802.11 Wireless Security
In collaboration with
Nikita Borisov and
I have done some research on wireless security.
Here are some pointers to further information:
- A summary of our results on 802.11 WEP.
Mobile Communications: The Insecurity of 802.11
- Our technical paper, published at MOBICOM 2001 and containing
full details on our results.
(Also available in
- The slides for a talk I gave at the FCC.
(Also available in other formats, and in a streaming RealVideo
- The history
of 802.11 security
- Bill Arbaugh's summary of research in this area.
Ars Technica's Wireless Security Blackpaper
- A nice technical survey of some short-term defensive measures.
Info Security Magazine on Wireless Security
- A nice high-level overview on best practices and policies
for securing your 802.11 wireless networks.
flaws in 802.11 data link protocols
- A technical paper, published in Communications of the ACM and
containing details on revisions to the 802.11 standards for security.
Includes a discussion of TKIP (found in WPA) and CCMP (to appear in
802.11i), which are replacements for the broken WEP scheme.
I've also done work on cellphone security, and the following
links will give you some further information:
My work on cellphone security is joint work with a number of authors;
for more detail, please see
the full citations
for these papers.
- Flaws in US digital
- A non-technical summary of our public announcement on US digital phones.
- Cryptanalysis of the Cellular Message Encryption Algorithm
- A technical paper, published at CRYPTO '97 and containing
some details on the flaws in dialed-digit privacy in US digital cellphones.
- Cryptanalysis of ORYX
- A technical paper, published at SAC '98 and containing
details on the flaws in data privacy in US digital cellphones.
- Flaws in
GSM cellphones identified
- A non-technical summary of our public announcement on European
- GSM Cloning
- A slightly more technical overview of our results on GSM cloning.
- Real Time Cryptanalysis of A5/1 on a PC.
- A technical paper, published at FSE 2000 and containing
details on the flaws in the voice privacy in GSM phones.
Sensor Network Security
Currently, I am studying
security of sensor networks and network-embedded devices.
More information can be found on
our project's site.
My work on 802.11 wireless research
is funded through generous support from a NSF
Work on cellular security was supported by
a NSF Graduate Fellowship and other sources.