By Sean Fisk
Not a new technology Inherently insecure In recent years, increased popularity
Symmetric key Public key
Only known type until 1976 Shared secret Secure exchange
Block cipher Fixed length Joining protocols Stream cipher Variable length
Public key Diffie and Hellman in 1976 Message is encrypted with public key Can only be decrypted with private key
Computational complexity of mathematical problems Diffie-Hellman Discrete logarithm problem Rivest, Shamir, and Adleman (RSA) Integer factorization problem
Public key encryption is much slower than symmetric key encryption Diffie-Hellman Key Exchange protocol
“The main intention of the WEP was not to provide a level of security superior to or higher than that of a wired LAN, but equivalent to it.” (Bulbul, Batmaz and Ozel)
Rivest’s Cipher 4 (RC4) 64-bit 40-bit WEP key 24-bit Initialization Vector Cyclic Redundancy Code (CRC)
CRC not intended for message integrity Key too short Key as direct input to cipher Initialization vector Interesting values
Run on same hardware Temporal Key Integrity Protocol (TKIP) Still uses RC4 cipher 128-bit key Message Integrity Code replaces CRC Exstensible Authentication Protocol Uses public key encryption
Continuation of RC4 cipher First few bytes are strongly non-random (Fluhrer, Mantin, Shamir)
Also known as WPA2 Advanced Encryption Standard Joined with CCMP Continues use of EAP
Data Encryption Standard Advanced Encryption Standard Standardized by National Institute of Standards and Technology (NIST)
Symmetric, block cipher 56-bit key Feistel function “In 1999, the Electronic Frontier Foundation’s ‘Deep Crack’ machine, in combination with distributed.net, successfully solved RSA’s DES Challenge III in 22 hours and 15 minutes.” (RSA Labs) Triple DES
Public competition 5 year process 15 ciphers Winner: Rijndael by Daemen and Rijmen Symmetric, block cipher 128, 192, or 256-bit key
End-to-end encryption Trusted endpoints Wireless hotspots
Bulbul, Halil Ibrahim, Ihsan Batmaz and Mesut Ozel. "Wireless network security: comparison of WEP (Wired Equivalent Privacy) mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) security protocols dlaverty. WPA vs WPA2 (802.11i): How your Choice Affects your Wireless Network Security. Fluhrer, Scott, Adi Shami and Itsik Mantin. Weaknesses in the Key Scheduling Algorithm of RC4. Masadeh, S.R., et al. "A comparison of data encryption algorithms with the proposed algorithm: Wireless security.“ National Institute of Standards and Technology. "FIPS Advanced Encryption Standard.“ RSA Labs January 2011.