Wireless Security
802.11 Wireless Security
In collaboration with
Nikita Borisov and
Ian Goldberg,
I have done some research on wireless security.
Here are some pointers to further information:
- 802.11
security FAQ
- A summary of our results on 802.11 WEP.
- Intercepting
Mobile Communications: The Insecurity of 802.11
- Our technical paper, published at MOBICOM 2001 and containing
full details on our results.
(Also available in
postscript.)
- Wireless
Security
- The slides for a talk I gave at the FCC.
(Also available in other formats, and in a streaming RealVideo
archive; see
here.)
- The history
of 802.11 security
- Bill Arbaugh's summary of research in this area.
-
Ars Technica's Wireless Security Blackpaper
- A nice technical survey of some short-term defensive measures.
-
Info Security Magazine on Wireless Security
- A nice high-level overview on best practices and policies
for securing your 802.11 wireless networks.
- Security
flaws in 802.11 data link protocols
- A technical paper, published in Communications of the ACM and
containing details on revisions to the 802.11 standards for security.
Includes a discussion of TKIP (found in WPA) and CCMP (to appear in
802.11i), which are replacements for the broken WEP scheme.
Cellphone Security
I've also done work on cellphone security, and the following
links will give you some further information:
- Flaws in US digital
cellphones identified
- A non-technical summary of our public announcement on US digital phones.
- Cryptanalysis of the Cellular Message Encryption Algorithm
- A technical paper, published at CRYPTO '97 and containing
some details on the flaws in dialed-digit privacy in US digital cellphones.
- Cryptanalysis of ORYX
- A technical paper, published at SAC '98 and containing
details on the flaws in data privacy in US digital cellphones.
- Flaws in
GSM cellphones identified
- A non-technical summary of our public announcement on European
GSM phones.
- GSM Cloning
- A slightly more technical overview of our results on GSM cloning.
- Real Time Cryptanalysis of A5/1 on a PC.
- A technical paper, published at FSE 2000 and containing
details on the flaws in the voice privacy in GSM phones.
My work on cellphone security is joint work with a number of authors;
for more detail, please see
the full citations
for these papers.
Sensor Network Security
Currently, I am studying
security of sensor networks and network-embedded devices.
More information can be found on
our project's site.
Sponsors
My work on 802.11 wireless research
is funded through generous support from a NSF
ITR
award.
Work on cellular security was supported by
a NSF Graduate Fellowship and other sources.
David Wagner,
daw@cs.berkeley.edu,
http://www.cs.berkeley.edu/~daw/.