just move the attacker to the  
> next weakest point of the system, while confusing the security  
> "professionals", who got their "certification" from a summer course  
> at a vendor, into thinking they are "secure").
>
>
> On 09/15/2009 10:26 PM, David Farber wrote:
> > Begin forwarded message:
> >
> > From: "Steven M. Bellovin" <smb () cs columbia edu>
> > Date: September 15, 2009 8:23:14 PM EDT
> > To: dave () farber net
> > Subject: Re: [IP] Re: "the net"... campus-type links, and  
> > conceptualizing remote data
> >
> > The 802.11 WEP protocol is a security disaster.  Even in the  
> > climate of
> > the early 1990s -- and WEP uses RC4, which if I recall correctly  
> > didn't
> > come about until circa 1994 -- it has a number of serious, and mostly
> > avoidable, mistakes.  Put bluntly, it was badly designed in ways that
> > were avoidable even with the knowledge and the outlook of the time.
> > And as someone who was doing security and crypto back then, I'm very
> > well aware of the attitudes towards security prevailing then.
> >
> > WEP has three serious weaknesses; two of them were avoidable, even
> > given its goals and the knowledge of the time.
> >
> > The problem that has gotten the most attention is the cryptographic
> > weakness of RC4, especially against related key attacks.  This was  
> > not
> > knowable then.  Indeed, given its efficiency, it would have seemed a
> > natural choice.
> >
> > However -- and this certainly was knowable -- RC4 is a stream cipher,
> > and as such a fundamentally bad choice for encrypting datagrams.
> > I'll skip the details; see the 2001 paper by Borisov, Goldberg, and
> > Wagner on 802.11 insecurity.  Basically, though, this was a very
> > avoidable mistake.
> >
> > The biggest problem, though, is the lack of key management, which in
> > turn stems from lack of much consideration of an operational model.
> > How, in an organization of any size, can you simultaneously roll  
> > all of
> > the keys?  I'll also note that the lack of key management exacerbates
> > the other two problems.  I'm told that omitting key management was an
> > explicit design decision by the committee, because it wasn't their
> > problem; on the other hand, they also omitted the usual  
> > accommodations
> > to a key management protocol, such as an over-the-wire keyID.
> >
> >
> >
> >
> > -------------------------------------------
> > Archives: https://www.listbox.com/member/archive/247/=now
> > RSS Feed: https://www.listbox.com/member/archive/rss/247/
> > Powered by Listbox: http://www.listbox.com



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com