Google

Subject: WLAN/ Response of WEP Security

Subject: WLAN/ Response of WEP Security

Contact:[email protected]

Subject: WLAN/ Response of WEP Security
Importance: High

Response from the IEEE 802.11 Chair on WEP Security


Recent reports in the press have described the results of certain
research efforts directed towards determining the level of security
achievable with the Wired Equivalent Privacy algorithm in the IEEE
802.11 Wireless LAN standard. While much of the reporting has been
accurate, there have been some misconceptions on this topic that are now
spreading through the media. Befitting the importance of the issue, I am
inclined to make a response from the Chair to clarify these issues with
the following points:

1. Contrary to certain reports in the press, the development of WEP as
an integral part of the IEEE 802.11 standard was accomplished through a
completely open process. Like all IEEE 802 standards activities,
participation is open to all interested parties, and indeed the IEEE
802.11 committee has had a large and active membership.

2. The acronym WEP stands for Wired Equivalent Privacy, and from the
outset the goals for WEP have been clear, namely to provide an
equivalent level of privacy as is ordinarily present with a wired LAN.
Wired LANs such as IEEE 802.3 (Ethernet) are ordinarily protected by the
physical security mechanisms within a facility (such as controlled
entrances to a building), and the IEEE wired LAN standards do not
incorporate encryption. Wireless LANs are not necessarily protected by
physical security, and consequently to provide an equivalent level of
privacy it was decided to incorporate WEP encryption into the IEEE
802.11 standard. However, recognizing that the level of privacy afforded
by physical security in the wired LAN case is limited, the goals of WEP
are similarly limited. WEP is not intended to be a complete security
solution, but, just as with physical security in the wired LAN case,
should be supplemented with additional security mechanisms such as
access control, end-to-end encryption, password protections,
authentication, virtual private networks, and firewalls, whenever the
value of the data being protected justifies such concern.

3. Given the goals for Wired Equivalent Privacy, WEP has been, and
continues to be, a very effective deterrent against the vast majority of
attackers that might attempt to compromise the privacy of a wireless
LAN, ranging from casual snoopers to sophisticated hackers armed with
substantial money and resources.

4. The active attacks on WEP reported recently in the press are not
simple to mount. They are attacks, which could conceivably be mounted
given enough time and money. The attacks in fact appear to require
considerable development resources and computer power. It is not clear
at all whether the payoff to the attacker after marshalling the
resources to mount such an attack would necessarily justify the expense
of the attack, particularly given the presence of cheaper and simpler
alternative attacks on the physical security of a facility. Key
management systems also reduce the window of these attacks succeeding.

5. In an enterprise or other large installation, the complete set of
security mechanisms typically employed in addition to WEP would make
even a successful attack on WEP of marginal value to the attacker.

6. In a home environment, the likelihood of such an attack being mounted
is probably negligible, given the cost of the attack versus the typical
value of the stolen data.

7. IEEE 802.11 is currently working on extensions to WEP for
incorporation within a future version of the standard. This work was
initiated in July 1999 as Task Group E, with the specific goal of
strengthening the security mechanisms so as to provide a level of
security beyond the initial requirements for Wired Equivalent Privacy.
The enhancements currently proposed are intended to counter extremely
sophisticated attacks, including those that have been recently reported
on in the press. In addition it needs to be noted that the choice of
encryption algorithms by IEEE 802.11 are not purely technical decisions
but they are limited by government export law restrictions as well.

8. Certain reports in the press have implied that frequency hopping
wireless LAN systems would be less vulnerable to security attacks than
other wireless LANs. This is not true given that in such frequency
hopping systems the hopping codes and timings are unencrypted and
consequently are easily available to an attacker.

9. By far the biggest threat to the security of any wireless LAN is the
failure to use the protection mechanisms that are available, including
WEP. Any IEEE 802.11 installation where data privacy is a concern should
use WEP.

I would like to thank the following long serving members of the IEEE
802.11 Working Group, and those Wireless Ethernet Compatibility Alliance
members, for their efforts in assisting me in drafting this response
from the Chair to this important issue:.

Vic Hayes, IEEE 802.11 member & ex-IEEE 802.11 Chair 
Al Petrick, IEEE 802.11 WG Vice-Chair 
Harry Worstell, IEEE 802.11 WG Vice Chair 
John Fakatselis, IEEE 802.11 Task Group E Chair & TGE QoS Sub-Group
Chair 
Dave Halasz, IEEE 802.11 TGE Security Sub-Group Chair 
Matthew Shoemake, IEEE 802.11 Task Group G Chair 
Phil Belanger, WECA Chairman & IEEE 802.11 member 
Greg Ennis, WECA Technical Director & IEEE 802.11 member.

Stuart J. Kerry
Chair, IEEE 802.11 , Standards Working Group for Wireless Local Area
Networks.
http://www.ieee802.org/11 


Back to the Index