In article <[EMAIL PROTECTED]>,
Greg Rose <[EMAIL PROTECTED]> wrote:
>As Perry points out, you need integrity protection anyway, whether using
>RC4 or not. But I'd like to point out that this is one of the few things
>*not* really wrong with WEP. Remember that the signal is being send using
>DSSS (Direct sequence spread spectrum, similar to CDMA digital phones) and
>the chances of an attacker being able to change just one bit, or a targeted
>selection of bits, in a message, is essentially zero.
Of course it's difficult to modify a message while it's in transit.
However, WEP does not prevent replay attacks, so it is possible to
replay a previously transmitted frame with appropriate modifications.
Some people have also suggested tricks to me that can ensure that the
original message never gets received, if that is a concern. I stand by
the claim that integrity protection is important in a protocol such as
WEP.
- Nikita
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
