Lecture 11

In this lecture we continued our discussion of “crypto pitfalls”, focusing on several case studies that I hope you found interesting. As examples of bad crypto, we covered the flaws in WEP and the gross mistakes in the Diebold e-voting system. We also highlighted the recent attack on SSH as an example of where even the best crypto can potentially be “broken” when the system does not match the ideal model in which security is proved.

At the end of class, we looked at the recent “cold boot” attacks that demonstrate how crypto is worthless if the adversary can extract the keys.

I was planning on covering timing/power attacks in today’s lecture, but will pick up with this next time. Then we will move on the a few lectures on “system security”.

I’d love to hear people’s reactions to the articles, once you have read them.


2 Responses to “Lecture 11”

  1. Josh Wright Says:

    This is kind of related to the WEP attack, but recently TKIP was weakened. The new attack builds on an older attack by generalizing it to affect more access points(not just those employing QoS). Basically the attack works by knowing that much of the structure of short TCP/IP packets is static, like ARP and DNS requests. Using lots of fancy math and terminology, the attackers were able to decrypt short packets and recover the key stream in use and reuse that key stream to inject traffic into the WLAN. The older attack(Beck-Tews) is currently in beta testing in the aircrack-ng suite(tkiptun-ng for those with cards that work in monitor mode).

    Old attack: http://dl.aircrack-ng.org/breakingwepandwpa.pdf

    New attack: http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf

  2. jonkatz Says:

    Thanks for the pointer!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: