A security weakness in the encryption standard used within IEEE-based wireless LANs – dubbed Wi-Fi – has been uncovered.
Apple exploits the standard in its AirPort wireless networking solution. Now, three code experts have identified a way of attacking the encryption used when transferring files across Wi-Fi networks.
In a paper entitled "Weaknesses in the key scheduling algorithm of RC4", the authors detail several ways to uncover patterns in packets of information passing over wireless LANs. These can be used to figure out the encryption "key" and the number used to scramble the data being transmitted. Once the key is recovered, it can be used to decrypt the messages.
The authors say using a longer key, one of 128 bits compared to the current WEP standard of 40 bits, does not make it significantly harder for attackers to uncover the process.
Industry group, The Wireless Ethernet Compatibility Alliance (WECA), said enterprise users should continue to use WEP because only skilled cryptoanalysts would be able to attack the weakness.
In addition, many wireless-LAN vendors have introduced proprietary encryption schemes because of the known weaknesses in WEP, according to David Cohen, WECA's chairman. However, these schemes don't work in unison.
The authors of the document are Adi Shamir co-inventor of the widely-used RSA public key encryption system, Itsik Mantin, a computer science student at the Weizmann Institute, and Scott Fluhrer, a cryptographer with Cisco Systems. The full document is available for download.