Re: WLAN security article in IEEE Internet Computing

From: George Ou (533george_ou234_at_netzero234.com)
Date: 09/27/03 

Date: Sat, 27 Sep 2003 05:24:25 GMT

On Fri, 26 Sep 2003 16:11:53 +0300, "Panu Hämäläinen"
<panu.hamalainen@NOSPAM.tut.fi.invalid> wrote:

>I just read the article "WLAN Security: Current and Future" in the recent
>issue of IEEE Internet Computing. There was an interesting paragraph in it:
>
> "AES does, however, have a few drawbacks. If
> the next generation of WEP uses AES, it will be a
> huge undertaking for a company to replace all of
> its existing WLAN APs and other equipment in
> order to be compatible with the new standard. The
> use of a large key size (at minimum 128 bits) also
> means client devices will need extra processing
> power to encrypt and decrypt it. This could slow
> down the devices and ultimately disturb many
> users, but the outcome remains to be seen. AES
> will also require considerably more power consumption
> than most existing WLAN cards provide.
> Users fearing extra drain on their mobile devices
> (laptops, handhelds, and so on) have continually
> dismissed the idea of increasing WLAN cards'
> power consumption."
>
>So AES is too heavy and power-hungry for portable devices? ;)
>
>Regards, Panu
>

Yes that is somewhat accurate. WiFi equipment would have to be
upgraded. This is because current WiFi implementations use 40 or 112
bit RC4 encryption. It almost makes no difference in CPU resources
when WEP RC4 112 is implement versus no WEP.

While AES is by most standards employs a very efficient algorithm, it
is slow compared to RC4.

WPA offers most of the security benefits of 802.11i, with it's TKIP
and 802.1x PEAP or EAP-TLS authentication implemented. A properly
implemented RC4 112-bit algorithm is pretty good and there are no
known weaknesses of the new WPA standard. WPA2 will be full blown
802.11i replacing RC4 with AES. What will probably happen is that
more powerful systems can use WPA2 meeting the 802.11i specs while
less powerful devices like Pocket PCs will use WPA. WPA fixes all the
weaknesses of WEP without a hit on CPU performance.

George Ou
http://www.LANArchitect.net

Relevant Pages

  • Re: Whats the real scoop on wireless security?
    ... have said in the first place, since "nonsense" has an overly hostile ... we were talking about the security of WPA. ... or WEP at all, the user would still need to pick a strong shared key. ... AES to learn why I am so confident. ...
    (microsoft.public.security)
  • Re: RC4, With Homebrew MAC...
    ... Though MD5 and SHA-1 would be faster than AES I think AES in CTR ... RC4 is shown to be very fast here because the machine I ran this on ... > your software discard some of the first outputs of the stream. ... > About your MAC, literature says that is not easy to get a good MAC ...
    (sci.crypt)
  • Re: Generate a one-time pad from say a 256bit key?
    ... a laptop with a 160GB hard drive. ... consider RC4 insecure because of it? ... As you point out, AES, the suggested alternative, is slow. ... are going to go to war based on whether or not the contents are Persian or ...
    (sci.crypt)
  • Re: RC4 on AMD64
    ... > Tom St Denis wrote: ... RC4 in hardware is just as insecure as RC4 in software??? ... AES is actually a simpler algorithm. ...
    (sci.crypt)
  • Re: Designing a secure message format
    ... which would be used to decrypt a message header, ... additional information needed to decrypt the body of the message. ... RC4 is very easy to program, ... Given that you will have 3DES and/or AES available, ...
    (sci.crypt)