In this lecture we continued our discussion of “crypto pitfalls”, focusing on several case studies that I hope you found interesting. As examples of bad crypto, we covered the flaws in WEP and the gross mistakes in the Diebold e-voting system. We also highlighted the recent attack on SSH as an example of where even the best crypto can potentially be “broken” when the system does not match the ideal model in which security is proved.
At the end of class, we looked at the recent “cold boot” attacks that demonstrate how crypto is worthless if the adversary can extract the keys.
I was planning on covering timing/power attacks in today’s lecture, but will pick up with this next time. Then we will move on the a few lectures on “system security”.
I’d love to hear people’s reactions to the articles, once you have read them.
October 8, 2009 at 2:58 pm |
This is kind of related to the WEP attack, but recently TKIP was weakened. The new attack builds on an older attack by generalizing it to affect more access points(not just those employing QoS). Basically the attack works by knowing that much of the structure of short TCP/IP packets is static, like ARP and DNS requests. Using lots of fancy math and terminology, the attackers were able to decrypt short packets and recover the key stream in use and reuse that key stream to inject traffic into the WLAN. The older attack(Beck-Tews) is currently in beta testing in the aircrack-ng suite(tkiptun-ng for those with cards that work in monitor mode).
Old attack: http://dl.aircrack-ng.org/breakingwepandwpa.pdf
New attack: http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf
October 12, 2009 at 8:41 pm |
Thanks for the pointer!