---------- Forwarded message ---------- Date: Mon, 6 Aug 2001 01:18:30 -0400 From: Monty Solomon <monty@roscom.com> To: undisclosed-recipients: ; Subject: Cipher attack delivers heavy blow to WLAN security Cipher attack delivers heavy blow to WLAN security By Patrick Mannion EE Times (08/04/01, 12:49 p.m. EST) MANHASSET, N.Y. - A new report dashes any remaining illusions that 802.11-based (Wi-Fi) wireless local-area networks are in any way secure. The paper, written by three of the world's foremost cryptographers, describes a devastating attack on the RC4 cipher, on which the WLAN wired-equivalent privacy (WEP) encryption scheme is based. The passive network attack takes advantage of several weaknesses in the key-scheduling algorithm of RC4 and allows almost anyone with a WLAN-enabled laptop and some readily available "promiscuous" network software to retrieve a network's key - thereby gaining full user access - in less than 15 minutes. http://www.eetimes.com/story/OEG20010803S0082 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com